last executing test programs:

3.262372692s ago: executing program 1 (id=362):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r4}, 0x18)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

2.66453094s ago: executing program 4 (id=368):
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=@base={0x21, 0x0, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x0, 0x200000000000000, @void, @value, @void, @value}, 0x48)

2.6253861s ago: executing program 4 (id=370):
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESOCT], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
r1 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001c00)={0x3, 0x3e, &(0x7f0000000440)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r4}, 0x10)
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000}, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000180)='pids.current\x00', 0x0, 0x0)

2.000115657s ago: executing program 1 (id=375):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba9432})
readv(r2, &(0x7f0000000080)=[{&(0x7f0000000040)=""/14, 0xe}], 0x1)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

1.794901437s ago: executing program 2 (id=378):
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000000), &(0x7f0000048000), 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000200)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@nouid32}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xa, 0x13, 0x20, 0xbc, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x33, &(0x7f0000001300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x764}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @alu={0x7, 0x0, 0x0, 0x7, 0x2, 0x8, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @generic={0x2, 0xf, 0x8, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x534d}, @map_val={0x18, 0x3, 0x2, 0x0, r0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000480)='syzkaller\x00', 0x1, 0xe0, &(0x7f00000004c0)=""/224, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x7d}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0x1d, 0xa, 0xa, 0x0, 0x0, 0x61, 0x10, 0x10}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000012c0)={r1, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xe, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000006b8a00fe00000000c7080000010000007b8af0ff00000000bda100000000000007000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000fa18230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000001a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x2, 0x300)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000000), &(0x7f0000000200)}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)

1.694429196s ago: executing program 1 (id=379):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000040), 0x281, 0x0)
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x2000006, 0x6}, 0x0, 0x3, 0x4, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000280)={[{@i_version}]}, 0x9, 0x545, &(0x7f0000001500)="$eJzs3UFvG1kdAPC/J4mT7WY3LewBVkALLBRU1W7c3Wq1F7YXEFqthEAcEIduSNwo1K5D7Kw2IRLZzwAHrvAR9oDEAWlPHLhxROKAkJYDUoEI1CCBZDTjcdZNnNRtHLvEv580mnnzPPN/L/XMm3njzgtgYl2JiN2IKEbEOxGxkK8v5FO82ZnSzz3c21ne39tZLkS7/Z2/F7L8dF30bJN6Pt/nXER8+xsRPygcjdvc2r63VKtVN/J0uVVfLze3tq+v1ZdWq6vTUancWrx14/Wbr1Wy/GQIdb1c/+DB19fe+u5vfv3Zj36/+9Ufp8Waz/N66zFMnarPHMRJTUfEW2cRbAym8nlxzOXg6aTH1Sci4gvZ8b8QU9m3EwA4z9rthWgv9KYBgPMuyfrACkkp7wuYjyQplTp9eC/FhaTWaLau3W1s3l/p9JVdjJnk7lqteuPS7B9/lF0xzBTS9GKWl+Vn6cqh9M2IuBQRP5t9LkuXlhu1lfFd9gDARHv+UPv/r9lO+z+APk/1AID/G3PjLgAAMHLafwCYPNp/AJg8A7T/+cP+3TMvCwAwGk9w/z+M93AAAM8A/f8AMHm0/wAwUb719tvp1N7P33+98u7W5r3Gu9dXqs17pfrmcmm5sbFeWm00VrN39tQft79ao7G++GpsvlduVZutcnNr+069sXm/dSd7r/ed6sxIagUAnOTS5Q//UIiI3Teey6boGctBWw3nm9/zwOTyEj+YXEb7gsk1+D3+7860HMD49L0PmOu7+KifP0EQvzOCZ8rVTw/e/2+MZzhf9P/D5Jp6qq1mh14OYPT0/8PkarcLh8f8Lx5kAQDn0il+49/+ybAuQoCxOvL8/9CDgaE8/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBzZj4ifhiFpJQP+TEfSVIqRbwQERdjpnB3rVa9EREvxuWImJlN04vjLjQAcErJXwv5+F9XF16ZP5xbLPw7G+y/mLb++bqNxXT9Pw7Wz3aHD6t8vN0pxhUEAIbsvaVWa6OSz3tu5B/u7Sx3p1GW58Ht+G8+FPHy/t5ONnVypmM6m89l1xIX/lnI052xSF+OiKkhxN99PyI+1a/+haxv5GI+8mlv/MhjvzDS+Mkj8ZMsrzNPL74+OYSywKT58HZEvNnv+EviSjbvf/zPZWeo03twu7Oz7rlvf2+n2I3fPf9N9YmfHvNXBo3x6m+/eWRle6GT937Ey9OPxD84/3TjF46J/8qA8f/0mc/99GvH5LV/EXE1+sfvjVVu1dfLza3t62v1pdXqavV+pXJr8daN12++VilnfdTlbk/1UX9749qLx5Utrf+FY+LP9a1/8WDbLw1Y/1/+553vf/6E+F/5Yr/4SbzUN35H2iZ+ecD4Sxd+dezw3Wn8lWPq/7h//2sDxv/oL9srA34UABiB5tb2vaVarbpxqoX0LvTJt+reP5/wmTT7VCX8YO6xnyn2FP7PMYS/xrAWZp7qr/osLEwfXCsOd8/fO/nbciYLydBrcaqFh6OKNb5zEjAaHx/04y4JAAAAAAAAAAAAAABwnFH816Vx1xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDz638BAAD//1V8wiU=")
quotactl$Q_SETQUOTA(0xffffffff80000900, &(0x7f0000000c80)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000ee00"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0xfffffffffffffe14, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
r4 = gettid()
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x81}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfbd25000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
tkill(r4, 0x11)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000001c0)={<r6=>0x0, 0x10, 0x6}, &(0x7f0000000380)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000440)={r6, 0x7}, 0xc)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$BTRFS_IOC_SEND(r5, 0x40489426, &(0x7f0000000300)={{}, 0x3, &(0x7f0000000000)=[0x0, 0xfffffffffffffeff, 0x3ff], 0x8, 0x8, 0x1})
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000000c0)={'hsr0\x00', <r8=>0x0})
sendto$packet(r7, &(0x7f0000000180)="0b032d00e0ff25000200475400f6a13bb1000000080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r8}, 0x14)

1.693959256s ago: executing program 3 (id=380):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2}}, @union={0x0, 0x0, 0x0, 0xb, 0x0, 0x2}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
mbind(&(0x7f0000651000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000000)=0x9, 0x4, 0x0)
syz_clone3(&(0x7f0000000300)={0x4300, 0x0, 0x0, 0x0, {0x9}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x0], 0x1}, 0x58)

1.629537456s ago: executing program 4 (id=381):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000079e02200850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='thermal_zone_trip\x00', r0}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2ab, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', 0xffffffffffffffff, 0x0, 0x80000000000}, 0x18)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES64=r1], 0x13c}, 0x1, 0x0, 0x0, 0x4000}, 0x804)
r4 = syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x10d480)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='cgroup.freeze\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r5, 0x1000, {0x2a00, 0x80010000, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1ff03000000000000030000000000002000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c559265406c09306003d8002000", [0x0, 0x2]}})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r6}, 0x10)
mount_setattr(0xffffffffffffffff, 0x0, 0x1000, 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x121800, 0x0)
process_madvise(0xffffffffffffffff, &(0x7f00000003c0)=[{0xffffffffffffffff}], 0x22, 0x0, 0x0)

1.595878546s ago: executing program 3 (id=383):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000080))
write$cgroup_int(r1, &(0x7f0000000300)=0x4000000000000003, 0x12)
r3 = accept$inet(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, &(0x7f00000001c0)=0x10)
listen(r0, 0x8)
r4 = accept4(r0, 0x0, 0x0, 0x0)
sendto$inet(r4, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x3}, 0x8)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={0x1, <r5=>0xffffffffffffffff}, 0x4)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=0xffffffffffffffff, 0x4)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x6, 0x24, &(0x7f0000000600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xc799}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @ringbuf_query, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}, @ringbuf_query, @map_val={0x18, 0x5, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9}, @ldst={0x1, 0x2, 0x0, 0x2, 0x6, 0x2, 0x4}, @jmp={0x5, 0x0, 0x0, 0x2, 0x0, 0x10, 0x8}, @tail_call], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x1}}}, &(0x7f0000000500)='GPL\x00', 0x0, 0x26, &(0x7f0000000540)=""/38, 0x41000, 0x3, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x1, 0x2, 0x40, 0x2}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000780)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f00000007c0)=[{0x3, 0x2, 0xb, 0x7}, {0x5, 0x3, 0x0, 0x4}, {0x5, 0x1, 0xa, 0xc}], 0x10, 0x4, @void, @value}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0xc, 0xf, &(0x7f0000000240)=@raw=[@ldst={0x0, 0xa851b983cc066aa8, 0x4, 0xa, 0x9, 0xfffffffffffffffc, 0xfffffffffffffffc}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}], &(0x7f0000000340)='GPL\x00', 0x7, 0x97, &(0x7f0000000380)=""/151, 0x41000, 0x29, '\x00', 0x0, @fallback=0x13, r6, 0x8, &(0x7f0000000480)={0x0, 0x4}, 0x8, 0x10, &(0x7f00000004c0)={0x5, 0xe, 0xffff0b59, 0x7}, 0x10, 0xffffffffffffffff, r7, 0x1, &(0x7f0000000940)=[r8, r9, 0x1], &(0x7f0000000980)=[{0x4, 0x3, 0xe, 0xc430af5d28a7cd77}], 0x10, 0x8001, @void, @value}, 0x94)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000040)={<r10=>0x0, @in6={{0xa, 0x4e23, 0x8b12, @loopback, 0xb}}, [0x80, 0x7, 0x7fffffffffffffff, 0x1, 0x1ff, 0x204, 0x3, 0x8, 0x1, 0xffffffffffff8001, 0x1, 0x7, 0x5937, 0x7ff, 0x5]}, &(0x7f0000000140)=0x100)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000000580)={r10, 0x0, 0xe9}, &(0x7f00000005c0)=0x8)

1.516602946s ago: executing program 2 (id=384):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095", @ANYRESOCT], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x30, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0207000004000000060000000f0000e0ff0faa59", @ANYRES32, @ANYBLOB='\b\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) (async, rerun: 32)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84) (rerun: 32)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000440)={0x0, 0x1f, 0x10}, 0xc)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000d40)=ANY=[@ANYBLOB="0212"], 0x1028}}, 0x20000050)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r1, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000300)='\x00', 0x10e, &(0x7f0000000640)={[{@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2271}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x20002e}}, {@nodiscard}, {@block_validity}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP") (async)
chdir(&(0x7f0000000000)='./bus\x00')
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)
syz_open_procfs(0xffffffffffffffff, 0x0) (async)
accept4$bt_l2cap(0xffffffffffffffff, 0x0, 0x0, 0x800)
r4 = gettid()
process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r5}, 0x10)
timer_settime(0x0, 0x0, 0x0, 0x0) (async)
r6 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
write$tun(r6, 0x0, 0x0) (async, rerun: 32)
r7 = inotify_init() (rerun: 32)
r8 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) (async)
r9 = inotify_add_watch(r7, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(r8, &(0x7f0000000040)=ANY=[@ANYRES64=r9], 0x69) (async)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000800000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x26, 0xfb, 0x0, 0x8}]}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x10)

1.515523506s ago: executing program 4 (id=385):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r4}, 0x18)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

1.440416566s ago: executing program 0 (id=386):
r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x6, 0x0, 0x0, 0x0, &(0x7f0000001400)={0x0, 0x3938700}})
io_uring_enter(r0, 0x6b4d, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x0, 0x2, 0x7, 0x0, 0x0)

1.355173755s ago: executing program 2 (id=387):
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f00000000c0)='.\x00', 0xa4000061)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='pids.current\x00', 0x275a, 0x0)
r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
bind$packet(r1, &(0x7f0000000200)={0x11, 0x8, 0x0, 0x1, 0x2, 0x6, @local}, 0x14)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@generic={&(0x7f0000000040)='./bus\x00', 0x0, 0x20}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=@base={0x21, 0x0, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x0, 0x200000000000000, @void, @value, @void, @value}, 0x48)

1.288375185s ago: executing program 0 (id=388):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r1}, 0x10)
r2 = socket(0x10, 0x2, 0x0)
write(r2, &(0x7f0000000000)="240000001e005f80004000000000000002000000000000000000080008000100000000ff", 0x24)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000001000000ff"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280), 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r5}, 0x0, &(0x7f0000000040)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012000b0001006d616373656300000400028008000500", @ANYRESHEX=r2], 0x48}, 0x1, 0x0, 0x0, 0x4000885}, 0x200048d0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000640)=ANY=[@ANYBLOB="4400000010000d0400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000510000240012800b0001006272696467650000140015800500171bebb92c000500180000000000"], 0x44}}, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001800)={&(0x7f0000000580)='kfree\x00', r11}, 0x9)
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
r13 = dup(r12)
setsockopt$IPT_SO_SET_REPLACE(r13, 0x4000000000000, 0x4, 0x0, 0x28)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPCTNL_MSG_CT_NEW(r13, &(0x7f0000000840)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000800)={&(0x7f0000000880)=ANY=[@ANYBLOB="ec0000000001010400000000000000000100000924000480200002800c000340000000000000000105000100fb00000005000200b60000010800034000001004500001802c000180140003002001000000000000000000000000000014000400fe8000000000000000000000000000190c00028005000100060000001400018008000100ac14140f08000200ac14143f5c000e80060003400001000006000340000100002c00018014000300fc0200000000000000000000000000011400040000000000000000000000ffb2e277dd7dc4ffe000000214000180080001000a010100080002000a0101000600034000030000"], 0xec}, 0x1, 0x0, 0x0, 0x20000808}, 0x400c800)
sendmsg$NL80211_CMD_GET_SCAN(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r14, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="d8000000180081054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f00fff00401a80008000800104004080000055c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe144ecc447c65e206d25b4084121d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300fc0d15", 0xd8}], 0x1}, 0x4000000)

1.255774155s ago: executing program 2 (id=389):
getpid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'dummy0\x00'})
r0 = openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
preadv(r0, 0x0, 0x0, 0x0, 0x2000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000049b00000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="160000000000000004000000fe"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r3}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20)
get_mempolicy(&(0x7f0000000180), &(0x7f00000001c0), 0x8000, &(0x7f0000ffc000/0x1000)=nil, 0x7)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
io_uring_setup(0x1780, &(0x7f00000002c0)={0x0, 0x572e, 0x2, 0x2, 0xfffffffe})
r6 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r6, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

1.015091334s ago: executing program 3 (id=390):
r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000800)={0xffffffab, {{0x2, 0x4e23, @broadcast}}, 0x0, 0x4, [{{0x2, 0x4e21, @remote}}, {{0x2, 0x4e24, @empty}}, {{0x2, 0x4e24, @multicast1}}, {{0x2, 0xb, @rand_addr=0x64010100}}]}, 0x290)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r7}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r8, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)
r10 = socket$inet6(0xa, 0x6, 0x0)
r11 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r11, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r11, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000280), 0x2, 0x5}}, 0x20)
close_range(r10, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x6, 0x0, 0x0, 0x0, &(0x7f0000001400)={0x0, 0x3938700}})
io_uring_enter(r0, 0x6b4d, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x0, 0x2, 0x7, 0x0, 0x0)

1.014714524s ago: executing program 2 (id=391):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x4000, &(0x7f0000000280)={[{@dax_never}, {@grpid}], [{@uid_lt={'uid<', r2}}, {@dont_hash}]}, 0x1, 0x4c0, &(0x7f0000000bc0)="$eJzs3E2MU9UeAPD/7XQ+gMdjHg9RCGoRjRONDAwoLNxgNHGBiREXunAxYQaCDIxhxkQIkSExuDQk7o1Lty7cqjvjysSluDQxJMSwAVzV3PbeTj+ZDzot2N8vKXPO7bn3nH/vPben57QEMLBK6T9JxH8i4kZEbKtmGwuUqn/u3r588t7tyydjqVw+8VdSKXcnzWfy/bZkmYlCROGzpOmAVQsXL52dnpubvZDlJxfPfTS5cPHSS2fOTZ+ePT17furo0cOHDh55ZerltQfVpr40rju7P53fs+vN96+/dbKYbx/L/tbH0S2lKLVrSsVz3a6sz7bWpZNiHxvCmgxFRHq6hiNGbsS2GAonDwZFuVwuj3Z+eqnc7GrLFuCRlUS/WwD0R/5Gn37+zR89Gno8FG4dq34ASuO+mz2qzxSjkJUZbvp8201jEfHe0t9fpY/YoHkIAIB6PxzLR4LN479C7Kwr999sDWU8Iv4XEdsj4v8RsSMiHouolH08Ip5oOn4pIsr3qb/UlG8d/xRuPlCAK0jHf69ma1uN47989BfjQ1lua0Q+YJ49kL0mEzE8eurM3OzBxsP+Vp/58fVfv+hUf6lu/Jc+0vrzsWDWjpvFpgm6menF6QcKus6tqxG7i83xJ8WIpLYSkETErojYvYbjjtelz7zwzZ5aZrix3MrxV5TbrqN1Yami/HXE89XzvxQN53+5xuT+65OTYzE3e2AyvQoOtK3j51+uvd2p/hXj/+6P5l3eOPL9iQcNuyY9/5vrrv/I12+X4x9PIpLaeu3C2uu49vvnHT/TrO76v9KwT3r9jyTvVtIj2bZPphcXLxyMGEmOt26fWt43z+fl0/gn9rXv/9ub2ppexE9GxFMR8XTW9r0R8UxE7GsNLclfwZ9ee/bD9ce/sdL4Z9re/xrO//J6/cLxS2ejkqhtWSkxdHbvjXsdbh6rO/+HK6mJbEv7+1/ScItYbQO78BICAADAQ68Qle/+F/bX0oXC/v3VOaAdsbkwN7+w+OKp+Y/Pz1R/IzAew4V8pqs6Hzyc5POf43X5qab8oWze+MuhfDJzfm6mz7HDoNtS6fNJS/9P/TnU79YBG85PfmBwrdT/d17vUUOAnvP+D4Orrv8vdSiy5Jsy8O/U/v1/uOftAHqvXf+/so59gEdLWV+Ggab/w+Aqxju1dKGvLQF6zfs/DKTV/4p/PYnyaPunxqK1cIxtTDM2tamrL4l0ZNWDuj7I1m2Wt2xaz3Hy/02hY5korHScYsM1NhqtZYaiL+fi9M6uX/zl7Lvy3W7qt/fvp/lwfQNeqB7ehAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbQPwEAAP//VNPS8g==")
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$key(0xf, 0x3, 0x2)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$user(0x0, 0x0, 0x0, 0xf1, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0x3, &(0x7f00000005c0)=ANY=[@ANYRESHEX=r1, @ANYRESHEX=0x0, @ANYRESOCT=r2], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_switch\x00', r7, 0x0, 0x3}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000380)="9147f0faac8fdf8ce02ffde5f03de59c535c0100006000000000", 0x1a)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000440)=ANY=[])
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = fsopen(&(0x7f0000000340)='ceph\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
fsmount(r8, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)

817.736653ms ago: executing program 0 (id=392):
r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x6, 0x0, 0x0, 0x0, &(0x7f0000001400)={0x0, 0x3938700}})
io_uring_enter(r0, 0x6b4d, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x0, 0x2, 0x7, 0x0, 0x0) (fail_nth: 2)

817.180163ms ago: executing program 3 (id=393):
r0 = syz_io_uring_setup(0x4174, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_FILES_UPDATE={0x14, 0x4, 0x0, 0x0, 0xd6d, 0x0, 0x0, 0x0, 0x1, {0x0, r3}})
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = syz_io_uring_setup(0x82e, &(0x7f00000005c0)={0x0, 0x20010020, 0x10100, 0x1, 0xfffffffd}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000380)=<r7=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r5, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x0, r8, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}})
io_uring_enter(r5, 0x5b43, 0x8200, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000100000000000000010200850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x804, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.empty_time\x00', 0x26e1, 0x0)
write$cgroup_pid(r10, &(0x7f0000000300), 0x20000312)
close(r4)
openat$random(0xffffffffffffff9c, &(0x7f0000002c00), 0x0, 0x0)
r11 = syz_io_uring_setup(0x4175, &(0x7f0000000800)={0x0, 0x7e05, 0x10100, 0x0, 0xfffffffc}, &(0x7f0000000500)=<r12=>0x0, &(0x7f0000000040)=<r13=>0x0)
syz_io_uring_submit(r12, r13, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r14 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x109000, 0x0)
r15 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='net/nf_conntrack\x00')
writev(r15, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
linkat(r14, &(0x7f00000000c0)='./file0\x00', r15, &(0x7f0000000140)='./file0\x00', 0x0)
io_uring_enter(r11, 0x567, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={0x0, &(0x7f0000000140), 0x0, 0x0, 0x1, 0x3, 0x0, @void, @value}, 0x28)

503.819562ms ago: executing program 3 (id=394):
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c00", @ANYRES16, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000000), &(0x7f0000048000), 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000200)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@nouid32}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xa, 0x13, 0x20, 0xbc, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x33, &(0x7f0000001300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x764}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @alu={0x7, 0x0, 0x0, 0x7, 0x2, 0x8, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @generic={0x2, 0xf, 0x8, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x534d}, @map_val={0x18, 0x3, 0x2, 0x0, r0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000480)='syzkaller\x00', 0x1, 0xe0, &(0x7f00000004c0)=""/224, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x7d}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0x1d, 0xa, 0xa, 0x0, 0x0, 0x61, 0x10, 0x10}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000012c0)={r1, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xe, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000006b8a00fe00000000c7080000010000007b8af0ff00000000bda100000000000007000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000fa18230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000001a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x2, 0x300)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000000), &(0x7f0000000200)}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)

449.798061ms ago: executing program 4 (id=395):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="39090701e0bc161b001fdfffffeef90000f604000000"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r3, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000d80), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f000002eff0)={0x3, &(0x7f0000000500)=[{}, {0x4, 0x8, 0xb5, 0x2}, {0x1, 0x5, 0x9, 0x7}]}, 0x10)

406.573312ms ago: executing program 0 (id=396):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{}, &(0x7f0000000300), &(0x7f00000003c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x80044940, &(0x7f0000001b00))
get_robust_list(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x82, 0x14)
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r1, &(0x7f0000000200)=""/209, 0xd1)
socket$inet6(0xa, 0x3, 0x9)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x315, @tick=0x9, 0x0, {0x1}, 0x0, 0x1})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r1, 0xc0605345, &(0x7f0000000100)={0x10001, 0x0, {0xffffffffffffffff, 0x0, 0x3, 0x2, 0xffffffff}, 0x4})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0xc08c5334, &(0x7f0000000500))
tkill(r0, 0x7)

405.522822ms ago: executing program 1 (id=397):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xec)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r1, 0x0, 0x0, 0x0)

394.210721ms ago: executing program 4 (id=398):
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc)=0x4, 0x10b, 0x4, 0x0, &(0x7f0000048000), 0x0)
r1 = mq_open(&(0x7f00000006c0)='kfree\x00', 0x2, 0x80, &(0x7f0000000700)={0x2, 0x7e10, 0x1})
mq_timedsend(r1, &(0x7f0000000900)="3ee85fb9768260bb7c8e2bca3b32fced2ce90a9893a2c287a972fd9bd6649f255c540817df3cf2fb9891117264ec64dd8157b126b0dedabb48626109161be134fbe112e9903e94d54eae6fca99e12a73225bc4a05483cfb78c67cd9d91c46d2f0b719965687558563b482fdde10df28d706a42290c4e1179bf7936b413436eed75935d37c35743824e4f1a9c0ed1810825af1848c2d6d74bcefe143f1756e8399ebc70c8581fc409f85af05210f8ca51825a777c0824f4a5f3c9c4bf6723361068c70587deca6b9937", 0xc9, 0xffffffff, &(0x7f0000000a00)={0x0, 0x989680})
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000200)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@nouid32}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xa, 0x13, 0x20, 0xbc, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x33, &(0x7f0000001300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x764}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@map_fd={0x18, 0x1, 0x1, 0x0, r2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @alu={0x7, 0x0, 0x0, 0x7, 0x2, 0x8, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @generic={0x2, 0xf, 0x8, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x534d}, @map_val={0x18, 0x3, 0x2, 0x0, r2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000480)='syzkaller\x00', 0x1, 0xe0, &(0x7f00000004c0)=""/224, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x7d}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0x1d, 0xa, 0xa, 0x0, 0x0, 0x61, 0x10, 0x10}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000012c0)={r3, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xe, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000006b8a00fe00000000c7080000010000007b8af0ff00000000bda100000000000007000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000fa18230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000001a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x2, 0x300)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000000), &(0x7f0000000200)}, 0x20)
write$selinux_load(r0, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)

306.619801ms ago: executing program 3 (id=399):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000840)=ANY=[@ANYRESOCT=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
rename(&(0x7f0000000040)='./file1\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, 0x0, 0x8)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
signalfd4(r1, &(0x7f0000000240)={[0x8]}, 0x8, 0x80000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r0, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480), <r5=>0x0, 0xce, &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000500), &(0x7f0000000580), 0x8, 0x12, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000001640)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, r5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000540)='rcu_utilization\x00', r6}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r7}, 0x10)
r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8)
write$cgroup_int(r9, &(0x7f00000001c0), 0xfffffdef)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="d2000007000000007911a800000000001e000000000000009500000c00000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000640)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x9}, 0x18)

305.848201ms ago: executing program 1 (id=400):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000600)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x28, r3, 0xc4fc9e906872338b, 0x0, 0x0, {{0x15}, {@val={0x8}, @val={0xc, 0x99, {0xfffffffc}}}}}, 0x28}}, 0x0)

254.479861ms ago: executing program 1 (id=401):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="19000000"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xff, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
execve(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
sendto$inet(r4, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b117511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r4, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104)

98.86216ms ago: executing program 2 (id=402):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x4e24, 0x8, @remote, 0x3}, 0x1c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x150, 0x10100, 0x0, 0x1}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x14a8}, 0x0, 0x41, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c250000000000206ea37b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000640)={0xffff0001, {{0xa, 0x4e21, 0x7ff, @loopback, 0x5}}, 0x1, 0x3, [{{0xa, 0x4e21, 0x1, @private1, 0x26}}, {{0xa, 0x4e23, 0x8000, @ipv4={'\x00', '\xff\xff', @local}}}, {{0xa, 0x4e20, 0x8, @remote}}]}, 0x210)

22.939881ms ago: executing program 0 (id=403):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000240)={0x80042, 0x4, 0x3}, 0x10)
close(r0) (fail_nth: 2)

0s ago: executing program 0 (id=404):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed040e, &(0x7f00000000c0)={[{@jqfmt_vfsold}, {@data_err_abort}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@acl}, {@debug}]}, 0xfe, 0x46d, &(0x7f00000020c0)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQKNbQmQohWD3g0JN6N/4XxpBejXjTxqndDQgwXUC9rZmemLMtu2aXbLnQ/n2S6zzPzdJ/nOzPP7jPz7G4APWsk+5NE/C8ifo+IoTx7a4GR/OHGtYtTf1+7OJVEpfLWX0m13PVrF6fKouX/bcszlUqR39Sg3kvvRkzOzc2cK/Jji2c+GFs4f+GF2TOTp2ZOzZydOHbs8KG9g0cnjnQkziyu67s/nt+z6/g7l9+YOnH5vZ+S/sjjjro4OmUk37sNPd3pyrpse026umOX7fvlZrrRmUA39UVEdrgGqv1/KPpiy/K2oXjts642DlhTlUqlssKr8lIF2MCS6HYLgO4o3+iz699yWaehxz3h6sv5BVAW941iybf0R5on9g3UXd920khEnFj656tsiTW6DwEAUOu7bPzzfKPxXxoP54nB7M//izmU4Yh4ICJ2RMSDEbEzIh6KqJZ9JCIebbP++hmS28c/6ZW7Dq4F2fjvpWJu69bxX1oWGe4rctur8Q8kJ2fnZg4W++RADGw6OZvMjK9Qx/ev/vZFs221479syeovx4JFO670192gm55cnFxNzLWufhqxu79R/EmU0zhJROyKiN13Wcfss/1Nt905/hU0f9qWVb6OeCY//ktRF38paTo/Of7i0YkjY5tjbubgWHlW3O7nXy+92az+VcXfAdnx39rw/F+OfzjZHLFw/sLp6nztQvt1XPrj86bXNG2e/8e3F+f/YPJ2dcVgseGjycXFc+MRg8nrt6+fuPlsZb4sn8V/YH/j/r8jbu6JxyJiT0TsjYjHs4vCou1PRMSTEbF/hfh/fOWp99uPf33mSrP4p+90/KP2+Lef6Dv9w7d3jn9zRDQ7/oerqQPFmlZe/1pt4Gr2HQAAANwv0upn4JN0dDmdpqOj+Wf4d8bWdG5+YfG5k/Mfnp3OPys/HANpeadrqOZ+6Hhxb7jMT9TlDxX3jb/s21LNj07Nz013O3jocdua9P/Mn33dbh2w5jowjwbcp/R/6F36P/SmRP+Hnqb/Q+9q1P8/aVp69Js1bQywrrz/Q+9qof8v5Q/NRwXA/cn7P/Qu/R96UtPvxqer+sr/uif+LX7P8F5pz8ZPRHpPNGPjJ/pb/jGLNhKVobz/Z2s2NSzT7VcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvgvAAD//w3J5b0=")
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000100)={0x0, 0x29, 0x1b1d, 0x6ff, 0x18, "080c070021ab0e18a70d8d0900b1fa4dc1e957"})
chdir(&(0x7f0000000240)='./file0\x00')
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), &(0x7f00000002c0)={0x0, 0xfb, 0x2f, 0x2, 0x0, "89209b3983efb153364194b6e17832a2", "b866c5729c6ce22a229e63f02a6e3a729289ff71268a9e1f2ca1"}, 0x2f, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000007c0)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)='%pS    \x00'}, 0x20)
socket$netlink(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd2, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
mkdir(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x2)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x141081, 0x0)
setuid(0xee00)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x1)

kernel console output (not intermixed with test programs):

an_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.371351][ T3299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.381332][ T3299] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.391862][ T3299] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.398301][ T3304] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   32.402860][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.437544][ T3309] veth0_macvtap: entered promiscuous mode
[   32.444883][ T3309] veth1_macvtap: entered promiscuous mode
[   32.452799][ T3302] veth0_macvtap: entered promiscuous mode
[   32.460182][ T3302] veth1_macvtap: entered promiscuous mode
[   32.465966][   T29] kauditd_printk_skb: 29 callbacks suppressed
[   32.465983][   T29] audit: type=1400 audit(1735608394.035:121): avc:  denied  { read write } for  pid=3300 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   32.473555][ T3299] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.496260][   T29] audit: type=1400 audit(1735608394.035:122): avc:  denied  { open } for  pid=3300 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   32.505019][ T3299] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.529252][   T29] audit: type=1400 audit(1735608394.035:123): avc:  denied  { ioctl } for  pid=3300 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   32.537961][ T3299] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.572603][ T3299] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.599609][ T3441] bridge_slave_0: left allmulticast mode
[   32.600887][   T29] audit: type=1400 audit(1735608394.145:124): avc:  denied  { map_create } for  pid=3440 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   32.605370][ T3441] bridge_slave_0: left promiscuous mode
[   32.624221][   T29] audit: type=1400 audit(1735608394.145:125): avc:  denied  { map_read map_write } for  pid=3440 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   32.629975][ T3441] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.649296][   T29] audit: type=1400 audit(1735608394.145:126): avc:  denied  { prog_load } for  pid=3440 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   32.675381][   T29] audit: type=1400 audit(1735608394.145:127): avc:  denied  { bpf } for  pid=3440 comm="syz.3.4" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   32.695857][   T29] audit: type=1400 audit(1735608394.145:128): avc:  denied  { perfmon } for  pid=3440 comm="syz.3.4" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   32.716524][   T29] audit: type=1400 audit(1735608394.145:129): avc:  denied  { prog_run } for  pid=3440 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   32.722051][ T3442] loop3: detected capacity change from 0 to 2048
[   32.735437][   T29] audit: type=1400 audit(1735608394.155:130): avc:  denied  { create } for  pid=3440 comm="syz.3.4" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   32.764436][ T3441] bridge_slave_1: left allmulticast mode
[   32.770186][ T3441] bridge_slave_1: left promiscuous mode
[   32.775850][ T3441] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.782747][ T3442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.797926][ T3441] bond0: (slave bond_slave_0): Releasing backup interface
[   32.807845][ T3441] bond0: (slave bond_slave_1): Releasing backup interface
[   32.819084][ T3441] team0: Port device team_slave_0 removed
[   32.827157][ T3441] team0: Port device team_slave_1 removed
[   32.833846][ T3441] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   32.841324][ T3441] batman_adv: batadv0: Removing interface: batadv_slave_0
[   32.849527][ T3441] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   32.857000][ T3441] batman_adv: batadv0: Removing interface: batadv_slave_1
[   32.905694][ T3309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.916326][ T3309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.926366][ T3309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.936916][ T3309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.947896][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.959139][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.969763][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.979587][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.990188][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.000134][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   33.010585][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.021406][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.033175][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.044555][ T3309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.055256][ T3309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.065250][ T3309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.075694][ T3309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.086605][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.217721][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.228417][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.238321][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.248915][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.258811][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.269369][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.281644][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.290709][ T3309] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.299459][ T3309] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.308414][ T3309] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.317291][ T3309] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.594475][ T3302] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.603275][ T3302] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.612217][ T3302] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.620958][ T3302] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.944160][ T3525] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1'.
[   33.956964][ T3450] syz.2.3 (3450) used greatest stack depth: 10232 bytes left
[   34.033105][ T3533] loop3: detected capacity change from 0 to 1024
[   34.042219][ T3533] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   34.052391][ T3533] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   34.080170][ T3533] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   34.103493][ T3533] EXT4-fs (loop3): orphan cleanup on readonly fs
[   34.119076][ T3533] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   34.137193][ T3533] EXT4-fs (loop3): Remounting filesystem read-only
[   34.143105][ T3538] loop2: detected capacity change from 0 to 1024
[   34.144503][ T3533] EXT4-fs (loop3): 1 orphan inode deleted
[   34.161670][ T3538] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   34.170628][ T3538] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   34.181535][ T3533] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   34.196466][ T3533] SELinux: (dev loop3, type ext4) getxattr errno 5
[   34.206810][ T3540] bridge_slave_0: left allmulticast mode
[   34.209133][ T3533] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.212609][ T3540] bridge_slave_0: left promiscuous mode
[   34.227694][ T3540] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.230041][ T3538] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   34.243699][ T3538] EXT4-fs (loop2): orphan cleanup on readonly fs
[   34.252516][ T3540] bridge_slave_1: left allmulticast mode
[   34.258260][ T3540] bridge_slave_1: left promiscuous mode
[   34.264067][ T3540] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.271828][ T3544] loop0: detected capacity change from 0 to 2048
[   34.274045][ T3538] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   34.291519][ T3538] EXT4-fs (loop2): Remounting filesystem read-only
[   34.299453][ T3538] EXT4-fs (loop2): 1 orphan inode deleted
[   34.307099][ T3540] bond0: (slave bond_slave_0): Releasing backup interface
[   34.310023][ T3538] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   34.326383][ T3538] SELinux: (dev loop2, type ext4) getxattr errno 5
[   34.329097][ T3544] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.333370][ T3538] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.355822][ T3540] bond0: (slave bond_slave_1): Releasing backup interface
[   34.369806][ T3533] syz.3.8 (3533) used greatest stack depth: 9648 bytes left
[   34.388577][ T3540] team0: Port device team_slave_0 removed
[   34.397709][ T3540] team0: Port device team_slave_1 removed
[   34.405469][ T3540] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   34.413271][ T3540] batman_adv: batadv0: Removing interface: batadv_slave_0
[   34.434363][ T3540] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   34.441933][ T3540] batman_adv: batadv0: Removing interface: batadv_slave_1
[   34.546017][ T3558] loop2: detected capacity change from 0 to 512
[   34.552918][ T3557] netlink: 104 bytes leftover after parsing attributes in process `syz.3.18'.
[   34.553514][ T3558] EXT4-fs: Ignoring removed mblk_io_submit option
[   34.573053][ T3558] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   34.583320][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.586280][ T3558] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   34.602706][ T3558] System zones: 1-12
[   34.621288][ T3558] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.16: corrupted in-inode xattr: e_value size too large
[   34.661160][ T3558] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.16: couldn't read orphan inode 15 (err -117)
[   34.674613][ T3558] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.711361][ T3558] Falling back ldisc for ttyS3.
[   34.734488][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.764734][ T3574] loop2: detected capacity change from 0 to 164
[   34.791945][ T3574] process 'syz.2.22' launched '/dev/fd/7' with NULL argv: empty string added
[   34.801476][ T3577] syz.1.24[3577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   34.801660][ T3577] syz.1.24[3577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   34.802205][ T3574] syz.2.22: attempt to access beyond end of device
[   34.802205][ T3574] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   34.829758][ T3577] syz.1.24[3577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   34.840030][ T3574] syz.2.22: attempt to access beyond end of device
[   34.840030][ T3574] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[   34.880146][ T3580] capability: warning: `syz.4.25' uses deprecated v2 capabilities in a way that may be insecure
[   34.886904][ T3581] loop0: detected capacity change from 0 to 512
[   34.960050][ T3581] EXT4-fs: dax option not supported
[   35.120495][ T3592] loop4: detected capacity change from 0 to 512
[   35.127595][ T3592] EXT4-fs: Ignoring removed mblk_io_submit option
[   35.146994][ T3592] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   35.157729][ T3592] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   35.166545][ T3592] System zones: 1-12
[   35.173967][ T3592] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.29: corrupted in-inode xattr: e_value size too large
[   35.190225][ T3592] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.29: couldn't read orphan inode 15 (err -117)
[   35.203642][ T3592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.279968][ T3592] Falling back ldisc for ttyS3.
[   35.301028][ T3601] lo speed is unknown, defaulting to 1000
[   35.319823][ T3601] lo speed is unknown, defaulting to 1000
[   35.331472][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.365565][ T3601] lo speed is unknown, defaulting to 1000
[   35.378724][ T3601] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   35.387304][ T3601] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   35.400421][ T3601] lo speed is unknown, defaulting to 1000
[   35.409417][ T3601] lo speed is unknown, defaulting to 1000
[   35.423353][ T3606] netlink: 104 bytes leftover after parsing attributes in process `syz.4.31'.
[   35.435491][ T3601] lo speed is unknown, defaulting to 1000
[   35.488988][ T3601] lo speed is unknown, defaulting to 1000
[   35.526928][ T3601] lo speed is unknown, defaulting to 1000
[   35.552277][ T3612] loop3: detected capacity change from 0 to 512
[   35.560096][ T3612] EXT4-fs: Ignoring removed mblk_io_submit option
[   35.567528][ T3612] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   35.580518][ T3612] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   35.810631][ T3612] System zones: 1-12
[   35.817160][ T3612] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.34: corrupted in-inode xattr: e_value size too large
[   35.903211][ T3623] bridge_slave_0: left allmulticast mode
[   35.908940][ T3623] bridge_slave_0: left promiscuous mode
[   35.914692][ T3623] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.932868][ T3612] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.34: couldn't read orphan inode 15 (err -117)
[   35.950346][ T3612] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.965965][ T3623] bridge_slave_1: left allmulticast mode
[   35.971766][ T3623] bridge_slave_1: left promiscuous mode
[   35.977522][ T3623] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.031394][ T3612] Falling back ldisc for ttyS3.
[   36.041932][ T3627] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3627 comm=syz.4.36
[   36.054902][ T3627] netlink: 'syz.4.36': attribute type 1 has an invalid length.
[   36.065907][ T3626] loop2: detected capacity change from 0 to 2048
[   36.083610][ T3623] bond0: (slave bond_slave_0): Releasing backup interface
[   36.094800][ T3623] bond0: (slave bond_slave_1): Releasing backup interface
[   36.107271][ T3623] team0: Port device team_slave_0 removed
[   36.116614][ T3623] team0: Port device team_slave_1 removed
[   36.127408][ T3623] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   36.135003][ T3623] batman_adv: batadv0: Removing interface: batadv_slave_0
[   36.146202][ T3623] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   36.154621][ T3623] batman_adv: batadv0: Removing interface: batadv_slave_1
[   36.195617][ T3626] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.310021][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.323386][ T3631] syz.4.36[3631] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   36.323562][ T3631] syz.4.36[3631] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   36.352377][ T3631] syz.4.36[3631] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   36.406286][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.429973][ T3631] kernel read not supported for file /policy (pid: 3631 comm: syz.4.36)
[   36.577916][ T3660] loop2: detected capacity change from 0 to 1024
[   36.603181][ T3660] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   36.612384][ T3660] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   36.624141][ T3660] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   36.632528][ T3660] EXT4-fs (loop2): orphan cleanup on readonly fs
[   36.640286][ T3660] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   36.656776][ T3660] EXT4-fs (loop2): Remounting filesystem read-only
[   36.663814][ T3660] EXT4-fs (loop2): 1 orphan inode deleted
[   36.671931][ T3660] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   36.714835][ T3660] SELinux: (dev loop2, type ext4) getxattr errno 5
[   36.736247][ T3663] loop3: detected capacity change from 0 to 128
[   36.746595][ T3660] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.762591][ T3668] netlink: 104 bytes leftover after parsing attributes in process `syz.4.44'.
[   36.823323][ T3670] loop0: detected capacity change from 0 to 164
[   36.844069][ T3666] syz.3.43: attempt to access beyond end of device
[   36.844069][ T3666] loop3: rw=34817, sector=97, nr_sectors = 32 limit=128
[   36.876585][ T3675] syz.2.47[3675] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   36.876656][ T3675] syz.2.47[3675] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   36.890508][ T3670] syz.0.45: attempt to access beyond end of device
[   36.890508][ T3670] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   36.893839][ T3663] netlink: 20 bytes leftover after parsing attributes in process `syz.3.43'.
[   36.905668][ T3670] syz.0.45: attempt to access beyond end of device
[   36.905668][ T3670] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[   36.916446][ T3675] syz.2.47[3675] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   37.351918][ T3685] lo speed is unknown, defaulting to 1000
[   38.201340][ T3696] lo speed is unknown, defaulting to 1000
[   38.207723][ T3696] lo speed is unknown, defaulting to 1000
[   38.215921][ T3696] lo speed is unknown, defaulting to 1000
[   38.955406][ T3696] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   39.379344][ T3693] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_rx_wq": -EINTR
[   39.522459][ T3698] loop1: detected capacity change from 0 to 128
[   39.523005][ T3703] loop0: detected capacity change from 0 to 2048
[   39.581431][ T3698] syz.1.52: attempt to access beyond end of device
[   39.581431][ T3698] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[   39.597600][ T3696] lo speed is unknown, defaulting to 1000
[   39.605037][ T3696] lo speed is unknown, defaulting to 1000
[   39.609750][ T3698] netlink: 20 bytes leftover after parsing attributes in process `syz.1.52'.
[   39.620831][ T3696] lo speed is unknown, defaulting to 1000
[   39.651670][ T3696] lo speed is unknown, defaulting to 1000
[   39.658695][ T3696] lo speed is unknown, defaulting to 1000
[   39.659289][ T3718] loop3: detected capacity change from 0 to 164
[   39.665182][ T3696] lo speed is unknown, defaulting to 1000
[   39.691575][ T3703] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.694095][ T3716] loop2: detected capacity change from 0 to 1024
[   39.712600][ T3716] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   39.713784][ T3718] syz.3.56: attempt to access beyond end of device
[   39.713784][ T3718] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   39.751778][ T3716] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   39.767526][ T3710] loop4: detected capacity change from 0 to 128
[   39.770272][ T3718] syz.3.56: attempt to access beyond end of device
[   39.770272][ T3718] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   39.774395][ T3716] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   39.795817][ T3716] EXT4-fs (loop2): orphan cleanup on readonly fs
[   39.829781][ T3716] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   39.849597][ T3716] EXT4-fs (loop2): Remounting filesystem read-only
[   39.870392][ T3710] syz.4.54: attempt to access beyond end of device
[   39.870392][ T3710] loop4: rw=34817, sector=97, nr_sectors = 32 limit=128
[   39.892157][ T3716] __quota_error: 69 callbacks suppressed
[   39.892248][ T3716] Quota error (device loop2): write_blk: dquota write failed
[   39.898663][ T3710] netlink: 20 bytes leftover after parsing attributes in process `syz.4.54'.
[   39.905453][ T3716] Quota error (device loop2): write_blk: dquota write failed
[   39.905471][ T3716] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota
[   39.932758][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.964940][ T3716] Quota error (device loop2): v2_write_file_info: Can't write info structure
[   39.975742][ T3716] EXT4-fs (loop2): 1 orphan inode deleted
[   40.003107][ T3728] lo speed is unknown, defaulting to 1000
[   40.009376][ T3728] lo speed is unknown, defaulting to 1000
[   40.054587][ T3716] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   40.067924][ T3716] SELinux: (dev loop2, type ext4) getxattr errno 5
[   40.122789][ T3716] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.194474][ T3733] loop0: detected capacity change from 0 to 128
[   40.297486][ T3716] syz.2.55 (3716) used greatest stack depth: 9640 bytes left
[   40.333003][   T29] audit: type=1326 audit(1735608401.905:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3743 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3502f45d29 code=0x7ffc0000
[   40.356329][   T29] audit: type=1326 audit(1735608401.905:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3743 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3502f45d29 code=0x7ffc0000
[   40.379710][   T29] audit: type=1326 audit(1735608401.915:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3743 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3502f45d29 code=0x7ffc0000
[   40.380600][ T3744] loop1: detected capacity change from 0 to 2048
[   40.402974][   T29] audit: type=1326 audit(1735608401.915:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3743 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3502f45d63 code=0x7ffc0000
[   40.409474][ T3733] netlink: 20 bytes leftover after parsing attributes in process `syz.0.57'.
[   40.432630][   T29] audit: type=1326 audit(1735608401.925:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3743 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3502f447df code=0x7ffc0000
[   40.464956][   T29] audit: type=1326 audit(1735608401.925:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3743 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3502f45db7 code=0x7ffc0000
[   40.490303][ T3731] syz.0.57: attempt to access beyond end of device
[   40.490303][ T3731] loop0: rw=34817, sector=97, nr_sectors = 32 limit=128
[   40.522798][ T3744] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.556292][ T3751] loop2: detected capacity change from 0 to 512
[   40.579763][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.606791][ T3751] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.64: corrupted in-inode xattr: invalid ea_ino
[   40.622461][ T3751] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.64: couldn't read orphan inode 15 (err -117)
[   40.635928][ T3751] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.663916][ T3751] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[   40.678199][ T3759] loop1: detected capacity change from 0 to 1024
[   40.696530][ T3759] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   40.708297][ T3759] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   40.712845][ T3763] loop0: detected capacity change from 0 to 164
[   40.727762][ T3763] syz.0.69: attempt to access beyond end of device
[   40.727762][ T3763] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   40.741709][ T3759] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   40.742698][ T3763] syz.0.69: attempt to access beyond end of device
[   40.742698][ T3763] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[   40.749857][ T3759] EXT4-fs (loop1): orphan cleanup on readonly fs
[   40.782501][ T3759] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   40.792244][ T3759] EXT4-fs (loop1): Remounting filesystem read-only
[   40.798921][ T3759] EXT4-fs (loop1): 1 orphan inode deleted
[   40.808212][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.898592][ T3759] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   40.910808][ T3759] SELinux: (dev loop1, type ext4) getxattr errno 5
[   40.917830][ T3759] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.925985][ T3774] loop3: detected capacity change from 0 to 164
[   40.952797][ T3774] syz.3.72: attempt to access beyond end of device
[   40.952797][ T3774] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   40.966919][ T3774] syz.3.72: attempt to access beyond end of device
[   40.966919][ T3774] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   41.155070][ T3775] lo speed is unknown, defaulting to 1000
[   41.161350][ T3775] lo speed is unknown, defaulting to 1000
[   42.102820][ T3778] lo speed is unknown, defaulting to 1000
[   42.108908][ T3778] lo speed is unknown, defaulting to 1000
[   42.532917][ T3787] loop4: detected capacity change from 0 to 1024
[   42.545883][ T3790] loop0: detected capacity change from 0 to 164
[   42.555693][ T3790] syz.0.78: attempt to access beyond end of device
[   42.555693][ T3790] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   42.570410][ T3787] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   42.581137][ T3790] syz.0.78: attempt to access beyond end of device
[   42.581137][ T3790] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[   42.584107][ T3787] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   42.606384][ T3787] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   42.614810][ T3787] EXT4-fs (loop4): orphan cleanup on readonly fs
[   42.624663][ T3787] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   42.634522][ T3787] EXT4-fs (loop4): Remounting filesystem read-only
[   42.642347][ T3787] EXT4-fs (loop4): 1 orphan inode deleted
[   42.648686][ T3787] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   42.662018][ T3787] SELinux: (dev loop4, type ext4) getxattr errno 5
[   42.669106][ T3787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.704569][ T3798] loop1: detected capacity change from 0 to 164
[   42.749831][ T3798] syz.1.80: attempt to access beyond end of device
[   42.749831][ T3798] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   42.765612][ T3798] syz.1.80: attempt to access beyond end of device
[   42.765612][ T3798] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   42.778348][ T3796] lo speed is unknown, defaulting to 1000
[   42.785198][ T3796] lo speed is unknown, defaulting to 1000
[   43.142748][ T3809] lo speed is unknown, defaulting to 1000
[   43.149180][ T3809] lo speed is unknown, defaulting to 1000
[   43.353681][ T3807] loop4: detected capacity change from 0 to 1024
[   43.420097][ T3807] EXT4-fs: test_dummy_encryption option not supported
[   43.439316][ T3815] loop0: detected capacity change from 0 to 512
[   43.456316][ T3815] EXT4-fs: Ignoring removed mblk_io_submit option
[   43.475528][ T3815] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   43.494913][ T3807] SELinux:  policydb version 128 does not match my version range 15-33
[   43.503811][ T3807] SELinux: failed to load policy
[   43.523683][ T3815] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   43.532033][ T3815] System zones: 1-12
[   43.641988][ T3815] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.84: corrupted in-inode xattr: e_value size too large
[   43.660039][ T3815] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.84: couldn't read orphan inode 15 (err -117)
[   43.672780][ T3815] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.703337][ T3815] Falling back ldisc for ttyS3.
[   43.732373][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.766783][ T3823] netlink: 104 bytes leftover after parsing attributes in process `syz.0.86'.
[   43.823741][ T3819] loop1: detected capacity change from 0 to 1024
[   43.834116][ T3819] EXT4-fs: test_dummy_encryption option not supported
[   43.858666][ T3819] SELinux:  policydb version 128 does not match my version range 15-33
[   43.867445][ T3819] SELinux: failed to load policy
[   43.913198][ T3827] bridge_slave_0: left allmulticast mode
[   43.918970][ T3827] bridge_slave_0: left promiscuous mode
[   43.924745][ T3827] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.966713][ T3827] bridge_slave_1: left allmulticast mode
[   43.972496][ T3827] bridge_slave_1: left promiscuous mode
[   43.978268][ T3827] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.004638][ T3832] loop4: detected capacity change from 0 to 2048
[   44.048171][ T3832] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.067304][ T3827] bond0: (slave bond_slave_0): Releasing backup interface
[   44.077914][ T3827] bond0: (slave bond_slave_1): Releasing backup interface
[   44.097640][ T3827] team0: Port device team_slave_0 removed
[   44.111032][ T3827] team0: Port device team_slave_1 removed
[   44.118292][ T3827] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   44.125771][ T3827] batman_adv: batadv0: Removing interface: batadv_slave_0
[   44.140596][ T3827] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   44.148054][ T3827] batman_adv: batadv0: Removing interface: batadv_slave_1
[   44.358854][ T3844] siw: device registration error -23
[   44.390683][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.473643][ T3847] loop2: detected capacity change from 0 to 128
[   44.606938][ T3844] netlink: 20 bytes leftover after parsing attributes in process `syz.2.91'.
[   45.652245][ T3886] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3886 comm=syz.1.101
[   45.702491][ T3886] netlink: 'syz.1.101': attribute type 1 has an invalid length.
[   45.850075][ T3894] syz.1.101[3894] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.852061][ T3894] syz.1.101[3894] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   45.866785][ T3893] siw: device registration error -23
[   45.929004][   T29] kauditd_printk_skb: 107 callbacks suppressed
[   45.929021][   T29] audit: type=1400 audit(1735608407.495:293): avc:  denied  { connect } for  pid=3895 comm="GPL" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   45.954349][   T29] audit: type=1400 audit(1735608407.495:294): avc:  denied  { name_connect } for  pid=3895 comm="GPL" dest=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[   46.003283][ T3894] syz.1.101[3894] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   46.024628][ T3886] kernel read not supported for file /policy (pid: 3886 comm: syz.1.101)
[   46.104801][ T3893] loop2: detected capacity change from 0 to 128
[   46.115598][   T29] audit: type=1400 audit(1735608407.685:295): avc:  denied  { mount } for  pid=3892 comm="syz.2.103" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   46.156223][ T3905] loop1: detected capacity change from 0 to 512
[   46.169989][ T3905] EXT4-fs: dax option not supported
[   46.200832][ T3893] bio_check_eod: 1 callbacks suppressed
[   46.200853][ T3893] syz.2.103: attempt to access beyond end of device
[   46.200853][ T3893] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[   46.221730][ T3893] netlink: 20 bytes leftover after parsing attributes in process `syz.2.103'.
[   46.349255][ T3911] loop4: detected capacity change from 0 to 512
[   46.384290][   T29] audit: type=1400 audit(1735608407.945:296): avc:  denied  { unmount } for  pid=3304 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   46.406810][ T3911] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.108: corrupted in-inode xattr: invalid ea_ino
[   46.452399][ T3916] loop2: detected capacity change from 0 to 512
[   46.459416][ T3916] EXT4-fs: dax option not supported
[   46.697520][ T3911] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.108: couldn't read orphan inode 15 (err -117)
[   46.811939][ T3911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.832512][ T3921] siw: device registration error -23
[   46.934808][ T3923] Driver unsupported XDP return value 0 on prog  (id 91) dev N/A, expect packet loss!
[   47.166702][ T3926] loop0: detected capacity change from 0 to 164
[   47.175867][ T3927] loop1: detected capacity change from 0 to 512
[   47.182903][ T3911] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[   47.190089][ T3927] EXT4-fs: Ignoring removed mblk_io_submit option
[   47.202316][   T29] audit: type=1326 audit(1735608408.775:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3910 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea14f5d29 code=0x7ffc0000
[   47.225993][   T29] audit: type=1326 audit(1735608408.775:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3910 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7faea14f5d29 code=0x7ffc0000
[   47.231011][ T3926] syz.0.111: attempt to access beyond end of device
[   47.231011][ T3926] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   47.249266][   T29] audit: type=1326 audit(1735608408.775:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3910 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea14f5d29 code=0x7ffc0000
[   47.270000][ T3926] syz.0.111: attempt to access beyond end of device
[   47.270000][ T3926] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[   47.286458][   T29] audit: type=1326 audit(1735608408.775:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3910 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea14f5d29 code=0x7ffc0000
[   47.326307][ T3927] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   47.335644][ T3927] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   47.399321][ T3927] System zones: 1-12
[   47.412703][ T3927] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.112: corrupted in-inode xattr: e_value size too large
[   47.437043][ T3927] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.112: couldn't read orphan inode 15 (err -117)
[   47.454533][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.464260][ T3927] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.490340][ T3926] lo speed is unknown, defaulting to 1000
[   47.496917][ T3926] lo speed is unknown, defaulting to 1000
[   47.512848][ T3932] loop3: detected capacity change from 0 to 164
[   47.535820][ T3932] syz.3.113: attempt to access beyond end of device
[   47.535820][ T3932] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   47.554524][ T3932] syz.3.113: attempt to access beyond end of device
[   47.554524][ T3932] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   47.559453][ T3927] Falling back ldisc for ttyS3.
[   47.601541][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.680565][ T3943] loop0: detected capacity change from 0 to 128
[   47.736395][ T3943] syz.0.119: attempt to access beyond end of device
[   47.736395][ T3943] loop0: rw=34817, sector=97, nr_sectors = 32 limit=128
[   47.750781][ T3943] netlink: 20 bytes leftover after parsing attributes in process `syz.0.119'.
[   47.841547][ T3954] siw: device registration error -23
[   47.894622][ T3951] lo speed is unknown, defaulting to 1000
[   47.901255][ T3951] lo speed is unknown, defaulting to 1000
[   47.997983][ T3958] loop2: detected capacity change from 0 to 128
[   48.227755][ T3967] netlink: 20 bytes leftover after parsing attributes in process `syz.2.118'.
[   48.251152][ T3965] syz.2.118: attempt to access beyond end of device
[   48.251152][ T3965] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[   48.263141][ T3970] FAULT_INJECTION: forcing a failure.
[   48.263141][ T3970] name failslab, interval 1, probability 0, space 0, times 1
[   48.277390][ T3970] CPU: 0 UID: 0 PID: 3970 Comm: syz.4.122 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[   48.288007][ T3970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   48.298129][ T3970] Call Trace:
[   48.301433][ T3970]  <TASK>
[   48.304457][ T3970]  dump_stack_lvl+0xf2/0x150
[   48.309073][ T3970]  dump_stack+0x15/0x1a
[   48.313378][ T3970]  should_fail_ex+0x223/0x230
[   48.318066][ T3970]  should_failslab+0x8f/0xb0
[   48.322760][ T3970]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   48.329100][ T3970]  ? kvasprintf_const+0x5d/0x100
[   48.334099][ T3970]  kvasprintf+0x8c/0x110
[   48.338402][ T3970]  ? string+0x1ee/0x210
[   48.342650][ T3970]  kvasprintf_const+0x5d/0x100
[   48.347517][ T3970]  kobject_set_name_vargs+0x44/0xe0
[   48.352727][ T3970]  dev_set_name+0x84/0xb0
[   48.357151][ T3970]  ? hrtimer_init+0x104/0x1f0
[   48.361865][ T3970]  ? swiotlb_dev_init+0x19/0x30
[   48.366740][ T3970]  ? swiotlb_dev_init+0x19/0x30
[   48.371709][ T3970]  ? device_initialize+0x1fe/0x210
[   48.376842][ T3970]  __serio_register_port+0xfb/0x1d0
[   48.382064][ T3970]  serport_ldisc_read+0x1e4/0x2e0
[   48.387168][ T3970]  tty_read+0x155/0x460
[   48.391362][ T3970]  do_iter_readv_writev+0x394/0x450
[   48.396585][ T3970]  vfs_readv+0x1df/0x660
[   48.400871][ T3970]  ? proc_fail_nth_write+0x12a/0x150
[   48.406282][ T3970]  do_readv+0xf4/0x220
[   48.410361][ T3970]  __x64_sys_readv+0x45/0x50
[   48.415105][ T3970]  x64_sys_call+0x2c34/0x2dc0
[   48.419798][ T3970]  do_syscall_64+0xc9/0x1c0
[   48.424327][ T3970]  ? clear_bhb_loop+0x55/0xb0
[   48.429084][ T3970]  ? clear_bhb_loop+0x55/0xb0
[   48.433871][ T3970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.439994][ T3970] RIP: 0033:0x7faea14f5d29
[   48.444482][ T3970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.464287][ T3970] RSP: 002b:00007fae9fb61038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[   48.472784][ T3970] RAX: ffffffffffffffda RBX: 00007faea16e5fa0 RCX: 00007faea14f5d29
[   48.480781][ T3970] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: 0000000000000003
[   48.488870][ T3970] RBP: 00007fae9fb61090 R08: 0000000000000000 R09: 0000000000000000
[   48.496874][ T3970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.504881][ T3970] R13: 0000000000000000 R14: 00007faea16e5fa0 R15: 00007ffe2bd95a98
[   48.513110][ T3970]  </TASK>
[   48.516751][ T3970] serio: Serial port ptm0
[   48.612405][   T29] audit: type=1400 audit(1735608410.185:301): avc:  denied  { create } for  pid=3972 comm="syz.3.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   48.633084][   T29] audit: type=1400 audit(1735608410.205:302): avc:  denied  { setopt } for  pid=3972 comm="syz.3.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   48.850768][ T3990] loop2: detected capacity change from 0 to 512
[   48.905910][ T3990] EXT4-fs: Ignoring removed mblk_io_submit option
[   49.021550][ T3990] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   49.033658][ T3995] FAULT_INJECTION: forcing a failure.
[   49.033658][ T3995] name failslab, interval 1, probability 0, space 0, times 0
[   49.046558][ T3995] CPU: 1 UID: 0 PID: 3995 Comm: syz.4.129 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[   49.057183][ T3995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   49.067259][ T3995] Call Trace:
[   49.070596][ T3995]  <TASK>
[   49.073604][ T3995]  dump_stack_lvl+0xf2/0x150
[   49.078223][ T3995]  dump_stack+0x15/0x1a
[   49.082414][ T3995]  should_fail_ex+0x223/0x230
[   49.087278][ T3995]  should_failslab+0x8f/0xb0
[   49.091895][ T3995]  __kmalloc_noprof+0xab/0x3f0
[   49.096676][ T3995]  ? __se_sys_memfd_create+0x230/0x5c0
[   49.102263][ T3995]  __se_sys_memfd_create+0x230/0x5c0
[   49.107665][ T3995]  __x64_sys_memfd_create+0x31/0x40
[   49.112956][ T3995]  x64_sys_call+0x2d4c/0x2dc0
[   49.117644][ T3995]  do_syscall_64+0xc9/0x1c0
[   49.122158][ T3995]  ? clear_bhb_loop+0x55/0xb0
[   49.126873][ T3995]  ? clear_bhb_loop+0x55/0xb0
[   49.131559][ T3995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.137497][ T3995] RIP: 0033:0x7faea14f5d29
[   49.141917][ T3995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.161817][ T3995] RSP: 002b:00007fae9fb60e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   49.170356][ T3995] RAX: ffffffffffffffda RBX: 00000000000004ee RCX: 00007faea14f5d29
[   49.178418][ T3995] RDX: 00007fae9fb60ef0 RSI: 0000000000000000 RDI: 00007faea1572469
[   49.186413][ T3995] RBP: 0000000020000c40 R08: 00007fae9fb60bb7 R09: 00007fae9fb60e40
[   49.194487][ T3995] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000500
[   49.202481][ T3995] R13: 00007fae9fb60ef0 R14: 00007fae9fb60eb0 R15: 0000000020000700
[   49.210541][ T3995]  </TASK>
[   49.265534][ T3998] loop3: detected capacity change from 0 to 1024
[   49.279367][ T3998] EXT4-fs: test_dummy_encryption option not supported
[   49.288182][ T3990] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   49.297326][ T3990] System zones: 1-12
[   49.303582][ T3990] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.128: corrupted in-inode xattr: e_value size too large
[   49.344673][ T3990] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.128: couldn't read orphan inode 15 (err -117)
[   49.357611][ T3990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.378254][ T4008] loop0: detected capacity change from 0 to 164
[   49.398904][ T3990] Falling back ldisc for ttyS3.
[   49.403371][ T4008] syz.0.134: attempt to access beyond end of device
[   49.403371][ T4008] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   49.430410][ T4008] syz.0.134: attempt to access beyond end of device
[   49.430410][ T4008] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[   49.462338][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.705737][ T4022] lo speed is unknown, defaulting to 1000
[   49.712048][ T4022] lo speed is unknown, defaulting to 1000
[   50.284130][ T4029] loop0: detected capacity change from 0 to 512
[   50.291613][ T4029] EXT4-fs: Ignoring removed mblk_io_submit option
[   50.299446][ T4029] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   50.308514][ T4029] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   50.318050][ T4029] System zones: 1-12
[   50.322763][ T4029] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.140: corrupted in-inode xattr: e_value size too large
[   50.330771][ T4034] syz.3.142[4034] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.336926][ T4034] syz.3.142[4034] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.337161][ T4029] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.140: couldn't read orphan inode 15 (err -117)
[   50.350350][ T4034] syz.3.142[4034] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.366314][ T4035] loop1: detected capacity change from 0 to 1024
[   50.385467][ T4029] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.390072][ T4035] EXT4-fs: test_dummy_encryption option not supported
[   50.436774][ T4029] Falling back ldisc for ttyS3.
[   50.499992][ T4040] loop3: detected capacity change from 0 to 512
[   50.506705][ T4040] EXT4-fs: Ignoring removed mblk_io_submit option
[   50.514724][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.525203][ T4040] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   50.557782][ T4040] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   50.568962][ T4052] loop1: detected capacity change from 0 to 512
[   50.577196][ T4054] loop4: detected capacity change from 0 to 164
[   50.584267][ T4040] System zones: 1-12
[   50.588957][ T4052] EXT4-fs: Ignoring removed mblk_io_submit option
[   50.597792][ T4040] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.145: corrupted in-inode xattr: e_value size too large
[   50.597907][ T4054] syz.4.150: attempt to access beyond end of device
[   50.597907][ T4054] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   50.616909][ T4052] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   50.634441][ T4040] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.145: couldn't read orphan inode 15 (err -117)
[   50.643188][ T4044] loop2: detected capacity change from 0 to 1024
[   50.648347][ T4040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.668821][ T4052] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   50.677046][ T4052] System zones: 1-12
[   50.682579][ T4052] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.148: corrupted in-inode xattr: e_value size too large
[   50.704482][ T4040] Falling back ldisc for ttyS3.
[   50.709989][ T4044] EXT4-fs: test_dummy_encryption option not supported
[   50.755841][ T4052] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.148: couldn't read orphan inode 15 (err -117)
[   50.768409][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.771014][ T4044] SELinux:  policydb version 128 does not match my version range 15-33
[   50.779441][ T4052] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.785864][ T4044] SELinux: failed to load policy
[   50.849561][ T4052] Falling back ldisc for ttyS3.
[   50.877949][ T4062] lo speed is unknown, defaulting to 1000
[   50.884694][ T4062] lo speed is unknown, defaulting to 1000
[   50.995721][ T4065] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4065 comm=syz.3.152
[   51.064338][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.089947][ T4065] netlink: 'syz.3.152': attribute type 1 has an invalid length.
[   51.168390][ T4065] 8021q: adding VLAN 0 to HW filter on device bond1
[   51.204436][ T4065] syz.3.152[4065] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.204539][ T4065] syz.3.152[4065] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.215985][ T4065] syz.3.152[4065] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.244675][ T4065] kernel read not supported for file /policy (pid: 4065 comm: syz.3.152)
[   51.303949][ T4074] syz.3.155[4074] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.304021][ T4074] syz.3.155[4074] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.315579][ T4074] syz.3.155[4074] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.366627][ T4077] loop2: detected capacity change from 0 to 512
[   51.385351][ T4077] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   51.418459][   T29] kauditd_printk_skb: 72 callbacks suppressed
[   51.418511][   T29] audit: type=1400 audit(1735608412.985:375): avc:  denied  { bind } for  pid=4080 comm="syz.0.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   51.443897][   T29] audit: type=1400 audit(1735608412.985:376): avc:  denied  { name_bind } for  pid=4080 comm="syz.0.158" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[   51.464620][   T29] audit: type=1400 audit(1735608412.985:377): avc:  denied  { node_bind } for  pid=4080 comm="syz.0.158" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[   51.487537][   T29] audit: type=1400 audit(1735608413.035:378): avc:  denied  { listen } for  pid=4080 comm="syz.0.158" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   51.508402][   T29] audit: type=1400 audit(1735608413.035:379): avc:  denied  { create } for  pid=4080 comm="syz.0.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   51.528329][   T29] audit: type=1400 audit(1735608413.035:380): avc:  denied  { bind } for  pid=4080 comm="syz.0.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   51.547691][   T29] audit: type=1400 audit(1735608413.035:381): avc:  denied  { name_bind } for  pid=4080 comm="syz.0.158" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   51.562752][ T4077] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.569961][   T29] audit: type=1400 audit(1735608413.035:382): avc:  denied  { node_bind } for  pid=4080 comm="syz.0.158" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[   51.582133][ T4077] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.603646][   T29] audit: type=1400 audit(1735608413.035:383): avc:  denied  { write } for  pid=4080 comm="syz.0.158" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   51.635229][   T29] audit: type=1400 audit(1735608413.035:384): avc:  denied  { connect } for  pid=4080 comm="syz.0.158" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   51.660250][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.692916][ T4092] loop2: detected capacity change from 0 to 512
[   51.699525][ T4092] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.706918][ T4092] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   51.716373][ T4092] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   51.724554][ T4092] System zones: 1-12
[   51.728786][ T4092] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.161: corrupted in-inode xattr: e_value size too large
[   51.747196][ T4092] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.161: couldn't read orphan inode 15 (err -117)
[   51.768996][ T4092] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.800247][ T4092] Falling back ldisc for ttyS3.
[   51.819378][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.842150][ T4102] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4102 comm=syz.4.165
[   51.855087][ T4102] netlink: 'syz.4.165': attribute type 1 has an invalid length.
[   51.861380][ T4104] syz.2.166[4104] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.863290][ T4104] syz.2.166[4104] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.871405][ T4102] 8021q: adding VLAN 0 to HW filter on device bond1
[   51.894894][ T4104] syz.2.166[4104] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.902958][ T4102] bond1: (slave ip6gretap1): making interface the new active one
[   51.922922][ T4102] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   51.930816][ T4102] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   51.938842][ T4102] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[   51.951788][ T3514] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   51.978863][ T4102] syz.4.165[4102] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.979843][ T3437] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   52.026705][ T4102] kernel read not supported for file /policy (pid: 4102 comm: syz.4.165)
[   52.113985][ T4114] loop4: detected capacity change from 0 to 512
[   52.127639][ T4114] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.169: corrupted in-inode xattr: invalid ea_ino
[   52.143609][ T4114] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.169: couldn't read orphan inode 15 (err -117)
[   52.158825][ T4114] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.177643][ T4109] loop2: detected capacity change from 0 to 1024
[   52.187967][ T4109] EXT4-fs: test_dummy_encryption option not supported
[   52.247287][ T4120] loop3: detected capacity change from 0 to 164
[   52.254142][ T4114] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[   52.284093][ T4109] SELinux:  policydb version 128 does not match my version range 15-33
[   52.293257][ T4109] SELinux: failed to load policy
[   52.312078][ T4120] bio_check_eod: 1 callbacks suppressed
[   52.312094][ T4120] syz.3.170: attempt to access beyond end of device
[   52.312094][ T4120] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   52.333630][ T4120] syz.3.170: attempt to access beyond end of device
[   52.333630][ T4120] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   52.459114][ T3437] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   52.477861][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.567920][ T4123] lo speed is unknown, defaulting to 1000
[   52.574316][ T4123] lo speed is unknown, defaulting to 1000
[   52.663489][ T3512] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   52.954942][ T4136] loop1: detected capacity change from 0 to 2048
[   52.964763][ T4134] loop0: detected capacity change from 0 to 2048
[   52.990243][ T4136]  loop1: p1 < > p4
[   52.995334][ T4136] loop1: p4 size 8388608 extends beyond EOD, truncated
[   53.010332][ T4134]  loop0: p1 < > p4
[   53.017341][ T4134] loop0: p4 size 8388608 extends beyond EOD, truncated
[   53.048691][ T4140] loop1: detected capacity change from 0 to 512
[   53.056828][ T4140] EXT4-fs: Ignoring removed mblk_io_submit option
[   53.066144][ T4140] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   53.075348][ T4140] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   53.082510][ T3938] udevd[3938]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   53.084173][ T4140] System zones: 1-12
[   53.097289][ T3290] udevd[3290]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   53.140425][ T4140] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.176: corrupted in-inode xattr: e_value size too large
[   53.181155][ T4140] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.176: couldn't read orphan inode 15 (err -117)
[   53.194168][ T4140] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.207868][ T3503] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   53.220152][ T4147] loop3: detected capacity change from 0 to 4096
[   53.237200][ T4149] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4149 comm=syz.2.179
[   53.247618][ T4140] Falling back ldisc for ttyS3.
[   53.250003][ T4149] netlink: 'syz.2.179': attribute type 1 has an invalid length.
[   53.271840][ T4147] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.300300][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.309541][ T4149] 8021q: adding VLAN 0 to HW filter on device bond1
[   53.344164][ T4156] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4156 comm=syz.1.181
[   53.368943][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.386544][ T4154] bond1: (slave ip6gretap1): making interface the new active one
[   53.396312][ T4156] netlink: 'syz.1.181': attribute type 1 has an invalid length.
[   53.454269][ T4154] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   53.462195][ T4154] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   53.473085][ T4149] kernel read not supported for file /policy (pid: 4149 comm: syz.2.179)
[   53.482500][ T4154] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[   53.504600][ T4156] 8021q: adding VLAN 0 to HW filter on device bond1
[   53.564104][ T4160] bond1: (slave ip6gretap1): making interface the new active one
[   53.572751][ T4160] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   53.581038][ T4160] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[   53.639292][ T4167] random: crng reseeded on system resumption
[   53.646108][ T4156] kernel read not supported for file /policy (pid: 4156 comm: syz.1.181)
[   53.756071][ T4159] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.812703][ T4159] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.902271][ T4159] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.121908][ T4183] SELinux:  Context system_u:object_r:hwclock_exec_t:s0 is not valid (left unmapped).
[   54.352729][ T4159] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.374004][ T4185] loop2: detected capacity change from 0 to 512
[   54.391488][ T4185] EXT4-fs: Ignoring removed mblk_io_submit option
[   54.398550][ T4185] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   54.408500][ T4185] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   54.417992][ T4185] System zones: 1-12
[   54.423385][ T4185] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.188: corrupted in-inode xattr: e_value size too large
[   54.427945][ T4159] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.440169][ T4185] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.188: couldn't read orphan inode 15 (err -117)
[   54.448934][ T4159] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   54.469070][ T4159] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   54.479562][ T4185] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.480859][ T4159] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   54.544256][ T4185] Falling back ldisc for ttyS3.
[   54.565056][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.598525][ T4191] loop2: detected capacity change from 0 to 164
[   54.622105][ T4191] syz.2.190: attempt to access beyond end of device
[   54.622105][ T4191] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   54.636532][ T4191] syz.2.190: attempt to access beyond end of device
[   54.636532][ T4191] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[   54.888441][ T4208] lo speed is unknown, defaulting to 1000
[   54.894900][ T4208] lo speed is unknown, defaulting to 1000
[   55.005185][ T4211] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   55.162909][ T4211] netlink: 24 bytes leftover after parsing attributes in process `syz.4.195'.
[   55.334169][ T4223] loop0: detected capacity change from 0 to 1024
[   55.341514][ T4223] EXT4-fs: test_dummy_encryption option not supported
[   55.376033][ T4216] SELinux:  policydb version 128 does not match my version range 15-33
[   55.386305][ T4216] SELinux: failed to load policy
[   55.403585][ T4221] loop4: detected capacity change from 0 to 1024
[   55.411902][ T4221] EXT4-fs: test_dummy_encryption option not supported
[   55.505404][ T4226] SELinux:  policydb version 128 does not match my version range 15-33
[   55.526201][ T4226] SELinux: failed to load policy
[   55.567663][ T4231] loop2: detected capacity change from 0 to 512
[   55.577937][ T4231] EXT4-fs: Ignoring removed mblk_io_submit option
[   55.587856][ T4231] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   55.603947][ T4231] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   55.619813][ T4231] System zones: 1-12
[   55.624239][ T4231] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.202: corrupted in-inode xattr: e_value size too large
[   55.639703][ T4231] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.202: couldn't read orphan inode 15 (err -117)
[   55.652278][ T4231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.669683][ T4231] Falling back ldisc for ttyS3.
[   55.685797][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.905893][ T4245] mmap: syz.3.205 (4245) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   55.933578][ T4245] loop3: detected capacity change from 0 to 512
[   55.940647][ T4245] =======================================================
[   55.940647][ T4245] WARNING: The mand mount option has been deprecated and
[   55.940647][ T4245]          and is ignored by this kernel. Remove the mand
[   55.940647][ T4245]          option from the mount to silence this warning.
[   55.940647][ T4245] =======================================================
[   56.104318][ T4245] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.214773][ T4245] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.233765][ T4245] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[   56.245248][ T4253] siw: device registration error -23
[   56.263598][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.273151][ T4255] bridge_slave_0: left allmulticast mode
[   56.278858][ T4255] bridge_slave_0: left promiscuous mode
[   56.284739][ T4255] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.295950][ T4255] bridge_slave_1: left allmulticast mode
[   56.301706][ T4255] bridge_slave_1: left promiscuous mode
[   56.307400][ T4255] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.321826][ T4253] loop4: detected capacity change from 0 to 128
[   56.340553][ T4260] loop0: detected capacity change from 0 to 512
[   56.352418][ T4255] bond0: (slave bond_slave_0): Releasing backup interface
[   56.362276][ T4260] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.210: corrupted in-inode xattr: invalid ea_ino
[   56.379740][ T4260] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.210: couldn't read orphan inode 15 (err -117)
[   56.381003][ T4255] bond0: (slave bond_slave_1): Releasing backup interface
[   56.381335][ T4260] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.398469][ T4255] team0: Port device team_slave_0 removed
[   56.405688][ T4253] syz.4.207: attempt to access beyond end of device
[   56.405688][ T4253] loop4: rw=34817, sector=97, nr_sectors = 32 limit=128
[   56.441858][ T4255] team0: Port device team_slave_1 removed
[   56.442990][ T4255] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.443091][ T4255] batman_adv: batadv0: Removing interface: batadv_slave_0
[   56.458658][ T4255] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.458693][ T4255] batman_adv: batadv0: Removing interface: batadv_slave_1
[   56.466141][   T29] kauditd_printk_skb: 349 callbacks suppressed
[   56.466157][   T29] audit: type=1326 audit(1735608418.035:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.3.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54ab835d29 code=0x7ffc0000
[   56.466238][   T29] audit: type=1326 audit(1735608418.035:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.3.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54ab835d29 code=0x7ffc0000
[   56.471334][   T29] audit: type=1326 audit(1735608418.035:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.3.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f54ab835d29 code=0x7ffc0000
[   56.558443][   T29] audit: type=1326 audit(1735608418.035:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.3.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54ab835d29 code=0x7ffc0000
[   56.581844][   T29] audit: type=1326 audit(1735608418.035:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.3.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54ab835d29 code=0x7ffc0000
[   56.605135][   T29] audit: type=1326 audit(1735608418.035:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.3.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f54ab835d29 code=0x7ffc0000
[   56.628513][   T29] audit: type=1326 audit(1735608418.045:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.3.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54ab835d29 code=0x7ffc0000
[   56.652053][   T29] audit: type=1326 audit(1735608418.045:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.3.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54ab835d29 code=0x7ffc0000
[   56.675992][   T29] audit: type=1326 audit(1735608418.045:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54ab835d29 code=0x7ffc0000
[   56.676577][ T4255] bond1: (slave ip6gretap1): Releasing active interface
[   56.698580][   T29] audit: type=1326 audit(1735608418.045:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54ab835d29 code=0x7ffc0000
[   56.814160][ T4253] netlink: 20 bytes leftover after parsing attributes in process `syz.4.207'.
[   56.823230][ T4271] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4271 comm=syz.2.211
[   56.845798][ T4271] netlink: 'syz.2.211': attribute type 1 has an invalid length.
[   56.856493][ T4273] Zero length message leads to an empty skb
[   56.860915][ T4271] 8021q: adding VLAN 0 to HW filter on device bond2
[   56.882186][ T4271] bpf_get_probe_write_proto: 6 callbacks suppressed
[   56.882276][ T4271] syz.2.211[4271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.889105][ T4271] syz.2.211[4271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.889324][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.900412][ T4271] syz.2.211[4271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.950530][ T4271] kernel read not supported for file /policy (pid: 4271 comm: syz.2.211)
[   57.033956][ T4278] loop0: detected capacity change from 0 to 512
[   57.040744][ T4278] EXT4-fs: Ignoring removed mblk_io_submit option
[   57.047975][ T4278] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   57.063570][ T4278] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   57.072051][ T4278] System zones: 1-12
[   57.078800][ T4278] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.213: corrupted in-inode xattr: e_value size too large
[   57.102203][ T4278] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.213: couldn't read orphan inode 15 (err -117)
[   57.116499][ T4286] loop4: detected capacity change from 0 to 512
[   57.132839][ T4286] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.216: corrupted in-inode xattr: invalid ea_ino
[   57.153076][ T4278] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.166582][ T4286] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.216: couldn't read orphan inode 15 (err -117)
[   57.180490][ T4286] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.208606][ T4278] Falling back ldisc for ttyS3.
[   57.240794][ T4286] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[   57.268782][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.289299][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.324182][ T4291] FAULT_INJECTION: forcing a failure.
[   57.324182][ T4291] name failslab, interval 1, probability 0, space 0, times 0
[   57.337068][ T4291] CPU: 0 UID: 0 PID: 4291 Comm: syz.4.218 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[   57.347714][ T4291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   57.357974][ T4291] Call Trace:
[   57.361361][ T4291]  <TASK>
[   57.364363][ T4291]  dump_stack_lvl+0xf2/0x150
[   57.369010][ T4291]  dump_stack+0x15/0x1a
[   57.373213][ T4291]  should_fail_ex+0x223/0x230
[   57.378028][ T4291]  should_failslab+0x8f/0xb0
[   57.382676][ T4291]  kmem_cache_alloc_node_noprof+0x59/0x320
[   57.388623][ T4291]  ? __alloc_skb+0x10b/0x310
[   57.393255][ T4291]  __alloc_skb+0x10b/0x310
[   57.397714][ T4291]  netlink_alloc_large_skb+0xad/0xe0
[   57.403039][ T4291]  netlink_sendmsg+0x3b4/0x6e0
[   57.407867][ T4291]  ? __pfx_netlink_sendmsg+0x10/0x10
[   57.413200][ T4291]  __sock_sendmsg+0x140/0x180
[   57.418026][ T4291]  ____sys_sendmsg+0x312/0x410
[   57.422836][ T4291]  __sys_sendmmsg+0x227/0x4b0
[   57.427576][ T4291]  __x64_sys_sendmmsg+0x57/0x70
[   57.432447][ T4291]  x64_sys_call+0x29aa/0x2dc0
[   57.437281][ T4291]  do_syscall_64+0xc9/0x1c0
[   57.441887][ T4291]  ? clear_bhb_loop+0x55/0xb0
[   57.446618][ T4291]  ? clear_bhb_loop+0x55/0xb0
[   57.451421][ T4291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.457374][ T4291] RIP: 0033:0x7faea14f5d29
[   57.461880][ T4291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.481908][ T4291] RSP: 002b:00007fae9fb61038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   57.490377][ T4291] RAX: ffffffffffffffda RBX: 00007faea16e5fa0 RCX: 00007faea14f5d29
[   57.498422][ T4291] RDX: 04000000000001f2 RSI: 0000000020000000 RDI: 0000000000000003
[   57.506424][ T4291] RBP: 00007fae9fb61090 R08: 0000000000000000 R09: 0000000000000000
[   57.514515][ T4291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.522520][ T4291] R13: 0000000000000000 R14: 00007faea16e5fa0 R15: 00007ffe2bd95a98
[   57.530530][ T4291]  </TASK>
[   57.541181][ T4292] loop0: detected capacity change from 0 to 1024
[   57.569685][ T4292] EXT4-fs: test_dummy_encryption option not supported
[   57.596031][ T4292] SELinux:  policydb version 128 does not match my version range 15-33
[   57.604426][ T4292] SELinux: failed to load policy
[   57.612625][ T4299] loop4: detected capacity change from 0 to 512
[   57.641323][ T4299] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.654113][ T4299] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.680151][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.703589][ T4303] loop4: detected capacity change from 0 to 164
[   57.719368][ T4303] syz.4.221: attempt to access beyond end of device
[   57.719368][ T4303] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   57.734231][ T4303] syz.4.221: attempt to access beyond end of device
[   57.734231][ T4303] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[   57.814287][ T4308] lo speed is unknown, defaulting to 1000
[   57.820514][ T4308] lo speed is unknown, defaulting to 1000
[   57.919065][ T4315] netlink: 28 bytes leftover after parsing attributes in process `syz.3.226'.
[   57.929857][    C1] ip6_tnl_xmit_ctl: 27 callbacks suppressed
[   57.929884][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   57.964546][ T4319] loop3: detected capacity change from 0 to 512
[   57.971564][ T4319] EXT4-fs: Ignoring removed mblk_io_submit option
[   57.981357][ T3410] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   57.981423][ T4319] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   57.999550][ T4319] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   58.007720][ T4319] System zones: 1-12
[   58.012845][ T4319] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.228: corrupted in-inode xattr: e_value size too large
[   58.027118][ T4319] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.228: couldn't read orphan inode 15 (err -117)
[   58.040728][ T4319] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.065023][ T4319] Falling back ldisc for ttyS3.
[   58.100781][ T3480] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   58.122584][ T4329] loop1: detected capacity change from 0 to 164
[   58.123303][ T4328] loop2: detected capacity change from 0 to 1024
[   58.137065][ T4328] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   58.144384][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.147403][ T4328] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   58.166118][ T4328] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   58.174283][ T4328] EXT4-fs (loop2): orphan cleanup on readonly fs
[   58.181446][ T4328] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   58.197311][ T4329] syz.1.231: attempt to access beyond end of device
[   58.197311][ T4329] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   58.211509][ T4329] syz.1.231: attempt to access beyond end of device
[   58.211509][ T4329] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   58.226484][ T4328] EXT4-fs (loop2): Remounting filesystem read-only
[   58.233541][ T4328] EXT4-fs (loop2): 1 orphan inode deleted
[   58.242368][ T4334] FAULT_INJECTION: forcing a failure.
[   58.242368][ T4334] name failslab, interval 1, probability 0, space 0, times 0
[   58.255140][ T4334] CPU: 0 UID: 0 PID: 4334 Comm: syz.3.232 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[   58.265765][ T4334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   58.275845][ T4334] Call Trace:
[   58.279155][ T4334]  <TASK>
[   58.282116][ T4334]  dump_stack_lvl+0xf2/0x150
[   58.286842][ T4334]  dump_stack+0x15/0x1a
[   58.291105][ T4334]  should_fail_ex+0x223/0x230
[   58.295823][ T4334]  should_failslab+0x8f/0xb0
[   58.300527][ T4334]  __kmalloc_node_noprof+0xad/0x410
[   58.305785][ T4334]  ? __kvmalloc_node_noprof+0x72/0x170
[   58.311289][ T4334]  __kvmalloc_node_noprof+0x72/0x170
[   58.316620][ T4334]  xt_alloc_table_info+0x3d/0x80
[   58.321652][ T4334]  do_ipt_set_ctl+0x66f/0x8b0
[   58.326362][ T4334]  nf_setsockopt+0x195/0x1b0
[   58.331078][ T4334]  ip_setsockopt+0xea/0x100
[   58.335621][ T4334]  udp_setsockopt+0x95/0xb0
[   58.340177][ T4334]  sock_common_setsockopt+0x64/0x80
[   58.345422][ T4334]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   58.351604][ T4334]  __sys_setsockopt+0x187/0x200
[   58.356540][ T4334]  __x64_sys_setsockopt+0x66/0x80
[   58.361604][ T4334]  x64_sys_call+0x282e/0x2dc0
[   58.366350][ T4334]  do_syscall_64+0xc9/0x1c0
[   58.370865][ T4334]  ? clear_bhb_loop+0x55/0xb0
[   58.375716][ T4334]  ? clear_bhb_loop+0x55/0xb0
[   58.380403][ T4334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.386358][ T4334] RIP: 0033:0x7f54ab835d29
[   58.390840][ T4334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.410462][ T4334] RSP: 002b:00007f54a9ea7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   58.418888][ T4334] RAX: ffffffffffffffda RBX: 00007f54aba25fa0 RCX: 00007f54ab835d29
[   58.427063][ T4334] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[   58.435095][ T4334] RBP: 00007f54a9ea7090 R08: 0000000000000588 R09: 0000000000000000
[   58.443150][ T4334] R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000001
[   58.451166][ T4334] R13: 0000000000000000 R14: 00007f54aba25fa0 R15: 00007ffdef197408
[   58.459169][ T4334]  </TASK>
[   58.469069][ T4328] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   58.481282][ T4328] SELinux: (dev loop2, type ext4) getxattr errno 5
[   58.488214][ T4328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.499682][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   58.531597][ T4337] lo speed is unknown, defaulting to 1000
[   58.538356][ T4337] lo speed is unknown, defaulting to 1000
[   58.688290][ T4357] syz.2.243[4357] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.688369][ T4357] syz.2.243[4357] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.701967][ T4357] syz.2.243[4357] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.713760][ T4355] bond1: (slave ip6gretap1): Releasing active interface
[   58.749368][ T4357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.243'.
[   58.759322][ T4357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.243'.
[   58.830796][ T4361] loop2: detected capacity change from 0 to 512
[   58.842630][ T4361] EXT4-fs: Ignoring removed mblk_io_submit option
[   58.852552][ T4361] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   58.872746][ T4363] x_tables: duplicate underflow at hook 1
[   58.878742][ T4361] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   58.887356][ T4361] System zones: 1-12
[   58.902817][ T4361] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.244: corrupted in-inode xattr: e_value size too large
[   58.919587][ T4361] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.244: couldn't read orphan inode 15 (err -117)
[   58.935138][ T4361] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.963089][ T4361] Falling back ldisc for ttyS3.
[   58.981071][ T4367] kernel profiling enabled (shift: 17)
[   58.989300][ T4367] lo speed is unknown, defaulting to 1000
[   58.996414][ T4367] lo speed is unknown, defaulting to 1000
[   59.003714][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.008051][ T4367] lo speed is unknown, defaulting to 1000
[   59.065876][ T4371] loop2: detected capacity change from 0 to 1024
[   59.078797][ T4374] 9pnet_fd: Insufficient options for proto=fd
[   59.095654][ T4371] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   59.116623][ T4371] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   59.119114][ T4367] infiniband s
z1: set active
[   59.131892][ T4367] infiniband s
z1: added lo
[   59.136563][ T3437] lo speed is unknown, defaulting to 1000
[   59.140530][ T4371] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   59.150597][ T4371] EXT4-fs (loop2): orphan cleanup on readonly fs
[   59.157972][ T4371] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5837: Corrupt filesystem
[   59.167904][ T4367] RDS/IB: s
z1: added
[   59.175383][ T4367] smc: adding ib device s
z1 with port count 1
[   59.182603][ T4367] smc:    ib device s
z1 port 1 has pnetid 
[   59.188614][ T3437] lo speed is unknown, defaulting to 1000
[   59.190042][ T4371] EXT4-fs (loop2): Remounting filesystem read-only
[   59.200492][ T4367] lo speed is unknown, defaulting to 1000
[   59.229920][ T4371] EXT4-fs (loop2): 1 orphan inode deleted
[   59.249261][ T4371] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   59.252483][ T4367] lo speed is unknown, defaulting to 1000
[   59.264164][ T4371] SELinux: (dev loop2, type ext4) getxattr errno 5
[   59.274147][ T4371] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.310082][ T4383] FAULT_INJECTION: forcing a failure.
[   59.310082][ T4383] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   59.323226][ T4383] CPU: 1 UID: 0 PID: 4383 Comm: syz.2.252 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[   59.333898][ T4383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   59.341816][ T4367] lo speed is unknown, defaulting to 1000
[   59.343958][ T4383] Call Trace:
[   59.343970][ T4383]  <TASK>
[   59.343981][ T4383]  dump_stack_lvl+0xf2/0x150
[   59.360738][ T4383]  dump_stack+0x15/0x1a
[   59.364989][ T4383]  should_fail_ex+0x223/0x230
[   59.369717][ T4383]  should_fail+0xb/0x10
[   59.373920][ T4383]  should_fail_usercopy+0x1a/0x20
[   59.378975][ T4383]  _copy_from_iter+0xd5/0xd00
[   59.380704][ T3410] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   59.383702][ T4383]  ? kmalloc_reserve+0x16e/0x190
[   59.383727][ T4383]  ? __build_skb_around+0x196/0x1f0
[   59.397483][ T4367] lo speed is unknown, defaulting to 1000
[   59.401644][ T4383]  ? __alloc_skb+0x21f/0x310
[   59.412041][ T4383]  ? __virt_addr_valid+0x1ed/0x250
[   59.417201][ T4383]  ? __check_object_size+0x364/0x520
[   59.422548][ T4383]  netlink_sendmsg+0x460/0x6e0
[   59.427408][ T4383]  ? __pfx_netlink_sendmsg+0x10/0x10
[   59.432744][ T4383]  __sock_sendmsg+0x140/0x180
[   59.437513][ T4383]  ____sys_sendmsg+0x312/0x410
[   59.441680][ T4367] lo speed is unknown, defaulting to 1000
[   59.442311][ T4383]  __sys_sendmsg+0x19d/0x230
[   59.452670][ T4383]  __x64_sys_sendmsg+0x46/0x50
[   59.457577][ T4383]  x64_sys_call+0x2734/0x2dc0
[   59.462284][ T4383]  do_syscall_64+0xc9/0x1c0
[   59.466820][ T4383]  ? clear_bhb_loop+0x55/0xb0
[   59.471523][ T4383]  ? clear_bhb_loop+0x55/0xb0
[   59.476232][ T4383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.482391][ T4383] RIP: 0033:0x7fb6ace35d29
[   59.486833][ T4383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.506684][ T4383] RSP: 002b:00007fb6ab4a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   59.515299][ T4383] RAX: ffffffffffffffda RBX: 00007fb6ad025fa0 RCX: 00007fb6ace35d29
[   59.523352][ T4383] RDX: 0000000000000000 RSI: 0000000020000680 RDI: 0000000000000005
[   59.531334][ T4383] RBP: 00007fb6ab4a1090 R08: 0000000000000000 R09: 0000000000000000
[   59.539340][ T4383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.547330][ T4383] R13: 0000000000000000 R14: 00007fb6ad025fa0 R15: 00007fff3c38a908
[   59.555315][ T4383]  </TASK>
[   59.606402][ T4385] batadv1: entered promiscuous mode
[   59.614527][ T4385] 8021q: adding VLAN 0 to HW filter on device batadv1
[   59.658331][ T4389] syz.0.254[4389] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.658544][ T4389] syz.0.254[4389] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.662908][ T4387] netlink: 104 bytes leftover after parsing attributes in process `syz.1.255'.
[   59.673250][ T4389] syz.0.254[4389] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.742306][ T4389] netlink: 4 bytes leftover after parsing attributes in process `syz.0.254'.
[   59.763815][ T4389] netlink: 4 bytes leftover after parsing attributes in process `syz.0.254'.
[   59.773695][ T4395] loop1: detected capacity change from 0 to 512
[   59.785950][ T4395] EXT4-fs: Ignoring removed mblk_io_submit option
[   59.803153][ T4395] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   59.855457][ T4395] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   59.865276][ T4395] System zones: 1-12
[   59.886501][ T4397] loop3: detected capacity change from 0 to 2048
[   59.896408][ T4395] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.257: corrupted in-inode xattr: e_value size too large
[   59.934707][ T4395] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.257: couldn't read orphan inode 15 (err -117)
[   59.963246][ T4395] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.964412][ T4403] siw: device registration error -23
[   59.996682][ T4397] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.997705][ T4395] Falling back ldisc for ttyS3.
[   60.034822][ T4403] loop2: detected capacity change from 0 to 128
[   60.061420][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.091870][ T4403] syz.2.260: attempt to access beyond end of device
[   60.091870][ T4403] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[   60.109933][ T4403] netlink: 20 bytes leftover after parsing attributes in process `syz.2.260'.
[   60.176831][ T4414] loop0: detected capacity change from 0 to 128
[   60.200408][ T4420] netlink: 8 bytes leftover after parsing attributes in process `syz.1.265'.
[   60.209287][ T4420] netlink: 84 bytes leftover after parsing attributes in process `syz.1.265'.
[   60.225749][ T4420] loop1: detected capacity change from 0 to 512
[   60.226611][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.233079][ T4420] EXT4-fs: Ignoring removed mblk_io_submit option
[   60.248848][ T4420] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   60.259358][ T4414] syz.0.263: attempt to access beyond end of device
[   60.259358][ T4414] loop0: rw=34817, sector=97, nr_sectors = 32 limit=128
[   60.274389][ T4420] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   60.298173][ T4414] netlink: 20 bytes leftover after parsing attributes in process `syz.0.263'.
[   60.304570][ T4420] System zones: 1-12
[   60.329980][ T4420] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.265: corrupted in-inode xattr: e_value size too large
[   60.369566][ T4420] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.265: couldn't read orphan inode 15 (err -117)
[   60.444525][ T4431] syz.3.268[4431] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.508501][ T4436] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4436 comm=syz.1.271
[   60.535460][ T4436] netlink: 'syz.1.271': attribute type 1 has an invalid length.
[   60.545114][ T4437] netlink: 104 bytes leftover after parsing attributes in process `syz.3.269'.
[   60.552440][ T4436] 8021q: adding VLAN 0 to HW filter on device bond2
[   60.590461][ T3480] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   60.603332][ T4440] loop3: detected capacity change from 0 to 512
[   60.610134][ T4440] EXT4-fs: Ignoring removed mblk_io_submit option
[   60.619952][ T4440] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   60.647113][ T4436] kernel read not supported for file /policy (pid: 4436 comm: syz.1.271)
[   60.678888][ T4440] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   60.686968][ T4440] System zones: 1-12
[   60.691991][ T4451] FAULT_INJECTION: forcing a failure.
[   60.691991][ T4451] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.702029][ T4440] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.273: corrupted in-inode xattr: e_value size too large
[   60.705273][ T4451] CPU: 0 UID: 0 PID: 4451 Comm: syz.1.275 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[   60.729661][ T4451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   60.739746][ T4451] Call Trace:
[   60.743049][ T4451]  <TASK>
[   60.743957][ T4440] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.273: couldn't read orphan inode 15 (err -117)
[   60.745991][ T4451]  dump_stack_lvl+0xf2/0x150
[   60.762688][ T4451]  dump_stack+0x15/0x1a
[   60.766881][ T4451]  should_fail_ex+0x223/0x230
[   60.771710][ T4451]  should_fail+0xb/0x10
[   60.775908][ T4451]  should_fail_usercopy+0x1a/0x20
[   60.781067][ T4451]  _copy_from_user+0x1e/0xb0
[   60.785702][ T4451]  memdup_user+0x64/0xc0
[   60.790051][ T4451]  strndup_user+0x68/0xa0
[   60.794426][ T4451]  __se_sys_mount+0x4e/0x2d0
[   60.799157][ T4451]  ? fput+0x1c4/0x200
[   60.803200][ T4451]  ? ksys_write+0x176/0x1b0
[   60.807806][ T4451]  __x64_sys_mount+0x67/0x80
[   60.812485][ T4451]  x64_sys_call+0x2c84/0x2dc0
[   60.817173][ T4451]  do_syscall_64+0xc9/0x1c0
[   60.821738][ T4451]  ? clear_bhb_loop+0x55/0xb0
[   60.826483][ T4451]  ? clear_bhb_loop+0x55/0xb0
[   60.831178][ T4451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.837094][ T4451] RIP: 0033:0x7f3502f45d29
[   60.841517][ T4451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.861194][ T4451] RSP: 002b:00007f35015b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   60.869618][ T4451] RAX: ffffffffffffffda RBX: 00007f3503135fa0 RCX: 00007f3502f45d29
[   60.877601][ T4451] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000
[   60.885588][ T4451] RBP: 00007f35015b7090 R08: 0000000020000340 R09: 0000000000000000
[   60.893571][ T4451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.901557][ T4451] R13: 0000000000000000 R14: 00007f3503135fa0 R15: 00007ffccd4631a8
[   60.909561][ T4451]  </TASK>
[   60.920157][ T4440] Falling back ldisc for ttyS3.
[   60.965273][ T4455] loop1: detected capacity change from 0 to 128
[   61.011929][ T4455] syz.1.277: attempt to access beyond end of device
[   61.011929][ T4455] loop1: rw=34817, sector=97, nr_sectors = 32 limit=128
[   61.026847][ T4455] netlink: 20 bytes leftover after parsing attributes in process `syz.1.277'.
[   61.037153][ T4464] loop0: detected capacity change from 0 to 164
[   61.046506][ T4464] syz.0.280: attempt to access beyond end of device
[   61.046506][ T4464] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   61.060660][ T4464] syz.0.280: attempt to access beyond end of device
[   61.060660][ T4464] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[   61.104622][ T4468] 9pnet: Could not find request transport: f
[   61.143601][ T4472] lo speed is unknown, defaulting to 1000
[   61.149982][ T4472] lo speed is unknown, defaulting to 1000
[   61.156637][ T4472] lo speed is unknown, defaulting to 1000
[   61.181241][ T4474] netlink: 104 bytes leftover after parsing attributes in process `syz.1.283'.
[   61.280007][ T4482] FAULT_INJECTION: forcing a failure.
[   61.280007][ T4482] name failslab, interval 1, probability 0, space 0, times 0
[   61.293301][ T4482] CPU: 1 UID: 0 PID: 4482 Comm: syz.2.286 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[   61.303946][ T4482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   61.314024][ T4482] Call Trace:
[   61.314477][ T4480] loop3: detected capacity change from 0 to 8192
[   61.317380][ T4482]  <TASK>
[   61.326809][ T4482]  dump_stack_lvl+0xf2/0x150
[   61.329759][ T4480] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   61.331462][ T4482]  dump_stack+0x15/0x1a
[   61.346130][ T4482]  should_fail_ex+0x223/0x230
[   61.350887][ T4482]  ? __se_sys_mount+0xf7/0x2d0
[   61.355697][ T4482]  should_failslab+0x8f/0xb0
[   61.360466][ T4482]  __kmalloc_cache_noprof+0x4e/0x320
[   61.365796][ T4482]  ? memdup_user+0x9f/0xc0
[   61.370274][ T4482]  __se_sys_mount+0xf7/0x2d0
[   61.375003][ T4482]  ? fput+0x1c4/0x200
[   61.379104][ T4482]  ? ksys_write+0x176/0x1b0
[   61.383686][ T4482]  __x64_sys_mount+0x67/0x80
[   61.388387][ T4482]  x64_sys_call+0x2c84/0x2dc0
[   61.393132][ T4482]  do_syscall_64+0xc9/0x1c0
[   61.397733][ T4482]  ? clear_bhb_loop+0x55/0xb0
[   61.402615][ T4482]  ? clear_bhb_loop+0x55/0xb0
[   61.407377][ T4482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.413331][ T4482] RIP: 0033:0x7fb6ace35d29
[   61.417776][ T4482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.437527][ T4482] RSP: 002b:00007fb6ab4a1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   61.446015][ T4482] RAX: ffffffffffffffda RBX: 00007fb6ad025fa0 RCX: 00007fb6ace35d29
[   61.454162][ T4482] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000000
[   61.462187][ T4482] RBP: 00007fb6ab4a1090 R08: 0000000020000500 R09: 0000000000000000
[   61.470268][ T4482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.478306][ T4482] R13: 0000000000000000 R14: 00007fb6ad025fa0 R15: 00007fff3c38a908
[   61.486372][ T4482]  </TASK>
[   61.537253][ T4480] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1044)
[   61.546293][ T4480] FAT-fs (loop3): Filesystem has been set read-only
[   61.554186][ T4480] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1044)
[   61.563258][ T4480] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1044)
[   61.572891][ T4485] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1044)
[   61.601356][ T4493] loop4: detected capacity change from 0 to 164
[   61.620451][ T3300] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1044)
[   61.635804][ T4493] syz.4.289: attempt to access beyond end of device
[   61.635804][ T4493] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   61.664187][ T4495] loop2: detected capacity change from 0 to 512
[   61.713078][ T4497] loop3: detected capacity change from 0 to 2048
[   61.740836][ T4495] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.291: corrupted in-inode xattr: invalid ea_ino
[   61.755650][ T4495] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.291: couldn't read orphan inode 15 (err -117)
[   61.777091][   T29] kauditd_printk_skb: 378 callbacks suppressed
[   61.777108][   T29] audit: type=1326 audit(1735608423.345:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6ace35d29 code=0x7ffc0000
[   61.807690][   T29] audit: type=1326 audit(1735608423.375:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7fb6ace35d29 code=0x7ffc0000
[   61.831312][   T29] audit: type=1326 audit(1735608423.405:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6ace35d29 code=0x7ffc0000
[   61.867976][ T4501] lo speed is unknown, defaulting to 1000
[   61.874151][ T4501] lo speed is unknown, defaulting to 1000
[   61.881191][ T4501] lo speed is unknown, defaulting to 1000
[   61.890393][   T29] audit: type=1326 audit(1735608423.425:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.2.291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6ace35d29 code=0x7ffc0000
[   61.964552][ T3484] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   61.979876][   T29] audit: type=1326 audit(1735608423.545:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4507 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   62.015932][ T4509] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   62.035245][   T29] audit: type=1326 audit(1735608423.555:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4507 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5a7f0f4690 code=0x7ffc0000
[   62.058102][   T29] audit: type=1326 audit(1735608423.575:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4507 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   62.058133][   T29] audit: type=1326 audit(1735608423.575:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4507 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   62.058172][   T29] audit: type=1326 audit(1735608423.575:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4507 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   62.058215][   T29] audit: type=1326 audit(1735608423.575:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4507 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   62.154585][ T4517] bpf_get_probe_write_proto: 8 callbacks suppressed
[   62.154607][ T4517] syz.1.297[4517] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.179900][ T4517] syz.1.297[4517] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.179974][ T4517] syz.1.297[4517] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.300864][ T4525] infiniband s
z1: set active
[   62.358761][ T3437] lo speed is unknown, defaulting to 1000
[   62.556821][ T4533] loop4: detected capacity change from 0 to 512
[   62.569247][ T4533] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.303: corrupted in-inode xattr: invalid ea_ino
[   62.584405][ T4533] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.303: couldn't read orphan inode 15 (err -117)
[   62.732423][ T4538] lo speed is unknown, defaulting to 1000
[   62.738747][ T4538] lo speed is unknown, defaulting to 1000
[   62.746846][ T4538] lo speed is unknown, defaulting to 1000
[   63.089917][ T3480] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   63.105247][ T4541] loop3: detected capacity change from 0 to 2048
[   63.121667][ T4543] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   63.137692][ T4543] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   63.211667][ T4549] loop3: detected capacity change from 0 to 512
[   63.239761][ T4549] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   63.266000][ T4549] EXT4-fs (loop3): mount failed
[   63.454995][ T4557] FAULT_INJECTION: forcing a failure.
[   63.454995][ T4557] name failslab, interval 1, probability 0, space 0, times 0
[   63.467763][ T4557] CPU: 0 UID: 0 PID: 4557 Comm: syz.2.309 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[   63.478437][ T4557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   63.488585][ T4557] Call Trace:
[   63.491874][ T4557]  <TASK>
[   63.494824][ T4557]  dump_stack_lvl+0xf2/0x150
[   63.499531][ T4557]  dump_stack+0x15/0x1a
[   63.503741][ T4557]  should_fail_ex+0x223/0x230
[   63.508492][ T4557]  should_failslab+0x8f/0xb0
[   63.513127][ T4557]  kmem_cache_alloc_noprof+0x52/0x320
[   63.518567][ T4557]  ? security_inode_alloc+0x37/0x100
[   63.523998][ T4557]  security_inode_alloc+0x37/0x100
[   63.529145][ T4557]  inode_init_always_gfp+0x4a2/0x4f0
[   63.534485][ T4557]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   63.540020][ T4557]  alloc_inode+0x82/0x160
[   63.544492][ T4557]  new_inode+0x1e/0x100
[   63.548718][ T4557]  shmem_get_inode+0x24e/0x730
[   63.553585][ T4557]  __shmem_file_setup+0x127/0x1f0
[   63.558635][ T4557]  shmem_file_setup+0x3b/0x50
[   63.563378][ T4557]  __se_sys_memfd_create+0x31d/0x5c0
[   63.568797][ T4557]  __x64_sys_memfd_create+0x31/0x40
[   63.574236][ T4557]  x64_sys_call+0x2d4c/0x2dc0
[   63.578950][ T4557]  do_syscall_64+0xc9/0x1c0
[   63.583584][ T4557]  ? clear_bhb_loop+0x55/0xb0
[   63.588345][ T4557]  ? clear_bhb_loop+0x55/0xb0
[   63.593039][ T4557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.599021][ T4557] RIP: 0033:0x7fb6ace35d29
[   63.603550][ T4557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.623231][ T4557] RSP: 002b:00007fb6ab45ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   63.631671][ T4557] RAX: ffffffffffffffda RBX: 00000000000002b2 RCX: 00007fb6ace35d29
[   63.639655][ T4557] RDX: 00007fb6ab45eef0 RSI: 0000000000000000 RDI: 00007fb6aceb2469
[   63.647645][ T4557] RBP: 00000000200006c0 R08: 00007fb6ab45ebb7 R09: 00007fb6ab45ee40
[   63.655654][ T4557] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000980
[   63.663688][ T4557] R13: 00007fb6ab45eef0 R14: 00007fb6ab45eeb0 R15: 0000000020000f40
[   63.671757][ T4557]  </TASK>
[   63.737516][ T4558] vhci_hcd: invalid port number 254
[   63.769237][ T4560] loop4: detected capacity change from 0 to 512
[   63.775992][ T4560] EXT4-fs: Ignoring removed i_version option
[   63.801496][ T4560] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a856c018, mo2=0002]
[   63.810317][ T4560] System zones: 0-2, 18-18, 34-35
[   63.816771][ T4560] ext4 filesystem being mounted at /65/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.829247][ T4560] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[   63.846198][ T4560] netlink: 24 bytes leftover after parsing attributes in process `syz.4.310'.
[   63.889204][ T4565] pim6reg1: entered promiscuous mode
[   63.894773][ T4565] pim6reg1: entered allmulticast mode
[   63.980318][ T4569] loop4: detected capacity change from 0 to 164
[   63.988806][ T4569] bio_check_eod: 1 callbacks suppressed
[   63.988821][ T4569] syz.4.312: attempt to access beyond end of device
[   63.988821][ T4569] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   64.008486][ T4569] syz.4.312: attempt to access beyond end of device
[   64.008486][ T4569] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[   64.060763][ T4571] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4571 comm=syz.3.313
[   64.074053][ T4571] netlink: 'syz.3.313': attribute type 1 has an invalid length.
[   64.099357][ T4571] 8021q: adding VLAN 0 to HW filter on device bond2
[   64.128919][ T4571] bond2: (slave ip6gretap1): making interface the new active one
[   64.137873][ T4571] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   64.145719][ T4571] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   64.154665][ T4571] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[   64.169840][ T3410] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   64.180263][ T4571] syz.3.313[4571] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.180377][ T4571] syz.3.313[4571] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.191759][ T4571] syz.3.313[4571] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.192302][ T4573] lo speed is unknown, defaulting to 1000
[   64.220287][ T4573] lo speed is unknown, defaulting to 1000
[   64.226404][ T4573] lo speed is unknown, defaulting to 1000
[   64.246607][ T3437] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   64.261743][ T4576] loop2: detected capacity change from 0 to 512
[   64.277138][ T4571] kernel read not supported for file /policy (pid: 4571 comm: syz.3.313)
[   64.382585][ T4583] ref_ctr_offset mismatch. inode: 0x144 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82
[   64.396370][ T4576] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.314: corrupted in-inode xattr: invalid ea_ino
[   64.427484][ T4585] syz.3.316[4585] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.427589][ T4585] syz.3.316[4585] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.431528][ T4583] loop0: detected capacity change from 0 to 2048
[   64.440087][ T4576] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.314: couldn't read orphan inode 15 (err -117)
[   64.450239][ T4585] syz.3.316[4585] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.501931][ T4583]  loop0: p1 < > p2 p3 < p5 >
[   64.518027][ T4583] loop0: partition table partially beyond EOD, truncated
[   64.547406][ T4583] loop0: p1 start 4278190080 is beyond EOD, truncated
[   64.554312][ T4583] loop0: p2 start 16908288 is beyond EOD, truncated
[   64.572758][ T4583] loop0: p5 start 16908288 is beyond EOD, truncated
[   64.725780][ T3514] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   64.761316][ T1105] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[   64.768668][ T3000]  loop0: p1 < > p2 p3 < p5 >
[   64.773861][ T3000] loop0: partition table partially beyond EOD, truncated
[   64.795588][ T3000] loop0: p1 start 4278190080 is beyond EOD, truncated
[   64.802448][ T3000] loop0: p2 start 16908288 is beyond EOD, truncated
[   64.858075][ T3000] loop0: p5 start 16908288 is beyond EOD, truncated
[   64.962252][ T4593] bond2: (slave ip6gretap1): Releasing active interface
[   65.031794][ T4597] loop3: detected capacity change from 0 to 2048
[   65.285992][ T4616] loop1: detected capacity change from 0 to 1024
[   65.298736][ T4616] EXT4-fs: test_dummy_encryption option not supported
[   65.347639][ T4624] loop0: detected capacity change from 0 to 2048
[   65.354684][ T4627] syz.1.330[4627] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.436778][ T4634] loop1: detected capacity change from 0 to 164
[   65.467670][ T4636] netlink: 4 bytes leftover after parsing attributes in process `syz.4.332'.
[   65.545662][ T4634] syz.1.331: attempt to access beyond end of device
[   65.545662][ T4634] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   65.621758][ T4634] syz.1.331: attempt to access beyond end of device
[   65.621758][ T4634] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   66.003042][ T4657] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   66.043259][ T4660] bond1: (slave ip6gretap1): Releasing active interface
[   66.069064][ T4662] 9pnet: Could not find request transport: fd0xffffffffffffffff
[   66.074046][ T4634] lo speed is unknown, defaulting to 1000
[   66.082951][ T4664] loop2: detected capacity change from 0 to 2048
[   66.097671][ T4634] lo speed is unknown, defaulting to 1000
[   66.117209][ T4634] lo speed is unknown, defaulting to 1000
[   67.320559][ T4690] loop1: detected capacity change from 0 to 164
[   67.343043][ T4690] syz.1.346: attempt to access beyond end of device
[   67.343043][ T4690] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   67.357980][ T4690] syz.1.346: attempt to access beyond end of device
[   67.357980][ T4690] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[   67.413935][ T4692] bridge0: port 1(vlan2) entered blocking state
[   67.420342][ T4692] bridge0: port 1(vlan2) entered disabled state
[   67.431485][ T4692] vlan2: entered allmulticast mode
[   67.444464][ T4692] vlan2: left allmulticast mode
[   67.498403][ T4685] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[   67.528257][   T29] kauditd_printk_skb: 558 callbacks suppressed
[   67.528273][   T29] audit: type=1400 audit(1735608429.095:1681): avc:  denied  { ioctl } for  pid=4698 comm="syz.4.350" path="/dev/mISDNtimer" dev="devtmpfs" ino=249 ioctlcmd=0x4940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   67.586867][ T4700] loop4: detected capacity change from 0 to 1024
[   67.608834][ T4697] lo speed is unknown, defaulting to 1000
[   67.615126][ T4701] loop3: detected capacity change from 0 to 1024
[   67.616339][ T4700] EXT4-fs: Ignoring removed nobh option
[   67.627266][ T4700] EXT4-fs: Ignoring removed nomblk_io_submit option
[   67.636050][   T29] audit: type=1400 audit(1735608429.155:1682): avc:  denied  { remount } for  pid=4698 comm="syz.4.350" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   67.661979][ T4701] EXT4-fs: test_dummy_encryption option not supported
[   67.662068][ T4697] lo speed is unknown, defaulting to 1000
[   67.670924][ T4700] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   67.713224][ T4697] lo speed is unknown, defaulting to 1000
[   67.728109][   T29] audit: type=1400 audit(1735608429.295:1683): avc:  denied  { remount } for  pid=4698 comm="syz.4.350" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   67.748978][   T29] audit: type=1326 audit(1735608429.305:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   67.749015][   T29] audit: type=1326 audit(1735608429.305:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   67.749076][   T29] audit: type=1326 audit(1735608429.305:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5a7f0f4690 code=0x7ffc0000
[   67.749100][   T29] audit: type=1326 audit(1735608429.305:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   67.749124][   T29] audit: type=1326 audit(1735608429.305:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   67.749182][   T29] audit: type=1326 audit(1735608429.305:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   67.749224][   T29] audit: type=1326 audit(1735608429.305:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4709 comm="+" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7f0f5d29 code=0x7ffc0000
[   67.749778][ T4700] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[   67.897213][ T4717] loop3: detected capacity change from 0 to 512
[   67.905202][ T4717] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.355: corrupted in-inode xattr: invalid ea_ino
[   67.923448][ T4718] bpf_get_probe_write_proto: 2 callbacks suppressed
[   67.923498][ T4718] syz.4.354[4718] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.957648][ T4717] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.355: couldn't read orphan inode 15 (err -117)
[   68.035738][ T4723] loop4: detected capacity change from 0 to 164
[   68.072355][ T4723] syz.4.356: attempt to access beyond end of device
[   68.072355][ T4723] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   68.086742][ T4723] syz.4.356: attempt to access beyond end of device
[   68.086742][ T4723] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[   68.294589][ T4728] netlink: 8 bytes leftover after parsing attributes in process `syz.0.360'.
[   68.303589][ T4728] netlink: 84 bytes leftover after parsing attributes in process `syz.0.360'.
[   68.324556][ T4728] loop0: detected capacity change from 0 to 512
[   68.483366][ T4728] EXT4-fs: Ignoring removed mblk_io_submit option
[   68.492775][ T4728] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   68.502326][ T4728] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   68.512135][ T4728] System zones: 1-12
[   68.517395][ T4728] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.360: corrupted in-inode xattr: e_value size too large
[   68.533407][ T4728] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.360: couldn't read orphan inode 15 (err -117)
[   68.559657][ T4737] lo speed is unknown, defaulting to 1000
[   68.565852][ T4737] lo speed is unknown, defaulting to 1000
[   68.572074][ T4737] lo speed is unknown, defaulting to 1000
[   68.697784][ T4741] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.804737][ T4752] loop0: detected capacity change from 0 to 512
[   68.886710][ T4759] loop3: detected capacity change from 0 to 1024
[   68.894881][ T4759] EXT4-fs: test_dummy_encryption option not supported
[   68.928547][ T4752] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.366: corrupted in-inode xattr: invalid ea_ino
[   68.964173][ T4741] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.065452][ T4752] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.366: couldn't read orphan inode 15 (err -117)
[   69.164569][ T4741] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.227546][ T4741] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.251833][ T4768] loop3: detected capacity change from 0 to 512
[   69.260008][ T4768] EXT4-fs: dax option not supported
[   69.274394][ T4766] loop0: detected capacity change from 0 to 512
[   69.291367][ T4770] loop4: detected capacity change from 0 to 164
[   69.315350][ T4766] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.369: corrupted in-inode xattr: invalid ea_ino
[   69.336990][ T4766] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.369: couldn't read orphan inode 15 (err -117)
[   69.350343][ T4770] syz.4.370: attempt to access beyond end of device
[   69.350343][ T4770] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   69.365866][ T4770] syz.4.370: attempt to access beyond end of device
[   69.365866][ T4770] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[   69.389075][ T4741] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.401183][ T4741] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.413238][ T4741] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.425112][ T4741] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.543322][ T4775] siw: device registration error -23
[   69.799488][ T4781] siw: device registration error -23
[   69.819308][ T4781] loop2: detected capacity change from 0 to 128
[   69.884777][ T4773] lo speed is unknown, defaulting to 1000
[   69.891081][ T4773] lo speed is unknown, defaulting to 1000
[   69.902002][ T4773] lo speed is unknown, defaulting to 1000
[   69.937760][ T4781] syz.2.374: attempt to access beyond end of device
[   69.937760][ T4781] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[   69.952397][ T4787] syz.1.375 uses obsolete (PF_INET,SOCK_PACKET)
[   69.963227][ T4781] netlink: 20 bytes leftover after parsing attributes in process `syz.2.374'.
[   69.969732][ T3302] EXT4-fs unmount: 31 callbacks suppressed
[   69.969781][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.135603][ T4794] loop2: detected capacity change from 0 to 1024
[   70.184780][ T4794] EXT4-fs: test_dummy_encryption option not supported
[   70.208079][ T4801] loop1: detected capacity change from 0 to 512
[   70.243070][ T4801] EXT4-fs: Ignoring removed i_version option
[   70.283597][ T4801] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.306927][ T4807] syzkaller0: entered promiscuous mode
[   70.312598][ T4807] syzkaller0: entered allmulticast mode
[   70.318566][ T4801] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.352897][ T4801] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.379: Failed to acquire dquot type 0
[   70.896712][ T4833] netlink: 12 bytes leftover after parsing attributes in process `syz.0.388'.
[   70.916339][ T4848] loop2: detected capacity change from 0 to 512
[   70.925702][ T4848] EXT4-fs: dax option not supported
[   70.946565][ T4833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.388'.
[   70.955989][ T4833] netlink: 'syz.0.388': attribute type 21 has an invalid length.
[   71.034324][ T4855] FAULT_INJECTION: forcing a failure.
[   71.034324][ T4855] name failslab, interval 1, probability 0, space 0, times 0
[   71.047241][ T4855] CPU: 1 UID: 0 PID: 4855 Comm: syz.0.392 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[   71.057092][ T4857] loop3: detected capacity change from 0 to 512
[   71.057848][ T4855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   71.069156][ T4857] EXT4-fs (loop3): invalid journal inode
[   71.074237][ T4855] Call Trace:
[   71.074249][ T4855]  <TASK>
[   71.074259][ T4855]  dump_stack_lvl+0xf2/0x150
[   71.085909][ T4857] EXT4-fs (loop3): can't get journal size
[   71.086187][ T4855]  dump_stack+0x15/0x1a
[   71.100776][ T4855]  should_fail_ex+0x223/0x230
[   71.101660][ T4857] EXT4-fs (loop3): 1 truncate cleaned up
[   71.105556][ T4855]  should_failslab+0x8f/0xb0
[   71.111718][ T4857] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.115766][ T4855]  kmem_cache_alloc_node_noprof+0x59/0x320
[   71.133597][ T4855]  ? dup_task_struct+0x6c/0x710
[   71.138560][ T4855]  dup_task_struct+0x6c/0x710
[   71.143276][ T4855]  ? mod_objcg_state+0x2ea/0x4f0
[   71.148244][ T4855]  copy_process+0x3a9/0x1f90
[   71.152870][ T4855]  ? __pfx_io_wq_worker+0x10/0x10
[   71.157925][ T4855]  create_io_thread+0x9e/0xd0
[   71.162640][ T4855]  ? __pfx_io_wq_worker+0x10/0x10
[   71.167732][ T4855]  create_io_worker+0xe9/0x330
[   71.172521][ T4855]  io_wq_enqueue+0x35f/0x440
[   71.177218][ T4855]  ? __pfx_io_wq_work_match_item+0x10/0x10
[   71.183049][ T4855]  io_queue_iowq+0x248/0x380
[   71.187710][ T4855]  io_req_task_submit+0x8d/0xc0
[   71.192592][ T4855]  ? __pfx_io_req_task_submit+0x10/0x10
[   71.198258][ T4855]  __io_run_local_work+0x2a8/0x560
[   71.199488][ T4860] siw: device registration error -23
[   71.203420][ T4855]  __se_sys_io_uring_enter+0xaf0/0x1ba0
[   71.214350][ T4855]  ? __rcu_read_unlock+0x4e/0x70
[   71.219321][ T4855]  ? proc_fail_nth_write+0x12a/0x150
[   71.224797][ T4855]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   71.230528][ T4855]  ? ksys_write+0x176/0x1b0
[   71.235058][ T4855]  __x64_sys_io_uring_enter+0x78/0x90
[   71.240496][ T4855]  x64_sys_call+0xb5e/0x2dc0
[   71.245183][ T4855]  do_syscall_64+0xc9/0x1c0
[   71.249811][ T4855]  ? clear_bhb_loop+0x55/0xb0
[   71.254563][ T4855]  ? clear_bhb_loop+0x55/0xb0
[   71.259267][ T4855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.265271][ T4855] RIP: 0033:0x7f5a7f0f5d29
[   71.269707][ T4855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.289659][ T4855] RSP: 002b:00007f5a7d761038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   71.298084][ T4855] RAX: ffffffffffffffda RBX: 00007f5a7f2e5fa0 RCX: 00007f5a7f0f5d29
[   71.306160][ T4855] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000003
[   71.314142][ T4855] RBP: 00007f5a7d761090 R08: 0000000000000000 R09: 0000000000000000
[   71.322151][ T4855] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001
[   71.330160][ T4855] R13: 0000000000000000 R14: 00007f5a7f2e5fa0 R15: 00007ffddd870258
[   71.338211][ T4855]  </TASK>
[   71.353508][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.440396][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.453866][ T4863] loop3: detected capacity change from 0 to 1024
[   71.462213][ T4863] EXT4-fs: test_dummy_encryption option not supported
[   71.493280][ T4873] syz.1.397[4873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.493366][ T4873] syz.1.397[4873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.504836][ T4873] syz.1.397[4873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.573240][ T4879] loop4: detected capacity change from 0 to 1024
[   71.592598][ T4879] EXT4-fs: test_dummy_encryption option not supported
[   71.613081][ T4879] SELinux:  policydb version 128 does not match my version range 15-33
[   71.621510][ T4879] SELinux: failed to load policy
[   71.803887][ T4890] tipc: Withdrawal distribution failure
[   71.862468][ T4893] loop0: detected capacity change from 0 to 512
[   71.879096][ T4893] EXT4-fs: Ignoring removed mblk_io_submit option
[   71.894082][ T4893] ==================================================================
[   71.902305][ T4893] BUG: KCSAN: data-race in __filemap_add_folio / filemap_write_and_wait_range
[   71.911192][ T4893] 
[   71.913530][ T4893] read-write to 0xffff888100630570 of 8 bytes by task 3938 on cpu 0:
[   71.921609][ T4893]  __filemap_add_folio+0x430/0x6f0
[   71.926758][ T4893]  filemap_add_folio+0x9c/0x1b0
[   71.931650][ T4893]  page_cache_ra_unbounded+0x177/0x310
[   71.937147][ T4893]  page_cache_sync_ra+0x252/0x670
[   71.942230][ T4893]  filemap_get_pages+0x2c1/0x10e0
[   71.947289][ T4893]  filemap_read+0x221/0x6a0
[   71.951840][ T4893]  blkdev_read_iter+0x20e/0x2c0
[   71.956762][ T4893]  vfs_read+0x5dc/0x700
[   71.960967][ T4893]  ksys_read+0xe8/0x1b0
[   71.965163][ T4893]  __x64_sys_read+0x42/0x50
[   71.969702][ T4893]  x64_sys_call+0x2874/0x2dc0
[   71.974608][ T4893]  do_syscall_64+0xc9/0x1c0
[   71.979150][ T4893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.985091][ T4893] 
[   71.987424][ T4893] read to 0xffff888100630570 of 8 bytes by task 4893 on cpu 1:
[   71.994982][ T4893]  filemap_write_and_wait_range+0x59/0x360
[   72.000929][ T4893]  set_blocksize+0x1d3/0x270
[   72.005558][ T4893]  sb_min_blocksize+0x63/0xe0
[   72.010447][ T4893]  ext4_fill_super+0x38b/0x3a10
[   72.015340][ T4893]  get_tree_bdev_flags+0x29f/0x310
[   72.020497][ T4893]  get_tree_bdev+0x1f/0x30
[   72.024955][ T4893]  ext4_get_tree+0x1c/0x30
[   72.029406][ T4893]  vfs_get_tree+0x56/0x1e0
[   72.033895][ T4893]  do_new_mount+0x227/0x690
[   72.038443][ T4893]  path_mount+0x49b/0xb30
[   72.042811][ T4893]  __se_sys_mount+0x27c/0x2d0
[   72.047519][ T4893]  __x64_sys_mount+0x67/0x80
[   72.052132][ T4893]  x64_sys_call+0x2c84/0x2dc0
[   72.056819][ T4893]  do_syscall_64+0xc9/0x1c0
[   72.061337][ T4893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.067254][ T4893] 
[   72.070187][ T4893] value changed: 0x0000000000000001 -> 0x0000000000000002
[   72.077295][ T4893] 
[   72.079624][ T4893] Reported by Kernel Concurrency Sanitizer on:
[   72.085783][ T4893] CPU: 1 UID: 0 PID: 4893 Comm: syz.0.404 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
[   72.096381][ T4893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   72.106448][ T4893] ==================================================================
[   72.117033][ T4893] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   72.127343][ T4893] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   72.135554][ T4893] System zones: 1-12
[   72.139713][ T4893] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.404: corrupted in-inode xattr: e_value size too large
[   72.153895][ T4893] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.404: couldn't read orphan inode 15 (err -117)
[   72.166263][ T4893] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.185644][ T4893] Falling back ldisc for ttyS3.
[   72.202085][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.