last executing test programs:

23.665047093s ago: executing program 0 (id=134):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000016c0)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)

23.548382395s ago: executing program 0 (id=135):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="14017c0000"], 0x14}, 0x1, 0x0, 0x0, 0x488c4}, 0xc000)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)='cpuset.mem_hardwall\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_config_ext={0x9, 0xfffffffffffffffa}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="5402"], 0x69)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0x60, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0x14, 0x4, [0x4, 0x15, 0x3ff, 0x2]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x4}, @SEG6_ATTR_DST={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xe8a}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x9, 0xffff8000]}]}, 0x60}, 0x1, 0x0, 0x0, 0x840}, 0x20008800)
openat$incfs(r0, &(0x7f0000000040)='.pending_reads\x00', 0x40000, 0x200)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080))
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="14017c0000"], 0x14}, 0x1, 0x0, 0x0, 0x488c4}, 0xc000) (async)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)='cpuset.mem_hardwall\x00', 0x2, 0x0) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_config_ext={0x9, 0xfffffffffffffffa}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8) (async)
write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="5402"], 0x69) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0x60, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0x14, 0x4, [0x4, 0x15, 0x3ff, 0x2]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x4}, @SEG6_ATTR_DST={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xe8a}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x9, 0xffff8000]}]}, 0x60}, 0x1, 0x0, 0x0, 0x840}, 0x20008800) (async)
openat$incfs(r0, &(0x7f0000000040)='.pending_reads\x00', 0x40000, 0x200) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x210}) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080)) (async)

23.322107199s ago: executing program 0 (id=138):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000080)})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mlockall(0x5)

23.041565195s ago: executing program 0 (id=141):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01010000000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a30000000004c000000060a010400000000000000000100000024000480200001800700010072740000140002800800014000000009080002400000000408000b40000000000900010073797a3000"], 0xd4}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x8}}, [@NFT_MSG_DELCHAIN={0x108, 0x5, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_CHAIN_COUNTERS={0x10, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x80}]}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x35ce738f}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x48, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'syzkaller1\x00'}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0_to_team\x00'}, @NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_DEV={0x14, 0x3, 'bond_slave_1\x00'}]}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_COUNTERS={0x64, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_COUNTER_BYTES={0xc}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x5}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x101}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xffffffffffffffff}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x100000000}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0xd}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x130}}, 0x4050000)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0xfffffc99}, 0x1, 0x0, 0x0, 0x40001}, 0x4000000)
listen(r2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x43)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r4, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r2}, 0x20)
sendmmsg$inet6(r2, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)}}], 0x56, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000140)='./file0\x00', 0x101c08a, &(0x7f0000000a00)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c6e6f6e756d7461696c3d302c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c757466383d302c756e695f786c6174653d312c756e695f786c6174653d302c666c7573682c757466383d302c726f6469722c747a3d5554432c00e696e27e745267d0e7f7d60cf64c4d116172285e0a94b37c3f04b4e454913b1615b6c103a4be033c3f79c81a7a0dc9f3282eb2b984b8df829f11f7b15ceaa2ddb341548691e92d41d923144fa5f6aa8b37c7698e74a04d87cb16f3c338160646d1719f9aa1097cb78032fa4c9c60c14840662537510c0ac9f95a646f5231c0c9eb096b898803099b3050797137354ed2fb2a3dd97ad790f0758b4561eb7180b4b366c9ac840ca3d57727827ab961af0bb24ac6b14796d3bedfa4addb1c2f59217a563ca0a3729d45669905a6f0f3dbf3fd22ab36dfe7cf80913ecb4656ca"], 0x6, 0x2c8, &(0x7f0000002500)="$eJzs3b+LHHUUAPA3d7O74w/YLaxEcEALq5BLa7NBEhCvMmyhFnqYBOR2ERI48AeOqcTOxtK/QBD8H2xt7CwF/wA7IwRGZnbmdtZM9u7k9sTc59PkZb7vzffN7HA3V9y7D15aHN7O4+6Dz3+LLEtiZxrTeJjEJHai9WWsmX4TAMD/2cOyjD/KpZ7lX79+Ql0SEdmWewMAtuOE7/+NdBX+eCFtAQBbdOudd9+6vr9/4+08z+Lm4qujWfWTffXvcv363fgo5nEnrsY4HkXULwqDqN8WqvBmWZZFmlcm8eqiOJpVlYv3f27O/9PzTbAX45jU0fHbRl3/5v6NvXypU19UfTzb7D+t9r8W43jhuHit/lpPfcyG8dornf6vxDh++TA+jnncrptY1X+xl+dvlN/++dl7VXtVfVIczUZ13kq5225eXODnAwAAAAAAAAAAAAAAAAAAAADA0+lKMztnFPX8nupQM39n91H1n0Hkrcn6fJ5lfdKeqDsfqCzLoozv2vk6V/M8L5vEVX0aL6bdwYIAAAAAAAAAAAAAAAAAAABwed3/5NPDg/n8zr1zCdppAGlE/HUr4t+eZ9o58nJsTh41ex7M5ztNuJ6Tdo/EbpuTRGxso7qIc7otJwXPPNZzE3z/Q29VuvbBpdFZyk7edNC/13kG7dN1eJD038PRcc/Z8iGpB0GscoZxyr2GT1oq4yyP37B3aXzmax8+VwfFhpxINjX2+u/LO9ccSf55FcP6rvaWD5qgU76ek53qeY5sWf7414rEtA4AAAAAAAAAAAAAAAAAANiq1W//9iw+2Fi6U4621hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXKjV3/8/Q1A0xadIHsa9+//xJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAJ/B0AAP//eWdglQ==")
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(0xffffffffffffffff, 0x0, 0x4000840)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
chown(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)=ANY=[@ANYBLOB="8dfda5cbc0ed64501d01a074360ceb102b6bb864f69ff642fda46f1036f3d25959f6d9ff0e9eb3d4356ae1b44b4bd5bc21e9f77a07991149652f331b72b9b2cf103222d106e1fd834df6c268cbe0e16d422d8f912e4dc66e56e174dc9e28178973d1767dcdd042af", @ANYRES16, @ANYBLOB="010000000000000000001200000008000800000000000800090000000000180001801400020076657468305f746f5f626f6e640000000800070000000000080006"], 0x4c}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000140)=[{&(0x7f00000001c0)="580000001400192340834b80040d8c560a067f0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c10000000010000000000", 0x58}], 0x1)

22.539794924s ago: executing program 0 (id=142):
r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="00000000bd1ec7e290797fec5800000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd60c439a7001806ffff010000000000000000000000000001200100000000000000000000000000020000000000000000000000000000000000004e2100004e24"], 0x0)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x44f0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='io\x00')
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SIOCPNENABLEPIPE(r3, 0x89ed, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, &(0x7f0000000200), &(0x7f0000000240)=r5}, 0x20)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x40000)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r7, 0x40086602, &(0x7f0000000080)={@id={0x2, 0x0, @d}})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r7, 0x40086602, &(0x7f0000000080)={@desc={0x84c00, 0x0, @desc2}})
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="300ebf153915d8ec30faf4023ca2e1a9", 0x10, r8)
mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000040), 0x214004, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB='\x00', @ANYRESHEX=r3, @ANYBLOB=',\x00'])

22.24200183s ago: executing program 0 (id=148):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="00000000bd1ec7e290797fec5800000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd60c439a7001806ffff010000000000000000000000000001200100000000000000000000000000020000000000000000000000000000000000004e2100004e24"], 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x44f0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='io\x00')
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SIOCPNENABLEPIPE(r4, 0x89ed, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r5}, &(0x7f0000000200), &(0x7f0000000240)=r6}, 0x20)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x40000)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x40086602, &(0x7f0000000080)={@id={0x2, 0x0, @d}})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x40086602, &(0x7f0000000080)={@desc={0x84c00, 0x0, @desc2}})

22.2352403s ago: executing program 32 (id=148):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="00000000bd1ec7e290797fec5800000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd60c439a7001806ffff010000000000000000000000000001200100000000000000000000000000020000000000000000000000000000000000004e2100004e24"], 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x44f0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='io\x00')
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SIOCPNENABLEPIPE(r4, 0x89ed, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r5}, &(0x7f0000000200), &(0x7f0000000240)=r6}, 0x20)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x40000)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x40086602, &(0x7f0000000080)={@id={0x2, 0x0, @d}})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x40086602, &(0x7f0000000080)={@desc={0x84c00, 0x0, @desc2}})

21.433118726s ago: executing program 3 (id=160):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000800), r2)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x30, r3, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x2, 0x1, 0x3, 0x5}}}}, 0x30}, 0x1, 0x0, 0x0, 0x400c091}, 0xd840)

21.358641357s ago: executing program 3 (id=161):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)

21.316922538s ago: executing program 3 (id=162):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000800), r2)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x30, r3, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x2, 0x1, 0x3, 0x5}}}}, 0x30}, 0x1, 0x0, 0x0, 0x400c091}, 0xd840) (fail_nth: 3)

21.262012399s ago: executing program 3 (id=163):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01010000000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a30000000004c000000060a010400000000000000000100000024000480200001800700010072740000140002800800014000000009080002400000000408000b40000000000900010073797a3000"], 0xd4}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x8}}, [@NFT_MSG_DELCHAIN={0x108, 0x5, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_CHAIN_COUNTERS={0x10, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x80}]}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x35ce738f}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x48, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'syzkaller1\x00'}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0_to_team\x00'}, @NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_DEV={0x14, 0x3, 'bond_slave_1\x00'}]}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_COUNTERS={0x64, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_COUNTER_BYTES={0xc}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x5}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x101}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xffffffffffffffff}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x100000000}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0xd}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x130}}, 0x4050000)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0xfffffc99}, 0x1, 0x0, 0x0, 0x40001}, 0x4000000)
listen(r2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x43)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r4, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r2}, 0x20)
sendmmsg$inet6(r2, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)}}], 0x56, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000140)='./file0\x00', 0x101c08a, &(0x7f0000000a00)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c6e6f6e756d7461696c3d302c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c757466383d302c756e695f786c6174653d312c756e695f786c6174653d302c666c7573682c757466383d302c726f6469722c747a3d5554432c00e696e27e745267d0e7f7d60cf64c4d116172285e0a94b37c3f04b4e454913b1615b6c103a4be033c3f79c81a7a0dc9f3282eb2b984b8df829f11f7b15ceaa2ddb341548691e92d41d923144fa5f6aa8b37c7698e74a04d87cb16f3c338160646d1719f9aa1097cb78032fa4c9c60c14840662537510c0ac9f95a646f5231c0c9eb096b898803099b3050797137354ed2fb2a3dd97ad790f0758b4561eb7180b4b366c9ac840ca3d57727827ab961af0bb24ac6b14796d3bedfa4addb1c2f59217a563ca0a3729d45669905a6f0f3dbf3fd22ab36dfe7cf80913ecb4656ca"], 0x6, 0x2c8, &(0x7f0000002500)="$eJzs3b+LHHUUAPA3d7O74w/YLaxEcEALq5BLa7NBEhCvMmyhFnqYBOR2ERI48AeOqcTOxtK/QBD8H2xt7CwF/wA7IwRGZnbmdtZM9u7k9sTc59PkZb7vzffN7HA3V9y7D15aHN7O4+6Dz3+LLEtiZxrTeJjEJHai9WWsmX4TAMD/2cOyjD/KpZ7lX79+Ql0SEdmWewMAtuOE7/+NdBX+eCFtAQBbdOudd9+6vr9/4+08z+Lm4qujWfWTffXvcv363fgo5nEnrsY4HkXULwqDqN8WqvBmWZZFmlcm8eqiOJpVlYv3f27O/9PzTbAX45jU0fHbRl3/5v6NvXypU19UfTzb7D+t9r8W43jhuHit/lpPfcyG8dornf6vxDh++TA+jnncrptY1X+xl+dvlN/++dl7VXtVfVIczUZ13kq5225eXODnAwAAAAAAAAAAAAAAAAAAAADA0+lKMztnFPX8nupQM39n91H1n0Hkrcn6fJ5lfdKeqDsfqCzLoozv2vk6V/M8L5vEVX0aL6bdwYIAAAAAAAAAAAAAAAAAAABwed3/5NPDg/n8zr1zCdppAGlE/HUr4t+eZ9o58nJsTh41ex7M5ztNuJ6Tdo/EbpuTRGxso7qIc7otJwXPPNZzE3z/Q29VuvbBpdFZyk7edNC/13kG7dN1eJD038PRcc/Z8iGpB0GscoZxyr2GT1oq4yyP37B3aXzmax8+VwfFhpxINjX2+u/LO9ccSf55FcP6rvaWD5qgU76ek53qeY5sWf7414rEtA4AAAAAAAAAAAAAAAAAANiq1W//9iw+2Fi6U4621hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXKjV3/8/Q1A0xadIHsa9+//xJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAJ/B0AAP//eWdglQ==")
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(0xffffffffffffffff, 0x0, 0x4000840)
preadv2(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000001200)=""/4096, 0x1000}, {0x0}], 0x2, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
chown(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)=ANY=[@ANYBLOB="8dfda5cbc0ed64501d01a074360ceb102b6bb864f69ff642fda46f1036f3d25959f6d9ff0e9eb3d4356ae1b44b4bd5bc21e9f77a07991149652f331b72b9b2cf103222d106e1fd834df6c268cbe0e16d422d8f912e4dc66e56e174dc9e28178973d1767dcdd042af", @ANYRES16, @ANYBLOB="010000000000000000001200000008000800000000000800090000000000180001801400020076657468305f746f5f626f6e640000000800070000000000080006"], 0x4c}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000140)=[{&(0x7f00000001c0)="580000001400192340834b80040d8c560a067f0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c10000000010000000000", 0x58}], 0x1)

21.22428884s ago: executing program 3 (id=164):
r0 = epoll_create1(0x80000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c)
close(r3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYRES8=r0, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0x14, &(0x7f0000000380)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'tunl0\x00', <r7=>0x0})
sendto$packet(r6, &(0x7f00000003c0)="10", 0x1, 0x4000, &(0x7f0000000140)={0x11, 0xf7, r7, 0x1, 0x0, 0x6, @local}, 0x14)
read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000))

21.130527922s ago: executing program 3 (id=167):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021181500001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000ec14038030"], 0x159c}}, 0x0)

21.122894092s ago: executing program 33 (id=167):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021181500001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000ec14038030"], 0x159c}}, 0x0)

3.542311702s ago: executing program 6 (id=422):
socket$inet(0x2, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x18, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x6e80}, [@nested={0x4, 0x1}]}, 0x18}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='kmem_cache_free\x00', r1, 0x0, 0x1}, 0x18)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0)

3.390544515s ago: executing program 6 (id=427):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2, 0x0, 0x1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x1, 0x7ffc1ffb}]})
recvmmsg(0xffffffffffffffff, &(0x7f0000003100)=[{{&(0x7f0000000440)=@nfc_llcp, 0x80, &(0x7f00000007c0)=[{&(0x7f0000002080)=""/4096, 0x1000}, {&(0x7f00000006c0)}, {&(0x7f0000000900)=""/156, 0x9c}, {&(0x7f0000000b00)=""/180, 0xb4}], 0x4, &(0x7f0000005c80)=""/4096, 0x1000}, 0xe2}, {{&(0x7f00000009c0)=@generic, 0x80, &(0x7f00000010c0)=[{&(0x7f0000000bc0)=""/164, 0xa4}, {&(0x7f0000000800)}, {&(0x7f0000000c80)=""/86, 0x56}, {&(0x7f0000000d00)=""/6, 0x6}, {&(0x7f0000000d40)=""/162, 0xa2}, {&(0x7f0000000e00)=""/178, 0xb2}, {&(0x7f0000006c80)=""/4096, 0x1000}, {&(0x7f0000000ec0)=""/12, 0xc}, {&(0x7f0000000f80)=""/4, 0x4}, {&(0x7f0000000fc0)=""/250, 0xfa}], 0xa, &(0x7f0000001180)=""/176, 0xb0}, 0x6}, {{&(0x7f0000001240)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001540)=[{&(0x7f00000012c0)=""/83, 0x53}, {&(0x7f0000001440)=""/233, 0xe9}, {&(0x7f0000001340)=""/172, 0xac}], 0x3, &(0x7f0000001640)=""/181, 0xb5}, 0x6}, {{&(0x7f0000001580)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000001b40)=[{&(0x7f0000007c80)=""/4096, 0x1000}, {&(0x7f0000001700)=""/211, 0xd3}, {&(0x7f0000001800)=""/176, 0xb0}, {&(0x7f00000018c0)=""/23, 0x17}, {&(0x7f0000001900)=""/152, 0x98}, {&(0x7f00000019c0)=""/190, 0xbe}, {&(0x7f0000001a80)=""/153, 0x99}], 0x7, &(0x7f0000008c80)=""/4096, 0x1000}, 0x2}, {{&(0x7f0000001bc0), 0x80, &(0x7f0000003080)=[{&(0x7f0000001c40)=""/235, 0xeb}, {&(0x7f0000001d40)=""/29, 0x1d}, {&(0x7f0000001d80)=""/112, 0x70}, {&(0x7f0000001e00)=""/92, 0x5c}, {&(0x7f0000001e80)=""/247, 0xf7}, {&(0x7f0000001f80)=""/103, 0x67}], 0x6, &(0x7f0000002000)=""/50, 0x32}, 0x4}], 0x5, 0x20000141, &(0x7f0000003240)={0x77359400})

3.309100966s ago: executing program 6 (id=428):
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x2a5c0, 0x1c1}, 0x18)
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000040cb06f6730000000109022400010000100009040001020300020009210100000122030009058103ff03000005"], 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000240)=ANY=[], 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001500)={<r4=>0xffffffffffffffff})
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x100}, 0x0)
write(r3, &(0x7f0000000040)="3a03000018002551075c0165ff0ffc02802000030004000500e1000c0400070080000900", 0x33a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r2, 0x0, 0xf7}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000100)={'syztnl1\x00', <r5=>0x0, 0x4, 0x9, 0x1, 0x1aa, 0x9, @mcast1, @local, 0x7800, 0x7800, 0x3, 0x401}})
r6 = shmget$private(0x0, 0x2000, 0x1, &(0x7f0000ffe000/0x2000)=nil)
shmat(r6, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
shmctl$SHM_STAT(r6, 0xd, &(0x7f0000000400)=""/124)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r8 = dup(r7)
setsockopt(r4, 0x3b71, 0x9, &(0x7f0000000380)="f664954985447017275f91", 0xb)
write$P9_RLERRORu(r8, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r8, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r8, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="bcfd9d024e251172ffff00000000020000641097d20e59ac0400d200028d", @ANYRES32=r1, @ANYBLOB="0100"/20, @ANYRES32=r5, @ANYRES32=r8, @ANYBLOB="04000000010000000100"/28], 0x50)
write$binfmt_register(r0, &(0x7f0000000040)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'M', 0x3a, '^', 0x3a, './file0', 0x3a, [0x46]}, 0x2a)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101240, 0x10a)

2.277224356s ago: executing program 4 (id=462):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000200000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@abort}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x4002011, r2, 0x3000)
fallocate(r2, 0x0, 0x0, 0x1000f4)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6a000}], 0x1, 0x7000, 0x0, 0x3)

2.006419842s ago: executing program 4 (id=467):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000480)={0xa, 0x4e24, 0x8000, @local, 0x2}, 0x1c, &(0x7f00000006c0), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1400000000000000290000004304000054f0ffff0000000024000000000000fe8000000000000000000000000000bb000000000000000000", @ANYRES32, @ANYBLOB="0000000014000000000000002900000043000000ff00000000000000"], 0x58}, 0x20000080)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r2, 0x0)

1.899338954s ago: executing program 4 (id=473):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x14010, &(0x7f0000001280)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES32], 0x1, 0x11ee, &(0x7f0000003680)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x2000101c})
epoll_pwait(r1, &(0x7f0000000100)=[{}], 0x1, 0xeb, 0x0, 0x0)
epoll_pwait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x179)
pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00')
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000ed74e65bbb00"/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
getpeername$packet(r3, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000003c0)=0x14)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})

1.687884528s ago: executing program 5 (id=480):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, 0x0, &(0x7f0000000780)}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, 0x0, &(0x7f0000000380)}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'wg2\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r3, 0x0, 0x8000000000000}, 0x9)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r6 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r6, 0x2)
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r7, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r8}, 0x10)

1.027467541s ago: executing program 2 (id=491):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e0b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='kmem_cache_free\x00', r1, 0x0, 0x40000000}, 0x18)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x4001, @dev}, 0xff0f, 0x0}, 0x3000c0c5)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000100000000000100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000808500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write(0xffffffffffffffff, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r5, &(0x7f0000000040)='\f\x00', 0xffeb, 0x0, &(0x7f0000000340), 0x10)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})

1.02002432s ago: executing program 4 (id=492):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="00000000bd1ec7e290797fec5800000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd60c439a7001806ffff010000000000000000000000000001200100000000000000000000000000020000000000000000000000000000000000004e2100004e24"], 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x44f0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='io\x00')
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SIOCPNENABLEPIPE(r4, 0x89ed, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r5}, &(0x7f0000000200), &(0x7f0000000240)=r6}, 0x20)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x40000)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r8, 0x40086602, &(0x7f0000000080)={@id={0x2, 0x0, @d}})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r8, 0x40086602, &(0x7f0000000080)={@desc={0x84c00, 0x0, @desc2}})
r9 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="300ebf153915d8ec30faf4023ca2e1a9", 0x10, r9)
mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000040), 0x214004, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB='\x00', @ANYRESHEX=r4, @ANYBLOB=',\x00'])

983.324571ms ago: executing program 2 (id=493):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001a80)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close_range(r1, 0xffffffffffffffff, 0x0)

941.439022ms ago: executing program 2 (id=494):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000bb00551ab8aa000000160024", @ANYRES32=r5, @ANYRESDEC=r5], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r8 = creat(&(0x7f00000000c0)='./file0\x00', 0x9c)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r5, &(0x7f0000000100), &(0x7f0000001d00)=""/4096}, 0x20)
stat(&(0x7f0000000cc0)='./file0\x00', &(0x7f0000001c80)={0x0, 0x0, 0x0, 0x0, <r9=>0x0, <r10=>0x0})
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x200000, &(0x7f0000000180)=ANY=[], 0xfd, 0x648, &(0x7f0000002280)="$eJzs3U9v2/Ydx/EPZdlWPCwYtqEIgjT5NVkBB8sUSW4cGNlhHEXZ7CRRIOnBBgYUWWMXQeR0SzJg8aXwZX+A7gnsMvSywx7EgJ133wPYcUCx3QbsooH/bMn661S21/X9EhxS5Jf8fX+kwy9oiaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAsp16pVC01vfb2jhnPqQd+a8L8dG2LupuO3J3armTFPyqVdC2ddO3bJ7Pfiv+5rRvpuxsqxYOSDr/21jcefatYyJefkNCb0FlX+PL14bPH3e7eizkncsEea7jnKsyw4Kbb9kLfa9mbrvFC32ysr1fubzVC0/CabrgbRm7LOIFbiPzArDp3TXVjY8245V1/u71Zt5tuPvHh92qVyrp5fznb/fffL4fOltdseu3NJCaeHcc8NJ/+JA1x7ZYx+0+7e2vTkoyDqrME1aYF1Sq1WrVaq1XXH2w8WFClODDhYaVSrJyioYi5/9LiS2Z+B2/gCyrE9f/vltRUSW1ta0dm5MtRXYF8tfIpxcH5mbz+v3vfndhuf/3Pq/y1k9nXldT/m+m7m+Pq/5hcjUyywKg51pjpb/Z6qdc61DM9Vldd7enFfNZ7a34ZnuOrIG1KRclTKF+eWrK1KVcmm2K0oXWtq6IPtKWGQhk15KkpV6F2FSqSq1ayTwK5shXJVyCjVTm6K6OqNrShNRm5KmtXvrbV1qbqsvXvXq+3r6fJdl+bkKfyoOosQbUJQUPFPJvw00/S31Pq/1ddfvyaJQa4dL3s/P+Mbp1PNgAAAAAA4DxYyV/freSz+7cl9dTwmm7lstMCAAAAAABzlHzyfyMeLMZjb8sac/7fu/jcAAAAAADAfFjJNXaWpJXFbFJ+JdQsXwJYOOf0AAAAAADAHCSf/99cknrJvdduyTrT+T8AAAAAAPgS+E3fPfaL+T12e/nH+gVJYWfZ+vM/lxUsWkedne9YB3Y8xz7IYoa+ARA1rltXsxv1JoMlSck7x120Th4MYCU/pfTN5/vT7vVvBacSWFrI/3wxLYH1YvZOn+qdNOadrN0nhwUlc9JWVhpe0y07fvNRVbZ9tRC5O9Evnj/9pRQc93P/aXev/OHH3SdJLkfxpKODOI9PBtIpTMvlVXK/heSai1E9vqJG3uRv260VK2m3kvd/QfZBob+h2fr/K91OY26vpMOVw3wPJP0vxf2vlpNddtL75O4Q1kkW1dM9H7UjxmRRSrK4k8bcWb2TDvL8siy+uyDVysP7IOjPotafxfRtYf1raFtMySLeFmtxFn+JVzQmi7WzZTG0RwDgsuyfVKHkJubD99g/XXff5Cg3vbr/YLCVV7/vpRccLkjF7LOJia2UFB/RV9OYJSUH1uL1EUf0SlZXShpzRK8MVLe/JWnMWt3itv508gykLO2hLP7T6/UeVZN2f3eqqn4WL/DZ2KoaNmsL8Sa8/+rgZ8kN8GMf7X2097xWW1uvvFepPKhpMelGNqD2AABGmP6MnakR1nvHZ9VP/vFuOjZQ8b55/JWCsj7Ux+rqie7ljxC4NXqtK31fQ7g3fNYax16RTsX+YVH3xp7VJbW0b72149j8wofTZ4AnsWvnvBcAALhYt6fU4Vnq/738vHv1+sjz7sFafvoJwSNivx5Pr17shgAA4CvEDT63VqJfW0HgdT6obmxU7WjLNYHv/MgEXn3TNV47cgNny25vuqYT+JHv+E3TCbTs1d3QhNudjh9EpuEHpuOH3k7y5HeTPfo9dFt2O/KcsNN07dA1jt+ObCcydS90TGf7h00v3HKDZOGw4zpew3PsyPPbJvS3A8ctGxO6bl+gV3fbkdfw4tG26QReyw52zY/95nbLNXU3dAKvE/npCvO2vHbDD1rJasvqnflBhwAA/D96+frw2eNud+/FhJEjTY/JRpZGrfCy+wgAAAZRpQEAAAAAAAAAAAAAAAAAAAAA+N83y/V/ZxpZHHWxoHQ85edXZ1qPpXkndpaRwpsv/tcJMVeOp+Sbvz/maL69KGqG4CymOP9teEWa/bLROYx8fz/domNj4pkjZy0f74vi/P87xCPP/zhmVq/X601efHlwGy5N6uDgSFHSi6UvsAsu53gE4OL8NwAA//9PqEPf")
r11 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r11, 0x0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r8, 0x4c09, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000010180)=@newtfilter={0x3c, 0x2c, 0x2, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0xfff9, 0x2}, {0xe, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x3, 0xad}}, @TCA_RATE={0x3, 0x5, {0xf9, 0x6}}, @TCA_CHAIN={0x8, 0xb, 0x6}]}, 0x3c}}, 0x0)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r8, 0x40089413, 0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000f80)=ANY=[@ANYRESDEC, @ANYBLOB="302b6eff52a55a9c3ff89c5391ed0178b7d6df01911c727d8c7a8d340a26ff2cb8921987aab69a1fb47fa5edf3bee3d2ca09657d8f2cc07be31fc642150b9ef2713becedbcc15cb8f783369416847ab9e77cd53f9026e0c77fe6f2fbff2b1a332c4344eb249088cd52895b0e1a309825e5cf51c5cbe8a460cbe94538496111b394f5dc09b64e9dbd25085e14659cd3203fd7c10cb02800b7360fd3d69ca5eabca7c397a554c715df475d5dd4820a47", @ANYRES16=r8, @ANYRES64=r8, @ANYRESOCT, @ANYRES16=r7, @ANYBLOB="0ffe05", @ANYRES8, @ANYBLOB="e8fa88e70da1b9c76cfaf3d80659ae68eb29563234049e665da79cebc620be16778776225013943b37faa22e2cf1c8182f9f145839b2c310bbb276b81cf5e8f79bbcdaca26dc11e2aac8f915fd6f248216e714865dc635d6f0f3b375b0dbba056bdf18a7f200de6a9e995dca5fa8beda1ef93e1a9b241640634e6a6687d44c4cb189bcdfa08b86714d70495d799a713d0b284c17e515c6f31fb7427d327feaf324", @ANYBLOB="8e992400028447ab6903d457b10100c104a0b14ac8f07d96cff44ef48944010165fbcfdd", @ANYBLOB="02000200", @ANYRES32=0xee00, @ANYRES8=r11, @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda7576c2a151378b664926695450adc68e745", @ANYRESDEC=r9, @ANYRESOCT, @ANYBLOB='\b', @ANYRES32=r10, @ANYBLOB="08000300", @ANYRES32=0xee00, @ANYBLOB="080004", @ANYRES16=r10], 0x94, 0x1)
quotactl_fd$Q_GETFMT(0xffffffffffffffff, 0xffffffff80000400, r9, &(0x7f0000000040))

784.123925ms ago: executing program 5 (id=495):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001a80)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close_range(r1, 0xffffffffffffffff, 0x0)

783.828905ms ago: executing program 2 (id=496):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000200000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@abort}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x4002011, r2, 0x3000)
fallocate(r2, 0x0, 0x0, 0x1000f4)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6a000}], 0x1, 0x7000, 0x0, 0x3)

760.971976ms ago: executing program 1 (id=497):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001a80)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close_range(r1, 0xffffffffffffffff, 0x0)

745.037076ms ago: executing program 5 (id=498):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)

732.820047ms ago: executing program 4 (id=499):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_destroy(0x0)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r0}, 0x10)
r1 = semget$private(0x0, 0x20000000102, 0x0)
semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000680)=[0x7, 0x7f, 0x1, 0x9d])
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000400), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd")

720.268817ms ago: executing program 1 (id=500):
r0 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0xe000001a})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, 0xffffffffffffffff, &(0x7f0000000000))

642.765888ms ago: executing program 1 (id=501):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="3000000011140100000000000000000008004a0000000000"], 0x30}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

642.161718ms ago: executing program 5 (id=502):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x400c84, &(0x7f0000000000)={[{@sysvgroups}]}, 0x1, 0x796, &(0x7f0000000800)="$eJzs3c1rXOUaAPDnTDJJm/be5MKFe+vGgKCB0sTU2CooVFyIYKGga9shmYaaSaZkJqUJAS0iuBFUXAi66cqFH3Xn1o+t/hcuxFI1LVZcSORMzrSTZibN50xsfj84yfue98w85zmf78w5nAlg3xpM/+QijkTEu0lEfzY+iYh8rdQdcWpluttLi+PpkMTy8su/JrVpbi0tjkfDa1KHssr/I+LbtyKO5tbGrcwvTBVKpeJsVh+pTl8cqcwvHLswXZgsThZnToyOjR0/+eTJEzuX6+8/LBy+/t4Lj31x6s83/3ftne+SOBWHs7bGPLbs2dXVwRjMlkk+XYSrPL/tYHtL0ukZYEvSXbNrZS+PI9EfXbUSAPAgez0ilgGAfSZx/geAfab+PcCtpcXx+tDZbyTa68ZzEXFgJf/69c2Vlu7smt2B2nXQvlvJqisjSUQM7ED8wYj4+KtXP0uH2KnrkAAb8MaViDg3MLj2+J+suWdhsx5fp60n+z94z/g0vivQ0B5fp/2fp5r1/3J3+j/RpP/T22Tf3Ypm+/+qEQd3IMg6bnwS8UzDvW23G/LPDHRltX/V+nz55PyFUjE9tv07IoYi35vWR9eJMXTzr5ut2hr7f7+9/9qnafz0/90pcj93965+zUShWthOzo1uXIl4qDtpkn9yZ/0nLfq/ZzYY48Wn3/6oVVuaf5pvfVibf2R3J+2O5asRjzZd/3fvaEvWvT9xpLY5jNQ3iia+/PHDvlbxG9d/OqTx658F2iFd/33r5z+QNN6vWWn5Vj2tGr6/2v9Nq7b75998++9JXlkV9HKhWp0djehJXlo7/vjd114uPJyVVqZP8x96pPn+v972n34mPNdyUazWff2Xz7ee/+5K85/Y1PrffOHa7amuVvE3tv7HaqWhbMxGjn8bncHtLDsAAAAAAAAAAAAAAAAAAAAAAAAA2KhcRByOJDd8p5zLDQ+v/Ib3f6MvVypXqkfPl+dmJqL2W9kDkc/VH3XZ3/A81NHsefj1+vF76k9ExH8i4oPeg0n9OYoTHc4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOoOtfj9/9RPvZ2eOwBg1xzo9AwAAG3n/A8A+4/zPwDsPxs7/3ft+nwAAO3j8z8A7D/O/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyyM6dPp8PyH0uL42l94tL83FT50rGJYmVqeHpufHi8PHtxeLJcniwVh8fL0/d7v1K5fHEsZuYuj1SLlepIZX7h7HR5bqZ69sJ0YbJ4tphvS1YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDmV+YWpQqlUnH3gCz1Zxtt4n/y9Y5b3QF6NhXxEdCR6V7Zw98JCaHsh2RuzscOFDh6UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5B/g4AAP//vWscBg==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000380)={0x0, &(0x7f0000000340)})
setxattr$system_posix_acl(0x0, 0x0, &(0x7f0000001440)=ANY=[], 0x24, 0x3)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, &(0x7f00000001c0)}, 0x20)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
mlockall(0x7)

611.994138ms ago: executing program 1 (id=503):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x400c84, &(0x7f0000000000)={[{@sysvgroups}]}, 0x1, 0x796, &(0x7f0000000800)="$eJzs3c1rXOUaAPDnTDJJm/be5MKFe+vGgKCB0sTU2CooVFyIYKGga9shmYaaSaZkJqUJAS0iuBFUXAi66cqFH3Xn1o+t/hcuxFI1LVZcSORMzrSTZibN50xsfj84yfue98w85zmf78w5nAlg3xpM/+QijkTEu0lEfzY+iYh8rdQdcWpluttLi+PpkMTy8su/JrVpbi0tjkfDa1KHssr/I+LbtyKO5tbGrcwvTBVKpeJsVh+pTl8cqcwvHLswXZgsThZnToyOjR0/+eTJEzuX6+8/LBy+/t4Lj31x6s83/3ftne+SOBWHs7bGPLbs2dXVwRjMlkk+XYSrPL/tYHtL0ukZYEvSXbNrZS+PI9EfXbUSAPAgez0ilgGAfSZx/geAfab+PcCtpcXx+tDZbyTa68ZzEXFgJf/69c2Vlu7smt2B2nXQvlvJqisjSUQM7ED8wYj4+KtXP0uH2KnrkAAb8MaViDg3MLj2+J+suWdhsx5fp60n+z94z/g0vivQ0B5fp/2fp5r1/3J3+j/RpP/T22Tf3Ypm+/+qEQd3IMg6bnwS8UzDvW23G/LPDHRltX/V+nz55PyFUjE9tv07IoYi35vWR9eJMXTzr5ut2hr7f7+9/9qnafz0/90pcj93965+zUShWthOzo1uXIl4qDtpkn9yZ/0nLfq/ZzYY48Wn3/6oVVuaf5pvfVibf2R3J+2O5asRjzZd/3fvaEvWvT9xpLY5jNQ3iia+/PHDvlbxG9d/OqTx658F2iFd/33r5z+QNN6vWWn5Vj2tGr6/2v9Nq7b75998++9JXlkV9HKhWp0djehJXlo7/vjd114uPJyVVqZP8x96pPn+v972n34mPNdyUazWff2Xz7ee/+5K85/Y1PrffOHa7amuVvE3tv7HaqWhbMxGjn8bncHtLDsAAAAAAAAAAAAAAAAAAAAAAAAA2KhcRByOJDd8p5zLDQ+v/Ib3f6MvVypXqkfPl+dmJqL2W9kDkc/VH3XZ3/A81NHsefj1+vF76k9ExH8i4oPeg0n9OYoTHc4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOoOtfj9/9RPvZ2eOwBg1xzo9AwAAG3n/A8A+4/zPwDsPxs7/3ft+nwAAO3j8z8A7D/O/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyyM6dPp8PyH0uL42l94tL83FT50rGJYmVqeHpufHi8PHtxeLJcniwVh8fL0/d7v1K5fHEsZuYuj1SLlepIZX7h7HR5bqZ69sJ0YbJ4tphvS1YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDmV+YWpQqlUnH3gCz1Zxtt4n/y9Y5b3QF6NhXxEdCR6V7Zw98JCaHsh2RuzscOFDh6UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5B/g4AAP//vWscBg==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000380)={0x0, &(0x7f0000000340)})
setxattr$system_posix_acl(0x0, 0x0, &(0x7f0000001440)=ANY=[], 0x24, 0x3)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, &(0x7f00000001c0)}, 0x20)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
mlockall(0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r1, 0x0, 0x107}, 0x18)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x4, 0x16, 0x4, 0x90c, 0x47, @mcast1, @local, 0x1, 0x8000, 0x3, 0x66}})
open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x40, &(0x7f0000000300)='trans=rdma,')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x55, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x94}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000140), &(0x7f0000000040)='%pI4   \x00'}, 0x2a)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$kcm(0x23, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000003c0)={&(0x7f0000000000)=@phonet, 0x80, 0x0}, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)

602.847739ms ago: executing program 4 (id=504):
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, r0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x15, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0xffffffff, 0x1, 0x2, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040000}, 0x100)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000580)={0x6, {{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x32}}}, {{0x2, 0x4e23, @remote}}}, 0x108)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usbip_server_init(0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x9, [@volatile={0x0, 0x0, 0x0, 0x9, 0x3}, @var={0x7, 0x0, 0x0, 0xe, 0x1}, @func_proto={0x0, 0x0, 0x0, 0xd, 0x2}]}, {0x0, [0x5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f]}}, 0x0, 0x49}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
getpeername(0xffffffffffffffff, &(0x7f0000000340)=@pppoe={0x18, 0x0, {0x0, @random}}, &(0x7f0000000740)=0x80)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r4}, 0x9)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)

505.650701ms ago: executing program 5 (id=505):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.net/cgroup.procs\x00', 0x2, 0x128)
utimensat(r0, 0x0, 0x0, 0x0)
read$qrtrtun(r0, &(0x7f0000000000)=""/150, 0x96)

442.398092ms ago: executing program 5 (id=506):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, 0x0, &(0x7f0000000780)}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, 0x0, &(0x7f0000000380)}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'wg2\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r3, 0x0, 0x8000000000000}, 0x9)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r6 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r6, 0x2)
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r7, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r8}, 0x10)

423.606122ms ago: executing program 1 (id=507):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_destroy(0x0)
r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00"/11], 0x50)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01000000000000000000040000e41300050003030000000a0000005dc000000000010800020005000000140006"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
semget$private(0x0, 0x20000000102, 0x0)

383.841893ms ago: executing program 1 (id=508):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="030000000400000004000000"], 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
pivot_root(0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x4400, 0x0)

382.981113ms ago: executing program 2 (id=509):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="00000000bd1ec7e290797fec5800000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd60c439a7001806ffff010000000000000000000000000001200100000000000000000000000000020000000000000000000000000000000000004e2100004e24"], 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x44f0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='io\x00')
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SIOCPNENABLEPIPE(r4, 0x89ed, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r5}, &(0x7f0000000200), &(0x7f0000000240)=r6}, 0x20)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x40000)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r8, 0x40086602, &(0x7f0000000080)={@id={0x2, 0x0, @d}})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r8, 0x40086602, &(0x7f0000000080)={@desc={0x84c00, 0x0, @desc2}})
r9 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="300ebf153915d8ec30faf4023ca2e1a9", 0x10, r9)
mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000040), 0x214004, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB='\x00', @ANYRESHEX=r4, @ANYBLOB=',\x00'])

292.128475ms ago: executing program 6 (id=510):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001a80)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close_range(r1, 0xffffffffffffffff, 0x0)

249.859596ms ago: executing program 6 (id=511):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0x1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x1, 0x7ffc1ffb}]})
recvmmsg(0xffffffffffffffff, &(0x7f0000003100)=[{{&(0x7f0000000440)=@nfc_llcp, 0x80, &(0x7f00000007c0)=[{&(0x7f0000002080)=""/4096, 0x1000}, {&(0x7f00000006c0)}, {&(0x7f0000000900)=""/156, 0x9c}, {&(0x7f0000000b00)=""/180, 0xb4}], 0x4, &(0x7f0000005c80)=""/4096, 0x1000}, 0xe2}, {{&(0x7f00000009c0)=@generic, 0x80, &(0x7f00000010c0)=[{&(0x7f0000000bc0)=""/164, 0xa4}, {&(0x7f0000000800)}, {&(0x7f0000000c80)=""/86, 0x56}, {&(0x7f0000000d00)=""/6, 0x6}, {&(0x7f0000000d40)=""/162, 0xa2}, {&(0x7f0000000e00)=""/178, 0xb2}, {&(0x7f0000006c80)=""/4096, 0x1000}, {&(0x7f0000000ec0)=""/12, 0xc}, {&(0x7f0000000f80)=""/4, 0x4}, {&(0x7f0000000fc0)=""/250, 0xfa}], 0xa, &(0x7f0000001180)=""/176, 0xb0}, 0x6}, {{&(0x7f0000001240)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001540)=[{&(0x7f00000012c0)=""/83, 0x53}, {&(0x7f0000001440)=""/233, 0xe9}, {&(0x7f0000001340)=""/172, 0xac}], 0x3, &(0x7f0000001640)=""/181, 0xb5}, 0x6}, {{&(0x7f0000001580)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000001b40)=[{&(0x7f0000007c80)=""/4096, 0x1000}, {&(0x7f0000001700)=""/211, 0xd3}, {&(0x7f0000001800)=""/176, 0xb0}, {&(0x7f00000018c0)=""/23, 0x17}, {&(0x7f0000001900)=""/152, 0x98}, {&(0x7f00000019c0)=""/190, 0xbe}, {&(0x7f0000001a80)=""/153, 0x99}], 0x7, &(0x7f0000008c80)=""/4096, 0x1000}, 0x2}, {{&(0x7f0000001bc0), 0x80, &(0x7f0000003080)=[{&(0x7f0000001c40)=""/235, 0xeb}, {&(0x7f0000001d40)=""/29, 0x1d}, {&(0x7f0000001d80)=""/112, 0x70}, {&(0x7f0000001e00)=""/92, 0x5c}, {&(0x7f0000001e80)=""/247, 0xf7}, {&(0x7f0000001f80)=""/103, 0x67}], 0x6, &(0x7f0000002000)=""/50, 0x32}, 0x4}], 0x5, 0x20000141, &(0x7f0000003240)={0x77359400})

221.357706ms ago: executing program 6 (id=512):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000840), 0x10a00, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000a40)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
stat(0x0, 0x0)
write(r1, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
r2 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x3, 0x0, 0x0)
bind$inet6(r3, &(0x7f0000000280)={0xa, 0x4e22, 0xd, @loopback, 0x6}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000080)=0x40, 0x4)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
sendmmsg$inet6(r3, &(0x7f00000012c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000440)="1d3b", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000a00)="dd2f36e83faa56d51540cf7c5f58b61006c8677445bcfdd885a8c03611cf78c2", 0x20}, {&(0x7f0000000a40)="d122e32587b4d7078a1b9626feffdbe50ca1ab34e9d3a25b03bf5fb1efb3095b77b831d137d67a447c06bac419fc4e494926b999e53628d91d5bab8e181e03cdbd626c285353305ad977270ddb9c9260d8ec41cb82ec252ef6eb7cd6ceeaa3dc2722a9bb7d17ce07f1329ded096b5175077b8bd3c866e5a6d20bbbd2cfeb9693c9957632be4aada0efbb818d25e35507f19aee422f0e2dc94badb054960796fcb59789b51bd957bef3002a22aa", 0xad}, {&(0x7f0000000b00)="7efb15c0927062496a0395599b05e9b99c7e5b51ab66bc64161370f0d4eb7f30ffa4e9d06965dca5b237786e64eaa32657878d0f9d02a935f7b48bd7862216e07d355426a4d4f65aafe768af54a0b16fbda99ece25ad09b66250db5145df7a71479e0bc97fa43d3a654513321e4311da5f6859865a9d4bfad4416354c26c3b3517cc63eacd721770d30b52b57e50bb7f4b4cf9aca6c874270024bd4c29f225108fc8f2556bc4786b70888ab7622f837a3564e5cd", 0xb4}], 0x3}}], 0x2, 0x4000001)
r4 = dup(r3)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r4)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGKBDIACR(r5, 0x4bfa, &(0x7f0000000080))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r6=>0x0})
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000600)=@bpf_lsm={0x1d, 0x2f, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000005000000000000000200000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018420000050000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018290000", @ANYRES32=0x1, @ANYBLOB="002ebc2ca156254059110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000400000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000950000000000000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000010400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000065510c0001000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xeb2, 0x4f, &(0x7f0000000180)=""/79, 0x41000, 0x1, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0xf, 0x8000, 0x6}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0xffffffffffffffff, 0x1], &(0x7f00000002c0)=[{0x3, 0x2, 0x10, 0xa}, {0x3, 0x3, 0x1, 0x3}, {0x0, 0x2, 0xb, 0xb}], 0x10, 0x8}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x20, &(0x7f00000007c0)={&(0x7f00000006c0)=""/209, 0xd1, <r8=>0x0, &(0x7f00000003c0)=""/37, 0x25}}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, r7, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0xb, 0x65, &(0x7f00000001c0)=""/101, 0x41000, 0x33, '\x00', r6, @fallback=0x26, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xb, 0x7, 0x80000001}, 0x10, r8, r9, 0x6, 0x0, &(0x7f00000002c0)=[{0x4, 0x2, 0x4, 0xa}, {0x5, 0x1, 0x3, 0xc}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x100002, 0x6}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0x4}], 0x10, 0xffff34f0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000040)={0xa0000004})
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

0s ago: executing program 2 (id=513):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x14010, &(0x7f0000001280)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES32], 0x1, 0x11ee, &(0x7f0000003680)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x2000101c})
epoll_pwait(r1, &(0x7f0000000100)=[{}], 0x1, 0xeb, 0x0, 0x0)
epoll_pwait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x179)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x48)
write$binfmt_register(r3, &(0x7f0000000540)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x101, 0x3a, 'kmem_cache_free\x00', 0x3a, '\x00', 0x3a, './file0', 0x3a, [0x4f]}, 0x39)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000ed74e65bbb00"/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r4}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

ECT and fast_commit support!
[   30.209237][ T3505] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   30.230245][ T3510] loop3: detected capacity change from 0 to 256
[   30.241269][ T3510] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   30.251491][ T3510] FAT-fs (loop3): Filesystem has been set read-only
[   30.291294][ T3505] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   30.332894][ T3505] EXT4-fs (loop1): 1 truncate cleaned up
[   30.339539][ T3505] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   30.367950][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.384598][ T3508] loop4: detected capacity change from 0 to 8192
[   30.393330][ T3482] EXT4-fs (loop2): pa ffff88810711a070: logic 16, phys. 129, len 24
[   30.401736][ T3482] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   30.423673][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.453761][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.487289][ T3515] netlink: 'syz.3.16': attribute type 1 has an invalid length.
[   30.530756][ T3518] wg2: entered promiscuous mode
[   30.535691][ T3518] wg2: entered allmulticast mode
[   30.561754][ T3520] SELinux: ebitmap: truncated map
[   30.583161][    C0] hrtimer: interrupt took 35723 ns
[   30.597348][ T3520] SELinux: failed to load policy
[   30.606088][ T3523] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   30.609912][ T3520] loop1: detected capacity change from 0 to 512
[   30.629776][ T3523] SELinux: failed to load policy
[   30.648437][ T3523] loop3: detected capacity change from 0 to 512
[   30.661760][ T3520] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   30.704248][ T3525] openvswitch: netlink: Message has 6 unknown bytes.
[   30.728471][ T3523] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   30.746532][ T3520] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   30.785507][ T3522] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   30.801455][ T3523] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   30.867737][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.906823][ T3520] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #18: comm syz.1.15: corrupted inode contents
[   30.921093][ T3520] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #18: comm syz.1.15: mark_inode_dirty error
[   30.932749][ T3520] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #18: comm syz.1.15: corrupted inode contents
[   30.933790][ T3522] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   30.945064][ T3520] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #18: comm syz.1.15: mark_inode_dirty error
[   30.945140][ T3520] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #18: comm syz.1.15: mark inode dirty (error -117)
[   30.945226][ T3520] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[   30.951961][ T3520] 9pnet_fd: Insufficient options for proto=fd
[   31.021143][ T3520] syz.1.15 (3520) used greatest stack depth: 10504 bytes left
[   31.038437][ T3536] netlink: 24 bytes leftover after parsing attributes in process `syz.3.19'.
[   31.049656][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.059505][ T3536] netlink: 12 bytes leftover after parsing attributes in process `syz.3.19'.
[   31.074004][ T3536] loop3: detected capacity change from 0 to 164
[   31.080977][ T3536] iso9660: Unknown parameter '
'
[   31.152618][ T3538] netlink: 'syz.1.20': attribute type 12 has an invalid length.
[   31.209915][ T3541] loop1: detected capacity change from 0 to 512
[   31.267222][ T3536] lo speed is unknown, defaulting to 1000
[   31.273188][ T3536] lo speed is unknown, defaulting to 1000
[   31.286134][ T3536] lo speed is unknown, defaulting to 1000
[   31.292999][ T3536] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   31.318012][ T3541] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   31.327131][ T3536] lo speed is unknown, defaulting to 1000
[   31.336089][ T3541] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   31.386339][ T3536] lo speed is unknown, defaulting to 1000
[   31.392447][ T3536] lo speed is unknown, defaulting to 1000
[   31.398708][ T3536] lo speed is unknown, defaulting to 1000
[   31.404803][ T3536] lo speed is unknown, defaulting to 1000
[   31.452800][ T3545] loop3: detected capacity change from 0 to 512
[   31.491225][ T3522] syz.0.14 (3522) used greatest stack depth: 10376 bytes left
[   31.548864][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.643852][ T3545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   31.663448][ T3545] ext4 filesystem being mounted at /8/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   31.795145][ T3562] netlink: 256 bytes leftover after parsing attributes in process `syz.2.24'.
[   31.822298][ T3557] 9pnet: Could not find request transport: fd$rfdno=0x0000000000000008
[   31.866062][ T3561] loop1: detected capacity change from 0 to 1024
[   31.901093][ T3559] loop4: detected capacity change from 0 to 1024
[   31.952674][ T3561] EXT4-fs: Ignoring removed nobh option
[   31.958340][ T3561] EXT4-fs: Ignoring removed bh option
[   32.051216][ T3555] loop0: detected capacity change from 0 to 8192
[   32.095810][ T3559] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.130171][ T3561] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.195094][ T3559] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.27: Allocating blocks 385-513 which overlap fs metadata
[   32.214059][ T3561] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.25: Allocating blocks 481-513 which overlap fs metadata
[   32.342049][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.365101][ T3576] netlink: 'syz.3.28': attribute type 1 has an invalid length.
[   32.379250][ T3561] EXT4-fs (loop1): pa ffff88810711a070: logic 352, phys. 465, len 3
[   32.387440][ T3561] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   32.536577][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.560016][ T3586] netlink: 24 bytes leftover after parsing attributes in process `syz.3.34'.
[   32.576547][ T3587] netlink: 40 bytes leftover after parsing attributes in process `syz.0.31'.
[   32.589039][ T3587] loop0: detected capacity change from 0 to 512
[   32.606335][ T3586] netlink: 12 bytes leftover after parsing attributes in process `syz.3.34'.
[   32.619275][ T3586] loop3: detected capacity change from 0 to 164
[   32.626223][ T3586] iso9660: Unknown parameter '
'
[   32.627579][ T3556] EXT4-fs (loop4): pa ffff8881072420e0: logic 16, phys. 129, len 24
[   32.639260][ T3556] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   32.698022][ T3590] loop3: detected capacity change from 0 to 1024
[   32.710284][ T3593] loop0: detected capacity change from 0 to 256
[   32.720110][ T3593] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   32.730333][ T3593] FAT-fs (loop0): Filesystem has been set read-only
[   32.744274][ T3590] EXT4-fs: Ignoring removed nobh option
[   32.750054][ T3590] EXT4-fs: Ignoring removed bh option
[   32.788124][ T3590] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.807606][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.829107][ T3590] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.35: Allocating blocks 465-513 which overlap fs metadata
[   32.848623][ T3590] EXT4-fs (loop3): pa ffff888107242000: logic 256, phys. 369, len 9
[   32.856747][ T3590] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   32.868309][ T3590] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   32.907437][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.947432][ T3599] loop0: detected capacity change from 0 to 512
[   32.968175][ T3599] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.996290][ T3601] netlink: 24 bytes leftover after parsing attributes in process `syz.4.37'.
[   33.021861][ T3599] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   33.037420][ T3601] netlink: 12 bytes leftover after parsing attributes in process `syz.4.37'.
[   33.073725][ T3606] loop3: detected capacity change from 0 to 8192
[   33.080500][ T3601] loop4: detected capacity change from 0 to 164
[   33.096348][ T3601] iso9660: Unknown parameter '
'
[   33.116925][ T3601] siw: device registration error -23
[   33.143420][ T3608] loop4: detected capacity change from 0 to 512
[   33.150457][ T3608] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   33.162867][ T3608] EXT4-fs (loop4): 1 truncate cleaned up
[   33.169106][ T3608] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.191184][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.215083][ T3612] loop4: detected capacity change from 0 to 256
[   33.224991][ T3612] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   33.235227][ T3612] FAT-fs (loop4): Filesystem has been set read-only
[   33.273259][ T3599] netlink: 20 bytes leftover after parsing attributes in process `syz.0.39'.
[   33.283266][ T3599] C: renamed from team_slave_0 (while UP)
[   33.372837][ T3617] loop2: detected capacity change from 0 to 8192
[   33.740534][ T3636] loop4: detected capacity change from 0 to 8192
[   33.826698][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.954816][ T3648] team0 (unregistering): Port device C removed
[   33.963997][ T3647] loop3: detected capacity change from 0 to 512
[   33.973151][ T3648] team0 (unregistering): Port device team_slave_1 removed
[   33.999430][ T3647] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   34.042794][ T3647] EXT4-fs (loop3): 1 truncate cleaned up
[   34.055854][ T3647] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.113713][ T3638] netlink: 'syz.2.51': attribute type 4 has an invalid length.
[   34.202959][ T3655] loop0: detected capacity change from 0 to 2048
[   34.308478][ T3655] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.622358][ T3663] syz.2.56 uses obsolete (PF_INET,SOCK_PACKET)
[   34.674212][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.747903][ T3665] loop4: detected capacity change from 0 to 512
[   34.832990][ T3670] loop2: detected capacity change from 0 to 2048
[   34.843183][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.855496][ T3665] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.855564][ T3665] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   34.919007][ T3670] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.960165][ T3680] loop3: detected capacity change from 0 to 512
[   34.969611][   T29] kauditd_printk_skb: 478 callbacks suppressed
[   34.969630][   T29] audit: type=1326 audit(1757323969.607:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b1baebe9 code=0x7ffc0000
[   35.005029][   T29] audit: type=1326 audit(1757323969.607:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b1baebe9 code=0x7ffc0000
[   35.028378][   T29] audit: type=1326 audit(1757323969.607:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68b1baebe9 code=0x7ffc0000
[   35.036633][ T3680] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   35.051614][   T29] audit: type=1326 audit(1757323969.607:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b1baebe9 code=0x7ffc0000
[   35.085375][   T29] audit: type=1326 audit(1757323969.607:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68b1baebe9 code=0x7ffc0000
[   35.095327][ T3683] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   35.108557][   T29] audit: type=1326 audit(1757323969.607:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b1baebe9 code=0x7ffc0000
[   35.122360][ T3665] __nla_validate_parse: 5 callbacks suppressed
[   35.122374][ T3665] netlink: 20 bytes leftover after parsing attributes in process `syz.4.57'.
[   35.140446][   T29] audit: type=1326 audit(1757323969.607:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68b1baebe9 code=0x7ffc0000
[   35.171386][ T3683] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   35.178167][   T29] audit: type=1326 audit(1757323969.607:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b1baebe9 code=0x7ffc0000
[   35.209092][   T29] audit: type=1326 audit(1757323969.607:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f68b1baebe9 code=0x7ffc0000
[   35.214953][ T3665] netlink: 168 bytes leftover after parsing attributes in process `syz.4.57'.
[   35.232690][   T29] audit: type=1326 audit(1757323969.647:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3669 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b1baebe9 code=0x7ffc0000
[   35.266100][ T3680] EXT4-fs (loop3): 1 truncate cleaned up
[   35.272056][ T3685] loop0: detected capacity change from 0 to 128
[   35.272237][ T3680] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.279839][ T3665] C: renamed from team_slave_0 (while UP)
[   35.329925][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.333958][ T3683] netlink: 558 bytes leftover after parsing attributes in process `syz.1.64'.
[   35.411069][ T3689] loop2: detected capacity change from 0 to 512
[   35.430769][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.457491][ T3689] EXT4-fs: Ignoring removed i_version option
[   35.465402][ T3689] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.65: corrupted in-inode xattr: overlapping e_value 
[   35.479471][ T3689] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.65: couldn't read orphan inode 15 (err -117)
[   35.495790][ T3693] loop3: detected capacity change from 0 to 512
[   35.502018][ T3689] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.506097][ T3693] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   35.518745][ T3689] EXT4-fs error (device loop2): ext4_add_entry:2417: inode #2: comm syz.2.65: Directory hole found for htree leaf block 0
[   35.546311][ T3693] EXT4-fs (loop3): 1 truncate cleaned up
[   35.552126][ T3690] 9pnet: Could not find request transport: fd$rfdno=0x0000000000000008
[   35.554346][ T3693] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.574301][ T3690] netlink: 256 bytes leftover after parsing attributes in process `syz.0.66'.
[   35.799965][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.897835][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.948611][ T3710] netlink: 24 bytes leftover after parsing attributes in process `syz.4.72'.
[   35.963221][ T3710] netlink: 12 bytes leftover after parsing attributes in process `syz.4.72'.
[   35.982411][ T3713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   35.992599][ T3713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.002570][ T3713] netlink: 558 bytes leftover after parsing attributes in process `syz.1.73'.
[   36.019728][ T3710] loop4: detected capacity change from 0 to 164
[   36.032308][ T3710] iso9660: Unknown parameter '
'
[   36.038957][ T3710] siw: device registration error -23
[   36.070660][ T3716] wg2: entered promiscuous mode
[   36.075588][ T3716] wg2: entered allmulticast mode
[   36.252209][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.395760][ T3726] loop2: detected capacity change from 0 to 1024
[   36.412993][ T3726] EXT4-fs: Ignoring removed nobh option
[   36.418737][ T3726] EXT4-fs: Ignoring removed bh option
[   36.426549][ T3728] SELinux: ebitmap: truncated map
[   36.432180][ T3728] SELinux: failed to load policy
[   36.432457][ T3726] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.460089][ T3726] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.77: Allocating blocks 481-513 which overlap fs metadata
[   36.494142][ T3726] EXT4-fs (loop2): pa ffff8881072420e0: logic 352, phys. 465, len 3
[   36.502292][ T3726] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   36.519037][ T3732] netlink: 'syz.0.80': attribute type 12 has an invalid length.
[   36.547655][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.572561][ T3736] loop0: detected capacity change from 0 to 1024
[   36.603929][ T3738] loop2: detected capacity change from 0 to 128
[   36.611496][ T3736] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.629396][ T3736] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.83: Allocating blocks 385-513 which overlap fs metadata
[   36.630526][ T3740] netlink: 24 bytes leftover after parsing attributes in process `syz.1.84'.
[   36.666386][ T3740] netlink: 12 bytes leftover after parsing attributes in process `syz.1.84'.
[   36.679935][ T3740] siw: device registration error -23
[   36.697284][ T3744] netlink: 'syz.2.85': attribute type 12 has an invalid length.
[   36.716348][ T3735] EXT4-fs (loop0): pa ffff88810711a0e0: logic 16, phys. 129, len 24
[   36.724408][ T3735] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   36.745708][ T3748] loop2: detected capacity change from 0 to 256
[   36.755782][ T3748] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   36.766058][ T3748] FAT-fs (loop2): Filesystem has been set read-only
[   36.780329][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.804335][ T3751] FAULT_INJECTION: forcing a failure.
[   36.804335][ T3751] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   36.817738][ T3751] CPU: 1 UID: 0 PID: 3751 Comm: syz.3.89 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   36.817880][ T3751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   36.817954][ T3751] Call Trace:
[   36.817960][ T3751]  <TASK>
[   36.817966][ T3751]  __dump_stack+0x1d/0x30
[   36.817989][ T3751]  dump_stack_lvl+0xe8/0x140
[   36.818010][ T3751]  dump_stack+0x15/0x1b
[   36.818032][ T3751]  should_fail_ex+0x265/0x280
[   36.818057][ T3751]  should_fail+0xb/0x20
[   36.818093][ T3751]  should_fail_usercopy+0x1a/0x20
[   36.818115][ T3751]  _copy_from_user+0x1c/0xb0
[   36.818140][ T3751]  ___sys_sendmsg+0xc1/0x1d0
[   36.818189][ T3751]  __x64_sys_sendmsg+0xd4/0x160
[   36.818221][ T3751]  x64_sys_call+0x191e/0x2ff0
[   36.818245][ T3751]  do_syscall_64+0xd2/0x200
[   36.818272][ T3751]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   36.818356][ T3751]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   36.818406][ T3751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.818429][ T3751] RIP: 0033:0x7ff89c49ebe9
[   36.818447][ T3751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.818467][ T3751] RSP: 002b:00007ff89af07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   36.818490][ T3751] RAX: ffffffffffffffda RBX: 00007ff89c6d5fa0 RCX: 00007ff89c49ebe9
[   36.818504][ T3751] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004
[   36.818556][ T3751] RBP: 00007ff89af07090 R08: 0000000000000000 R09: 0000000000000000
[   36.818570][ T3751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.818583][ T3751] R13: 00007ff89c6d6038 R14: 00007ff89c6d5fa0 R15: 00007ffd2f21f6f8
[   36.818603][ T3751]  </TASK>
[   37.045394][ T3761] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   37.072235][ T3761] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   37.120712][ T3769] netlink: 24 bytes leftover after parsing attributes in process `syz.0.96'.
[   37.134621][ T3769] loop0: detected capacity change from 0 to 164
[   37.147906][ T3769] iso9660: Unknown parameter '
'
[   37.167981][ T3769] siw: device registration error -23
[   37.213538][ T3773] loop0: detected capacity change from 0 to 8192
[   37.306851][ T3777] loop3: detected capacity change from 0 to 1024
[   37.336447][ T3777] EXT4-fs: Ignoring removed nobh option
[   37.342068][ T3777] EXT4-fs: Ignoring removed bh option
[   37.384860][ T3782] loop0: detected capacity change from 0 to 256
[   37.403630][ T3777] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.416320][ T3782] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   37.426465][ T3782] FAT-fs (loop0): Filesystem has been set read-only
[   37.441502][ T3777] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.100: Allocating blocks 465-513 which overlap fs metadata
[   37.460924][ T3777] EXT4-fs (loop3): pa ffff88810711a150: logic 256, phys. 369, len 9
[   37.469207][ T3777] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   37.480336][ T3777] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   37.512354][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.546287][ T3787] FAULT_INJECTION: forcing a failure.
[   37.546287][ T3787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   37.559542][ T3787] CPU: 0 UID: 0 PID: 3787 Comm: wÞ£ÿ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   37.559570][ T3787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   37.559581][ T3787] Call Trace:
[   37.559637][ T3787]  <TASK>
[   37.559645][ T3787]  __dump_stack+0x1d/0x30
[   37.559666][ T3787]  dump_stack_lvl+0xe8/0x140
[   37.559688][ T3787]  dump_stack+0x15/0x1b
[   37.559707][ T3787]  should_fail_ex+0x265/0x280
[   37.559731][ T3787]  should_fail+0xb/0x20
[   37.559805][ T3787]  should_fail_usercopy+0x1a/0x20
[   37.559878][ T3787]  strncpy_from_user+0x25/0x230
[   37.559908][ T3787]  ? kmem_cache_alloc_noprof+0x186/0x310
[   37.559939][ T3787]  ? getname_flags+0x80/0x3b0
[   37.560028][ T3787]  getname_flags+0xae/0x3b0
[   37.560058][ T3787]  do_sys_openat2+0x60/0x110
[   37.560140][ T3787]  __x64_sys_openat+0xf2/0x120
[   37.560171][ T3787]  x64_sys_call+0x2e9c/0x2ff0
[   37.560245][ T3787]  do_syscall_64+0xd2/0x200
[   37.560339][ T3787]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   37.560366][ T3787]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   37.560424][ T3787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.560444][ T3787] RIP: 0033:0x7ff89c49ebe9
[   37.560461][ T3787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.560481][ T3787] RSP: 002b:00007ff89af07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   37.560526][ T3787] RAX: ffffffffffffffda RBX: 00007ff89c6d5fa0 RCX: 00007ff89c49ebe9
[   37.560541][ T3787] RDX: 0000000000000001 RSI: 00002000000017c0 RDI: ffffffffffffff9c
[   37.560553][ T3787] RBP: 00007ff89af07090 R08: 0000000000000000 R09: 0000000000000000
[   37.560565][ T3787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.560578][ T3787] R13: 00007ff89c6d6038 R14: 00007ff89c6d5fa0 R15: 00007ffd2f21f6f8
[   37.560598][ T3787]  </TASK>
[   37.769606][ T3790] loop4: detected capacity change from 0 to 512
[   37.781801][ T3793] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   37.794481][ T3790] EXT4-fs: Ignoring removed mblk_io_submit option
[   37.817496][ T3790] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   37.831335][ T3790] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[   37.839379][ T3790] System zones: 1-12
[   37.843643][ T3790] EXT4-fs (loop4): 1 truncate cleaned up
[   37.849865][ T3790] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.094297][ T3810] loop3: detected capacity change from 0 to 128
[   38.124594][ T3810] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[   38.145574][ T3810] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   38.184294][ T3816] loop2: detected capacity change from 0 to 1024
[   38.186200][ T3810] Zero length message leads to an empty skb
[   38.193501][ T3816] EXT4-fs: Ignoring removed nobh option
[   38.202744][ T3816] EXT4-fs: Ignoring removed bh option
[   38.219252][ T3816] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.242087][ T3304] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   38.258635][ T3816] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.113: Allocating blocks 481-513 which overlap fs metadata
[   38.308418][ T3816] EXT4-fs (loop2): pa ffff888107242070: logic 352, phys. 465, len 3
[   38.316542][ T3816] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   38.378657][ T3823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   38.396882][ T3823] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   38.399464][ T3825] loop3: detected capacity change from 0 to 164
[   38.412002][ T3825] iso9660: Unknown parameter '
'
[   38.413664][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.555128][ T3835] FAULT_INJECTION: forcing a failure.
[   38.555128][ T3835] name failslab, interval 1, probability 0, space 0, times 0
[   38.567944][ T3835] CPU: 0 UID: 0 PID: 3835 Comm: syz.2.120 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   38.567969][ T3835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   38.567986][ T3835] Call Trace:
[   38.567992][ T3835]  <TASK>
[   38.568008][ T3835]  __dump_stack+0x1d/0x30
[   38.568032][ T3835]  dump_stack_lvl+0xe8/0x140
[   38.568066][ T3835]  dump_stack+0x15/0x1b
[   38.568085][ T3835]  should_fail_ex+0x265/0x280
[   38.568112][ T3835]  should_failslab+0x8c/0xb0
[   38.568205][ T3835]  kmem_cache_alloc_noprof+0x50/0x310
[   38.568309][ T3835]  ? prepare_creds+0x37/0x4c0
[   38.568336][ T3835]  prepare_creds+0x37/0x4c0
[   38.568408][ T3835]  __se_sys_keyctl+0x34f/0xb80
[   38.568470][ T3835]  ? __rcu_read_unlock+0x4f/0x70
[   38.568490][ T3835]  ? __fget_files+0x184/0x1c0
[   38.568511][ T3835]  ? fput+0x8f/0xc0
[   38.568537][ T3835]  __x64_sys_keyctl+0x67/0x80
[   38.568559][ T3835]  x64_sys_call+0x2f6d/0x2ff0
[   38.568627][ T3835]  do_syscall_64+0xd2/0x200
[   38.568653][ T3835]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   38.568726][ T3835]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   38.568795][ T3835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.568818][ T3835] RIP: 0033:0x7f68b1baebe9
[   38.568836][ T3835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.568855][ T3835] RSP: 002b:00007f68b060f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[   38.568874][ T3835] RAX: ffffffffffffffda RBX: 00007f68b1de5fa0 RCX: 00007f68b1baebe9
[   38.568898][ T3835] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000e
[   38.568909][ T3835] RBP: 00007f68b060f090 R08: 0000000000000000 R09: 0000000000000000
[   38.568920][ T3835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.568932][ T3835] R13: 00007f68b1de6038 R14: 00007f68b1de5fa0 R15: 00007fffa399d7c8
[   38.568986][ T3835]  </TASK>
[   38.771516][ T3833] loop3: detected capacity change from 0 to 1024
[   38.789631][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.864266][ T3833] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.881763][ T3833] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   38.898529][ T3841] loop2: detected capacity change from 0 to 512
[   38.946758][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.969451][ T3841] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.982877][ T3841] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.045784][ T3853] loop0: detected capacity change from 0 to 128
[   39.072112][ T3841] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #18: comm syz.2.123: corrupted inode contents
[   39.099206][ T3841] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #18: comm syz.2.123: mark_inode_dirty error
[   39.115597][ T3841] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #18: comm syz.2.123: corrupted inode contents
[   39.115680][ T3841] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #18: comm syz.2.123: mark_inode_dirty error
[   39.115794][ T3841] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #18: comm syz.2.123: mark inode dirty (error -117)
[   39.116404][ T3860] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   39.117276][ T3841] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[   39.118505][ T3841] 9pnet_fd: Insufficient options for proto=fd
[   39.198002][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.212046][ T3865] 9pnet: Could not find request transport: fd$rfdno=0x0000000000000008
[   39.303847][ T3868] loop2: detected capacity change from 0 to 1024
[   39.336268][ T3868] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.385951][ T3868] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.414053][ T3872] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3872 comm=syz.1.133
[   39.431347][ T3882] loop3: detected capacity change from 0 to 512
[   39.441478][ T3882] EXT4-fs: Ignoring removed i_version option
[   39.484651][ T3882] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.136: corrupted in-inode xattr: overlapping e_value 
[   39.505118][ T3882] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.136: couldn't read orphan inode 15 (err -117)
[   39.518916][ T3882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.541505][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.569379][ T3876] syz.1.133 (3876) used greatest stack depth: 10176 bytes left
[   39.596948][ T3882] EXT4-fs error (device loop3): ext4_add_entry:2417: inode #2: comm syz.3.136: Directory hole found for htree leaf block 0
[   39.903863][ T3898] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.933165][ T3900] loop0: detected capacity change from 0 to 256
[   39.959994][ T3898] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.998303][   T29] kauditd_printk_skb: 642 callbacks suppressed
[   39.998321][   T29] audit: type=1400 audit(1757323974.637:1248): avc:  denied  { mounton } for  pid=3899 comm="syz.0.141" path="/30/file0/file0" dev="loop0" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[   40.154996][   T29] audit: type=1326 audit(1757323974.727:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3897 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   40.178416][   T29] audit: type=1326 audit(1757323974.727:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3897 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   40.201840][   T29] audit: type=1326 audit(1757323974.727:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3897 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   40.225234][   T29] audit: type=1326 audit(1757323974.727:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3897 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   40.248658][   T29] audit: type=1326 audit(1757323974.737:1253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3897 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   40.271938][   T29] audit: type=1326 audit(1757323974.737:1254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3897 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   40.295474][   T29] audit: type=1326 audit(1757323974.737:1255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3897 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   40.296775][ T3312] FAT-fs (loop0): error, corrupted directory (invalid entries)
[   40.318834][   T29] audit: type=1326 audit(1757323974.737:1256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3897 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   40.318867][   T29] audit: type=1326 audit(1757323974.737:1257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3897 comm="syz.1.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   40.326462][ T3312] FAT-fs (loop0): Filesystem has been set read-only
[   40.351636][ T3652] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 256: padding at end of block bitmap is not set
[   40.377301][ T3312] FAT-fs (loop0): error, corrupted directory (invalid entries)
[   40.484576][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.511270][ T3903] loop2: detected capacity change from 0 to 1024
[   40.613703][ T3912] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   40.645790][   T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   40.670727][ T3915] loop3: detected capacity change from 0 to 512
[   40.679185][ T3914] team0 (unregistering): Port device team_slave_0 removed
[   40.704188][ T3915] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   40.724013][ T3915] EXT4-fs (loop3): orphan cleanup on readonly fs
[   40.733110][ T3915] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.146: Failed to acquire dquot type 1
[   40.739963][ T3914] team0 (unregistering): Port device team_slave_1 removed
[   40.750895][ T3915] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.146: bg 0: block 40: padding at end of block bitmap is not set
[   40.763032][ T3921] loop4: detected capacity change from 0 to 1024
[   40.775631][ T3915] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   40.795342][ T3915] EXT4-fs (loop3): 1 truncate cleaned up
[   40.802010][ T3915] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   40.818130][ T3915] EXT4-fs (loop3): shut down requested (1)
[   40.819990][ T3921] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.824368][ T3915] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   40.845125][ T3921] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.856512][   T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   40.872635][ T3915] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=16
[   40.904773][ T3912] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   40.917198][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.928835][   T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   40.970694][ T3912] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.005238][ T3944] loop4: detected capacity change from 0 to 512
[   41.012109][ T3944] EXT4-fs: Ignoring removed i_version option
[   41.023782][ T3944] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.154: corrupted in-inode xattr: overlapping e_value 
[   41.032975][ T3923] lo speed is unknown, defaulting to 1000
[   41.038946][ T3944] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.154: couldn't read orphan inode 15 (err -117)
[   41.062923][   T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.066696][ T3944] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.100347][ T3949] __nla_validate_parse: 7 callbacks suppressed
[   41.100364][ T3949] netlink: 5356 bytes leftover after parsing attributes in process `syz.2.156'.
[   41.108716][ T3944] EXT4-fs error (device loop4): ext4_add_entry:2417: inode #2: comm syz.4.154: Directory hole found for htree leaf block 0
[   41.131028][ T3912] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.173448][ T3955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   41.190403][ T3955] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   41.194802][ T3953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   41.209288][ T3953] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   41.222773][   T51] bridge_slave_1: left allmulticast mode
[   41.228569][   T51] bridge_slave_1: left promiscuous mode
[   41.234445][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.242590][   T51] bridge_slave_0: left allmulticast mode
[   41.248294][   T51] bridge_slave_0: left promiscuous mode
[   41.254027][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.357899][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   41.367782][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   41.377260][   T51] bond0 (unregistering): Released all slaves
[   41.385508][ T2958] infiniband syz2: ib_query_port failed (-19)
[   41.391326][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.403306][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.414054][   T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.427937][  T127] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.479540][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.491937][ T3923] chnl_net:caif_netlink_parms(): no params data found
[   41.504834][   T51] hsr_slave_0: left promiscuous mode
[   41.515191][   T51] hsr_slave_1: left promiscuous mode
[   41.531201][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   41.538713][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[   41.556535][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   41.564005][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[   41.612346][   T51] veth1_macvtap: left promiscuous mode
[   41.618482][   T51] veth0_macvtap: left promiscuous mode
[   41.624386][   T51] veth1_vlan: left promiscuous mode
[   41.630610][   T51] veth0_vlan: left promiscuous mode
[   41.633509][ T3982] loop3: detected capacity change from 0 to 256
[   41.689189][ T3304] FAT-fs (loop3): error, corrupted directory (invalid entries)
[   41.696880][ T3304] FAT-fs (loop3): Filesystem has been set read-only
[   41.704899][ T3304] FAT-fs (loop3): error, corrupted directory (invalid entries)
[   41.753620][ T3986] netlink: 'syz.2.166': attribute type 12 has an invalid length.
[   41.808821][ T3992] netlink: 4 bytes leftover after parsing attributes in process `syz.2.169'.
[   41.820781][ T3992] netlink: 4 bytes leftover after parsing attributes in process `syz.2.169'.
[   41.840376][ T3923] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.847618][ T3923] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.856608][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.866493][ T3923] bridge_slave_0: entered allmulticast mode
[   41.872937][ T3923] bridge_slave_0: entered promiscuous mode
[   41.881749][ T3923] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.889031][ T3923] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.896875][ T3923] bridge_slave_1: entered allmulticast mode
[   41.903824][ T3923] bridge_slave_1: entered promiscuous mode
[   41.929181][ T3923] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   41.940327][ T3996] netlink: 24 bytes leftover after parsing attributes in process `syz.2.171'.
[   41.943866][ T3923] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   41.965073][ T4001] loop4: detected capacity change from 0 to 1024
[   41.978976][ T3996] netlink: 12 bytes leftover after parsing attributes in process `syz.2.171'.
[   41.994170][ T3923] team0: Port device team_slave_0 added
[   42.003578][ T3996] loop2: detected capacity change from 0 to 164
[   42.018477][ T3923] team0: Port device team_slave_1 added
[   42.018795][ T4001] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.033461][ T3996] iso9660: Unknown parameter '
'
[   42.058181][ T3923] batman_adv: batadv0: Adding interface: batadv_slave_0
[   42.065217][ T3923] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   42.091352][ T3923] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   42.103020][ T3923] batman_adv: batadv0: Adding interface: batadv_slave_1
[   42.106799][ T3996] siw: device registration error -23
[   42.110073][ T3923] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   42.141310][ T3923] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   42.156176][ T4001] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.170: Allocating blocks 385-513 which overlap fs metadata
[   42.225745][ T3923] hsr_slave_0: entered promiscuous mode
[   42.234720][ T3923] hsr_slave_1: entered promiscuous mode
[   42.241181][ T4017] loop2: detected capacity change from 0 to 1024
[   42.241239][ T3923] debugfs: 'hsr0' already exists in 'hsr'
[   42.253323][ T3923] Cannot create hsr debugfs directory
[   42.254687][ T4017] EXT4-fs: Ignoring removed nobh option
[   42.264408][ T4017] EXT4-fs: Ignoring removed bh option
[   42.276380][ T3993] lo speed is unknown, defaulting to 1000
[   42.285823][   T51] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.315319][ T4017] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.364949][   T51] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.385443][ T4029] netlink: 256 bytes leftover after parsing attributes in process `syz.1.172'.
[   42.403447][ T4017] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.173: Allocating blocks 481-513 which overlap fs metadata
[   42.418089][ T4000] EXT4-fs (loop4): pa ffff888107242230: logic 16, phys. 129, len 24
[   42.426179][ T4000] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   42.459227][ T4026] 9pnet: Could not find request transport: fd$rfdno=0x0000000000000008
[   42.471275][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.487087][   T51] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.540832][ T4017] EXT4-fs (loop2): pa ffff888107242070: logic 352, phys. 465, len 3
[   42.548995][ T4017] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   42.617716][   T51] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.629975][ T4037] loop4: detected capacity change from 0 to 512
[   42.644900][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.667345][ T4037] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.723938][ T3923] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   42.730986][ T4037] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.745080][ T3923] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   42.769532][ T3923] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   42.788209][ T3993] chnl_net:caif_netlink_parms(): no params data found
[   42.807591][ T3923] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   42.869495][ T3993] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.876690][ T3993] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.884033][ T3993] bridge_slave_0: entered allmulticast mode
[   42.892772][ T3993] bridge_slave_0: entered promiscuous mode
[   42.908065][ T3993] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.915237][ T3993] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.922488][ T3993] bridge_slave_1: entered allmulticast mode
[   42.929207][ T3993] bridge_slave_1: entered promiscuous mode
[   42.967927][ T3993] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   42.984940][ T4037] netlink: 20 bytes leftover after parsing attributes in process `syz.4.174'.
[   42.994909][ T4037] netlink: 168 bytes leftover after parsing attributes in process `syz.4.174'.
[   43.011395][ T3993] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   43.042111][ T3993] team0: Port device team_slave_0 added
[   43.054317][ T3923] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.063157][ T3993] team0: Port device team_slave_1 added
[   43.092943][ T3993] batman_adv: batadv0: Adding interface: batadv_slave_0
[   43.100001][ T3993] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   43.126064][ T3993] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   43.166804][ T3923] 8021q: adding VLAN 0 to HW filter on device team0
[   43.175603][ T3993] batman_adv: batadv0: Adding interface: batadv_slave_1
[   43.182588][ T3993] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   43.208750][ T3993] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   43.227703][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.234785][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.262362][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.269530][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.298247][ T3993] hsr_slave_0: entered promiscuous mode
[   43.304391][ T3993] hsr_slave_1: entered promiscuous mode
[   43.310742][ T3993] debugfs: 'hsr0' already exists in 'hsr'
[   43.316719][ T3993] Cannot create hsr debugfs directory
[   43.330788][ T4085] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   43.398688][ T4090] loop2: detected capacity change from 0 to 1024
[   43.410348][ T4090] EXT4-fs: Ignoring removed nobh option
[   43.416140][ T4090] EXT4-fs: Ignoring removed bh option
[   43.438197][ T4090] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.463269][ T3993] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   43.474245][ T3993] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   43.482278][ T4090] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.178: Allocating blocks 481-513 which overlap fs metadata
[   43.502987][ T3993] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   43.514983][ T3993] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   43.534216][ T4083] netlink: 20 bytes leftover after parsing attributes in process `syz.1.176'.
[   43.535069][ T3923] 8021q: adding VLAN 0 to HW filter on device batadv0
[   43.556118][ T4090] EXT4-fs (loop2): pa ffff888107242310: logic 352, phys. 465, len 3
[   43.562639][ T4083] netlink: 168 bytes leftover after parsing attributes in process `syz.1.176'.
[   43.564237][ T4090] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   43.585460][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.608520][ T4083] C: renamed from team_slave_0 (while UP)
[   43.672793][ T4118] loop4: detected capacity change from 0 to 1024
[   43.702957][ T3993] 8021q: adding VLAN 0 to HW filter on device bond0
[   43.715794][ T4118] EXT4-fs: Ignoring removed nobh option
[   43.721526][ T4118] EXT4-fs: Ignoring removed bh option
[   43.735106][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.751263][ T3993] 8021q: adding VLAN 0 to HW filter on device team0
[   43.778161][ T4118] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.794500][  T296] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.801667][  T296] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.831802][ T4118] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.179: Allocating blocks 481-513 which overlap fs metadata
[   43.846237][ T4131] loop2: detected capacity change from 0 to 8192
[   43.861081][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.868257][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.904856][ T3993] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   43.915277][ T3993] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   43.963331][ T4118] EXT4-fs (loop4): pa ffff88810711a310: logic 352, phys. 465, len 3
[   43.971428][ T4118] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   44.016179][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.032539][ T3923] veth0_vlan: entered promiscuous mode
[   44.060191][ T4156] team0 (unregistering): Port device C removed
[   44.073123][ T4156] team0 (unregistering): Port device team_slave_1 removed
[   44.091901][ T3993] 8021q: adding VLAN 0 to HW filter on device batadv0
[   44.100406][ T3923] veth1_vlan: entered promiscuous mode
[   44.123854][ T3923] veth0_macvtap: entered promiscuous mode
[   44.138587][ T3923] veth1_macvtap: entered promiscuous mode
[   44.177650][ T3923] batman_adv: batadv0: Interface activated: batadv_slave_0
[   44.217665][ T3923] batman_adv: batadv0: Interface activated: batadv_slave_1
[   44.276799][  T127] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   44.291310][  T352] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   44.326833][ T4195] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   44.342352][  T127] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   44.429027][ T4223] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   44.443120][ T4223] FAT-fs (loop11): unable to read boot sector
[   44.501495][ T3993] veth0_vlan: entered promiscuous mode
[   44.524970][ T3993] veth1_vlan: entered promiscuous mode
[   44.551633][ T3993] veth0_macvtap: entered promiscuous mode
[   44.560170][ T3993] veth1_macvtap: entered promiscuous mode
[   44.572330][ T3993] batman_adv: batadv0: Interface activated: batadv_slave_0
[   44.583273][ T3993] batman_adv: batadv0: Interface activated: batadv_slave_1
[   44.594772][ T4205] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   44.614816][ T4205] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   44.634644][ T4252] IPv6: Can't replace route, no match found
[   44.653127][ T4205] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   44.676767][ T4205] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   44.862815][ T4269] loop5: detected capacity change from 0 to 1024
[   44.902423][ T4269] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.923851][ T4269] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.955270][ T3923] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.112573][   T29] kauditd_printk_skb: 561 callbacks suppressed
[   45.112590][   T29] audit: type=1400 audit(1757323979.747:1817): avc:  denied  { create } for  pid=4171 comm="syz.4.184" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   45.175576][ T4282] loop4: detected capacity change from 0 to 8192
[   45.205355][   T29] audit: type=1400 audit(1757323979.837:1818): avc:  denied  { write } for  pid=4272 comm="syz.6.196" name="route" dev="proc" ino=4026532849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   45.250209][ T4283] 9pnet: Could not find request transport: fd$rfdno=0x0000000000000007
[   45.315160][ T4288] team0 (unregistering): Port device C removed
[   45.330530][ T4288] team0 (unregistering): Port device team_slave_1 removed
[   45.541964][   T29] audit: type=1326 audit(1757323980.177:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   45.566344][   T29] audit: type=1326 audit(1757323980.177:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   45.589809][   T29] audit: type=1326 audit(1757323980.187:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   45.613185][   T29] audit: type=1326 audit(1757323980.187:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   45.636580][   T29] audit: type=1326 audit(1757323980.187:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   45.660374][   T29] audit: type=1326 audit(1757323980.187:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   45.684078][   T29] audit: type=1326 audit(1757323980.187:1825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   45.707760][   T29] audit: type=1326 audit(1757323980.187:1826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   45.781520][ T4306] netlink: 'syz.1.204': attribute type 12 has an invalid length.
[   45.831964][   T51] bridge_slave_1: left allmulticast mode
[   45.837770][   T51] bridge_slave_1: left promiscuous mode
[   45.843490][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.863685][   T51] bridge_slave_0: left allmulticast mode
[   45.869598][   T51] bridge_slave_0: left promiscuous mode
[   45.869772][ T4310] loop5: detected capacity change from 0 to 1024
[   45.875311][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.891300][ T4312] SELinux: ebitmap: truncated map
[   45.897005][ T4314] loop2: detected capacity change from 0 to 512
[   45.899515][ T4312] SELinux: failed to load policy
[   45.923545][ T4310] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.944252][ T4314] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.947479][ T4310] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.004317][ T4314] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.017851][ T3923] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.067148][ T4322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   46.077755][ T4325] FAULT_INJECTION: forcing a failure.
[   46.077755][ T4325] name failslab, interval 1, probability 0, space 0, times 0
[   46.079594][ T4322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   46.090444][ T4325] CPU: 0 UID: 0 PID: 4325 Comm: syz.4.212 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.090472][ T4325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   46.090483][ T4325] Call Trace:
[   46.090490][ T4325]  <TASK>
[   46.090498][ T4325]  __dump_stack+0x1d/0x30
[   46.090554][ T4325]  dump_stack_lvl+0xe8/0x140
[   46.090573][ T4325]  dump_stack+0x15/0x1b
[   46.090589][ T4325]  should_fail_ex+0x265/0x280
[   46.090667][ T4325]  should_failslab+0x8c/0xb0
[   46.090690][ T4325]  kmem_cache_alloc_node_noprof+0x57/0x320
[   46.090717][ T4325]  ? __alloc_skb+0x101/0x320
[   46.090799][ T4325]  __alloc_skb+0x101/0x320
[   46.090817][ T4325]  ? audit_log_start+0x365/0x6c0
[   46.090845][ T4325]  audit_log_start+0x380/0x6c0
[   46.090882][ T4325]  audit_seccomp+0x48/0x100
[   46.090909][ T4325]  ? __seccomp_filter+0x68c/0x10d0
[   46.090930][ T4325]  __seccomp_filter+0x69d/0x10d0
[   46.090951][ T4325]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   46.090976][ T4325]  ? vfs_write+0x7e8/0x960
[   46.091001][ T4325]  __secure_computing+0x82/0x150
[   46.091095][ T4325]  syscall_trace_enter+0xcf/0x1e0
[   46.091118][ T4325]  do_syscall_64+0xac/0x200
[   46.091262][ T4325]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   46.091283][ T4325]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   46.091368][ T4325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.091389][ T4325] RIP: 0033:0x7f1be28debe9
[   46.091470][ T4325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.091511][ T4325] RSP: 002b:00007f1be133f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000126
[   46.091544][ T4325] RAX: ffffffffffffffda RBX: 00007f1be2b15fa0 RCX: 00007f1be28debe9
[   46.091557][ T4325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000800
[   46.091569][ T4325] RBP: 00007f1be133f090 R08: 0000000000000000 R09: 0000000000000000
[   46.091580][ T4325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.091592][ T4325] R13: 00007f1be2b16038 R14: 00007f1be2b15fa0 R15: 00007ffe735d0648
[   46.091609][ T4325]  </TASK>
[   46.306457][ T4314] __nla_validate_parse: 5 callbacks suppressed
[   46.306479][ T4314] netlink: 20 bytes leftover after parsing attributes in process `syz.2.209'.
[   46.338633][ T4328] loop5: detected capacity change from 0 to 1024
[   46.345511][ T4314] netlink: 168 bytes leftover after parsing attributes in process `syz.2.209'.
[   46.360922][ T4328] EXT4-fs: Ignoring removed nobh option
[   46.366662][ T4328] EXT4-fs: Ignoring removed bh option
[   46.389780][ T4328] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.402762][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   46.404293][ T4328] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.211: Allocating blocks 481-513 which overlap fs metadata
[   46.430549][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   46.441563][   T51] bond0 (unregistering): Released all slaves
[   46.465601][ T4323] wg2: entered promiscuous mode
[   46.470553][ T4323] wg2: entered allmulticast mode
[   46.478237][ T4314] C: renamed from team_slave_0
[   46.489078][ T4337] loop4: detected capacity change from 0 to 1024
[   46.503228][ T4337] EXT4-fs: Ignoring removed nobh option
[   46.504212][ T4328] EXT4-fs (loop5): pa ffff888107242310: logic 352, phys. 465, len 3
[   46.509089][ T4337] EXT4-fs: Ignoring removed bh option
[   46.517100][ T4328] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   46.534517][   T51] hsr_slave_0: left promiscuous mode
[   46.540655][   T51] hsr_slave_1: left promiscuous mode
[   46.546981][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.554380][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[   46.562512][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.569973][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[   46.589831][   T51] veth1_macvtap: left promiscuous mode
[   46.592322][ T4337] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.595411][   T51] veth0_macvtap: left promiscuous mode
[   46.595473][   T51] veth1_vlan: left promiscuous mode
[   46.618812][   T51] veth0_vlan: left promiscuous mode
[   46.620138][ T4337] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.216: Allocating blocks 465-513 which overlap fs metadata
[   46.639198][ T4337] EXT4-fs (loop4): pa ffff888107242310: logic 256, phys. 369, len 9
[   46.647342][ T4337] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   46.675192][ T3923] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.684619][ T4337] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   46.726330][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.755438][   T51] team0 (unregistering): Port device team_slave_1 removed
[   46.769154][   T51] team0 (unregistering): Port device team_slave_0 removed
[   46.829623][   T10] lo speed is unknown, defaulting to 1000
[   46.835452][   T10] infiniband syz0: ib_query_port failed (-19)
[   46.920766][ T4369] loop5: detected capacity change from 0 to 2048
[   46.942577][ T4366] loop6: detected capacity change from 0 to 1024
[   46.970082][ T4369] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.023329][ T4366] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.045771][ T4366] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.059030][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.171215][ T3923] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.174212][ T3993] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.382980][ T4414] 9pnet: Could not find request transport: fd$rfdno=0x0000000000000008
[   47.394455][ T4414] netlink: 256 bytes leftover after parsing attributes in process `syz.4.224'.
[   48.240490][ T4410] loop6: detected capacity change from 0 to 8192
[   48.255053][ T4416] 9pnet: Could not find request transport: fd$rfdno=0x0000000000000008
[   48.265447][ T4416] netlink: 256 bytes leftover after parsing attributes in process `syz.2.225'.
[   48.569097][ T4445] 9pnet: Could not find request transport: fd$rfdno=0x0000000000000008
[   48.582026][ T4445] netlink: 256 bytes leftover after parsing attributes in process `syz.4.228'.
[   48.809917][ T4459] wg2: entered promiscuous mode
[   48.814839][ T4459] wg2: entered allmulticast mode
[   48.969192][ T4467] netlink: 'syz.5.232': attribute type 12 has an invalid length.
[   49.029466][ T4470] netlink: 24 bytes leftover after parsing attributes in process `syz.5.233'.
[   49.045075][ T4470] netlink: 12 bytes leftover after parsing attributes in process `syz.5.233'.
[   49.069790][ T4470] loop5: detected capacity change from 0 to 164
[   49.090967][ T4470] lo speed is unknown, defaulting to 1000
[   49.099018][ T4470] lo speed is unknown, defaulting to 1000
[   49.105433][ T4470] lo speed is unknown, defaulting to 1000
[   49.112303][ T4470] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   49.126679][ T4470] lo speed is unknown, defaulting to 1000
[   49.133211][ T4470] lo speed is unknown, defaulting to 1000
[   49.140147][ T4470] lo speed is unknown, defaulting to 1000
[   49.146375][ T4470] lo speed is unknown, defaulting to 1000
[   49.158212][ T4470] lo speed is unknown, defaulting to 1000
[   49.185584][ T4475] loop6: detected capacity change from 0 to 1024
[   49.196907][ T4475] EXT4-fs: Ignoring removed nobh option
[   49.202522][ T4475] EXT4-fs: Ignoring removed bh option
[   49.251226][ T4480] loop5: detected capacity change from 0 to 2048
[   49.263945][ T4478] loop4: detected capacity change from 0 to 512
[   49.271255][ T4475] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.286924][ T4480] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.301881][ T4478] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.318390][ T4478] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.323323][ T4475] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.234: Allocating blocks 481-513 which overlap fs metadata
[   49.357207][ T3923] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.363488][ T4475] EXT4-fs (loop6): pa ffff88810711a310: logic 352, phys. 465, len 3
[   49.374418][ T4475] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   49.416109][ T4488] loop5: detected capacity change from 0 to 1024
[   49.426462][ T3993] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.497868][ T4488] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.532750][ T4488] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.541409][ T4478] netlink: 20 bytes leftover after parsing attributes in process `syz.4.235'.
[   49.581659][ T3923] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.596734][ T4478] netlink: 168 bytes leftover after parsing attributes in process `syz.4.235'.
[   49.638337][ T4501] netlink: 'syz.1.243': attribute type 12 has an invalid length.
[   49.686930][ T4504] SELinux:  policydb magic number 0x10 does not match expected magic number 0xf97cff8c
[   49.719574][ T4507] netlink: 256 bytes leftover after parsing attributes in process `syz.6.238'.
[   49.779959][ T4504] SELinux: failed to load policy
[   49.790004][ T4502] 9pnet: Could not find request transport: fd$rfdno=0x0000000000000008
[   50.110748][ T4515] SELinux: ebitmap: truncated map
[   50.121857][ T4515] SELinux: failed to load policy
[   50.129023][   T29] kauditd_printk_skb: 471 callbacks suppressed
[   50.129039][   T29] audit: type=1400 audit(1757323984.767:2296): avc:  denied  { read write } for  pid=4518 comm="syz.2.248" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   50.130894][ T4515] loop5: detected capacity change from 0 to 512
[   50.135316][   T29] audit: type=1400 audit(1757323984.767:2297): avc:  denied  { open } for  pid=4518 comm="syz.2.248" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   50.221820][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.233756][ T4515] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.246721][ T4515] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.303305][ T4515] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #18: comm syz.5.240: corrupted inode contents
[   50.318058][ T4530] wg2: left promiscuous mode
[   50.322701][ T4530] wg2: left allmulticast mode
[   50.340075][ T4530] wg2: entered promiscuous mode
[   50.345059][ T4530] wg2: entered allmulticast mode
[   50.362630][ T4515] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #18: comm syz.5.240: mark_inode_dirty error
[   50.377722][ T4515] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #18: comm syz.5.240: corrupted inode contents
[   50.401049][ T4515] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #18: comm syz.5.240: mark_inode_dirty error
[   50.402209][ T4534] loop6: detected capacity change from 0 to 1024
[   50.418104][ T4536] loop4: detected capacity change from 0 to 1024
[   50.429459][ T4515] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #18: comm syz.5.240: mark inode dirty (error -117)
[   50.429793][   T29] audit: type=1326 audit(1757323985.067:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4528 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   50.449064][ T4534] EXT4-fs: Ignoring removed nobh option
[   50.465306][   T29] audit: type=1326 audit(1757323985.067:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4528 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   50.470881][ T4534] EXT4-fs: Ignoring removed bh option
[   50.494928][   T29] audit: type=1326 audit(1757323985.067:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4528 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   50.502174][ T4515] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117)
[   50.523781][   T29] audit: type=1326 audit(1757323985.067:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4528 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   50.523837][   T29] audit: type=1326 audit(1757323985.067:2302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4528 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   50.523867][   T29] audit: type=1326 audit(1757323985.067:2303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4528 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   50.523924][   T29] audit: type=1326 audit(1757323985.067:2304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4528 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   50.557130][ T4531] 9pnet_fd: Insufficient options for proto=fd
[   50.579976][   T29] audit: type=1326 audit(1757323985.067:2305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4528 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2bbebe9 code=0x7ffc0000
[   50.682556][ T4536] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.687449][ T4534] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.721757][ T3923] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.738876][ T4536] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.253: Allocating blocks 385-513 which overlap fs metadata
[   50.780419][ T4534] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.252: Allocating blocks 481-513 which overlap fs metadata
[   50.820300][ T3993] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.856775][ T4535] EXT4-fs (loop4): pa ffff88810711a310: logic 16, phys. 129, len 24
[   50.864906][ T4535] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   50.877172][ T4551] netlink: 'syz.6.257': attribute type 3 has an invalid length.
[   50.909825][ T4553] FAULT_INJECTION: forcing a failure.
[   50.909825][ T4553] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   50.923176][ T4553] CPU: 1 UID: 0 PID: 4553 Comm: syz.6.258 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.923270][ T4553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   50.923283][ T4553] Call Trace:
[   50.923290][ T4553]  <TASK>
[   50.923298][ T4553]  __dump_stack+0x1d/0x30
[   50.923323][ T4553]  dump_stack_lvl+0xe8/0x140
[   50.923344][ T4553]  dump_stack+0x15/0x1b
[   50.923363][ T4553]  should_fail_ex+0x265/0x280
[   50.923489][ T4553]  should_fail+0xb/0x20
[   50.923510][ T4553]  should_fail_usercopy+0x1a/0x20
[   50.923536][ T4553]  _copy_to_user+0x20/0xa0
[   50.923620][ T4553]  simple_read_from_buffer+0xb5/0x130
[   50.923644][ T4553]  proc_fail_nth_read+0x10e/0x150
[   50.923672][ T4553]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   50.923773][ T4553]  vfs_read+0x1a5/0x770
[   50.923795][ T4553]  ? __rcu_read_unlock+0x4f/0x70
[   50.923818][ T4553]  ? __fget_files+0x184/0x1c0
[   50.923927][ T4553]  ksys_read+0xda/0x1a0
[   50.923951][ T4553]  __x64_sys_read+0x40/0x50
[   50.923974][ T4553]  x64_sys_call+0x27bc/0x2ff0
[   50.924032][ T4553]  do_syscall_64+0xd2/0x200
[   50.924064][ T4553]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   50.924089][ T4553]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   50.924178][ T4553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.924202][ T4553] RIP: 0033:0x7fb2277bd5fc
[   50.924218][ T4553] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   50.924235][ T4553] RSP: 002b:00007fb226227030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   50.924297][ T4553] RAX: ffffffffffffffda RBX: 00007fb2279f5fa0 RCX: 00007fb2277bd5fc
[   50.924311][ T4553] RDX: 000000000000000f RSI: 00007fb2262270a0 RDI: 000000000000000a
[   50.924324][ T4553] RBP: 00007fb226227090 R08: 0000000000000000 R09: 0000000000000000
[   50.924336][ T4553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.924348][ T4553] R13: 00007fb2279f6038 R14: 00007fb2279f5fa0 R15: 00007ffee244de68
[   50.924368][ T4553]  </TASK>
[   51.204683][ T4562] loop6: detected capacity change from 0 to 2048
[   51.302301][ T4566] SELinux: failed to load policy
[   51.311739][ T4566] netlink: 'syz.2.264': attribute type 3 has an invalid length.
[   51.332786][ T4572] loop4: detected capacity change from 0 to 1024
[   51.341568][ T4572] EXT4-fs: Ignoring removed nobh option
[   51.347199][ T4572] EXT4-fs: Ignoring removed bh option
[   51.381083][ T4572] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.266: Allocating blocks 481-513 which overlap fs metadata
[   51.421376][ T4578] loop6: detected capacity change from 0 to 256
[   51.536628][ T4581] __nla_validate_parse: 3 callbacks suppressed
[   51.536716][ T4581] netlink: 256 bytes leftover after parsing attributes in process `syz.1.263'.
[   51.559110][ T4578] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   51.569333][ T4578] FAT-fs (loop6): Filesystem has been set read-only
[   51.623698][ T4579] 9pnet: Could not find request transport: fd$rfdno=0x0000000000000008
[   51.893798][ T4588] netlink: 72 bytes leftover after parsing attributes in process `syz.6.270'.
[   51.909228][ T4591] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.922548][ T4588] netlink: 8 bytes leftover after parsing attributes in process `syz.6.270'.
[   51.923883][ T4591] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.942365][ T4588] netlink: 132 bytes leftover after parsing attributes in process `syz.6.270'.
[   52.031185][ T4597] wg2: entered promiscuous mode
[   52.036152][ T4597] wg2: entered allmulticast mode
[   52.390923][ T4608] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.581213][ T4611] loop4: detected capacity change from 0 to 1024
[   52.615754][ T4611] EXT4-fs: Ignoring removed nobh option
[   52.621517][ T4611] EXT4-fs: Ignoring removed bh option
[   52.647297][ T4611] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.277: Allocating blocks 465-513 which overlap fs metadata
[   52.662108][ T4611] EXT4-fs (loop4): pa ffff88810711a380: logic 256, phys. 369, len 9
[   52.670282][ T4611] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   52.681145][ T4611] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   52.681658][ T4608] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.728322][ T4615] netlink: 'syz.4.278': attribute type 12 has an invalid length.
[   52.745718][ T4608] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.781240][ T4617] loop4: detected capacity change from 0 to 128
[   52.797087][ T4608] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.892125][ T4621] team0 (unregistering): Port device team_slave_0 removed
[   52.894790][ T4623] loop6: detected capacity change from 0 to 512
[   52.908965][ T4623] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   52.927718][ T4621] team0 (unregistering): Port device team_slave_1 removed
[   52.942255][ T4623] EXT4-fs (loop6): 1 truncate cleaned up
[   53.055157][ T4200] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.076129][ T4200] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.088719][ T4200] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.108091][ T4200] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.165250][ T4631] netlink: 72 bytes leftover after parsing attributes in process `syz.2.285'.
[   53.181324][ T4631] netlink: 8 bytes leftover after parsing attributes in process `syz.2.285'.
[   53.192038][ T4631] netlink: 132 bytes leftover after parsing attributes in process `syz.2.285'.
[   53.234826][ T4644] netlink: 32 bytes leftover after parsing attributes in process `syz.2.290'.
[   53.246180][ T4640] SELinux: ebitmap: truncated map
[   53.251688][ T4640] SELinux: failed to load policy
[   53.298528][ T4645] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.349842][ T4650] wg2: left promiscuous mode
[   53.354504][ T4650] wg2: left allmulticast mode
[   53.397693][ T4645] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.414852][ T4650] wg2: entered promiscuous mode
[   53.419793][ T4650] wg2: entered allmulticast mode
[   53.456004][ T4645] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.515132][ T4657] loop4: detected capacity change from 0 to 1024
[   53.539921][ T4657] EXT4-fs: Ignoring removed nobh option
[   53.545545][ T4657] EXT4-fs: Ignoring removed bh option
[   53.551864][ T4645] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.585523][ T4657] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.295: Allocating blocks 481-513 which overlap fs metadata
[   53.605170][ T4655] SELinux: ebitmap: truncated map
[   53.626161][ T4227] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.642101][ T4227] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.669803][ T4655] SELinux: failed to load policy
[   53.682064][ T4666] loop5: detected capacity change from 0 to 1024
[   53.685586][ T4657] EXT4-fs (loop4): pa ffff888107242310: logic 352, phys. 465, len 3
[   53.696564][ T4657] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   53.727145][ T4200] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.756516][ T4200] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.784495][ T4666] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.862481][ T4672] FAULT_INJECTION: forcing a failure.
[   53.862481][ T4672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.876265][ T4672] CPU: 0 UID: 0 PID: 4672 Comm: syz.4.299 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.876340][ T4672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   53.876352][ T4672] Call Trace:
[   53.876359][ T4672]  <TASK>
[   53.876367][ T4672]  __dump_stack+0x1d/0x30
[   53.876390][ T4672]  dump_stack_lvl+0xe8/0x140
[   53.876410][ T4672]  dump_stack+0x15/0x1b
[   53.876425][ T4672]  should_fail_ex+0x265/0x280
[   53.876543][ T4672]  should_fail+0xb/0x20
[   53.876572][ T4672]  should_fail_usercopy+0x1a/0x20
[   53.876597][ T4672]  _copy_from_user+0x1c/0xb0
[   53.876628][ T4672]  ___sys_sendmsg+0xc1/0x1d0
[   53.876691][ T4672]  __x64_sys_sendmsg+0xd4/0x160
[   53.876743][ T4672]  x64_sys_call+0x191e/0x2ff0
[   53.876765][ T4672]  do_syscall_64+0xd2/0x200
[   53.876795][ T4672]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   53.876840][ T4672]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   53.876870][ T4672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.876930][ T4672] RIP: 0033:0x7f1be28debe9
[   53.876947][ T4672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.877011][ T4672] RSP: 002b:00007f1be133f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.877032][ T4672] RAX: ffffffffffffffda RBX: 00007f1be2b15fa0 RCX: 00007f1be28debe9
[   53.877046][ T4672] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[   53.877059][ T4672] RBP: 00007f1be133f090 R08: 0000000000000000 R09: 0000000000000000
[   53.877072][ T4672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.877100][ T4672] R13: 00007f1be2b16038 R14: 00007f1be2b15fa0 R15: 00007ffe735d0648
[   53.877163][ T4672]  </TASK>
[   54.123217][ T4682] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   54.144209][ T4682] FAT-fs (loop11): unable to read boot sector
[   54.210661][ T4700] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   54.221017][ T4700] SELinux: failed to load policy
[   54.228285][ T4700] netlink: 'syz.2.307': attribute type 3 has an invalid length.
[   54.242710][ T4682] netlink: 96 bytes leftover after parsing attributes in process `syz.5.303'.
[   54.266794][ T4703] netlink: 52 bytes leftover after parsing attributes in process `syz.2.308'.
[   54.293955][ T4697] SELinux: failed to load policy
[   54.304711][ T4707] netlink: 'syz.1.306': attribute type 3 has an invalid length.
[   54.341320][ T4711] siw: device registration error -23
[   54.390663][ T4717] loop5: detected capacity change from 0 to 164
[   54.418760][ T4727] bridge0: entered allmulticast mode
[   54.430491][ T4727] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   54.501738][ T4735] loop5: detected capacity change from 0 to 128
[   54.592406][ T4747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   54.617467][ T4747] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   54.660343][ T4755] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   54.670415][ T4755] FAT-fs (loop9): unable to read boot sector
[   54.719670][ T4761] netlink: 'syz.6.323': attribute type 12 has an invalid length.
[   54.753936][ T4765] loop6: detected capacity change from 0 to 164
[   54.766312][ T4765] siw: device registration error -23
[   54.782911][ T4768] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   54.791338][ T4769] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   54.828629][ T4768] netlink: 'syz.4.326': attribute type 13 has an invalid length.
[   54.872220][ T4768] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.879435][ T4768] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.918474][ T4769] ------------[ cut here ]------------
[   54.923993][ T4769] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x0, 0x7800000000] s64=[0x0, 0xffffffffffffffff] u32=[0x80000000, 0x0] s32=[0x0, 0xffffffff] var_off=(0x0, 0x7800000000)(1)
[   54.944400][ T4769] WARNING: CPU: 1 PID: 4769 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680
[   54.944452][ T4769] Modules linked in:
[   54.944467][ T4769] CPU: 1 UID: 0 PID: 4769 Comm: syz.4.326 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.944526][ T4769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   54.944537][ T4769] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[   54.944566][ T4769] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 92 7f ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[   54.944660][ T4769] RSP: 0018:ffffc900017fb440 EFLAGS: 00010292
[   54.944677][ T4769] RAX: ee6b45bdd7aeb000 RBX: ffff88811998c040 RCX: ffff88811f4f3180
[   54.944691][ T4769] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[   54.944705][ T4769] RBP: 0000000000000000 R08: 0001c900017fb27f R09: 0000000000000000
[   54.944719][ T4769] R10: 00000000ffffffff R11: 0000000000000000 R12: ffff88811998c000
[   54.944732][ T4769] R13: ffff88810ab78000 R14: ffff88810ab78000 R15: ffff88811998c038
[   54.944761][ T4769] FS:  00007f1be131e6c0(0000) GS:ffff8882aef43000(0000) knlGS:0000000000000000
[   54.944787][ T4769] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   54.944801][ T4769] CR2: 00007fc7c1606d58 CR3: 000000011052c000 CR4: 00000000003506f0
[   54.944820][ T4769] Call Trace:
[   54.944826][ T4769]  <TASK>
[   54.944840][ T4769]  reg_set_min_max+0x1eb/0x260
[   54.944928][ T4769]  check_cond_jmp_op+0x1080/0x16e0
[   54.945043][ T4769]  do_check+0x332a/0x7a10
[   54.945088][ T4769]  do_check_common+0xc3a/0x12a0
[   54.945125][ T4769]  bpf_check+0x942b/0xd9e0
[   54.945148][ T4769]  ? __rcu_read_unlock+0x4f/0x70
[   54.945172][ T4769]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   54.945236][ T4769]  ? alloc_pages_bulk_noprof+0x4b8/0x540
[   54.945270][ T4769]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[   54.945301][ T4769]  ? pcpu_block_update+0x24e/0x3b0
[   54.945322][ T4769]  ? _find_next_zero_bit+0x29/0xa0
[   54.945398][ T4769]  ? pcpu_block_refresh_hint+0x157/0x170
[   54.945423][ T4769]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[   54.945446][ T4769]  ? css_rstat_updated+0xb7/0x240
[   54.945479][ T4769]  ? __rcu_read_unlock+0x4f/0x70
[   54.945558][ T4769]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[   54.945580][ T4769]  ? should_fail_ex+0x30/0x280
[   54.945633][ T4769]  ? selinux_bpf_prog_load+0x36/0xf0
[   54.945652][ T4769]  ? should_failslab+0x8c/0xb0
[   54.945699][ T4769]  ? __kmalloc_cache_noprof+0x189/0x320
[   54.945731][ T4769]  ? selinux_bpf_prog_load+0xbf/0xf0
[   54.945754][ T4769]  ? security_bpf_prog_load+0x2c/0xa0
[   54.945776][ T4769]  bpf_prog_load+0xedd/0x1070
[   54.945917][ T4769]  ? security_bpf+0x2b/0x90
[   54.945951][ T4769]  __sys_bpf+0x462/0x7b0
[   54.946035][ T4769]  __x64_sys_bpf+0x41/0x50
[   54.946059][ T4769]  x64_sys_call+0x2aea/0x2ff0
[   54.946123][ T4769]  do_syscall_64+0xd2/0x200
[   54.946156][ T4769]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   54.946181][ T4769]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   54.946274][ T4769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.946296][ T4769] RIP: 0033:0x7f1be28debe9
[   54.946311][ T4769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.946329][ T4769] RSP: 002b:00007f1be131e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   54.946350][ T4769] RAX: ffffffffffffffda RBX: 00007f1be2b16090 RCX: 00007f1be28debe9
[   54.946364][ T4769] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[   54.946430][ T4769] RBP: 00007f1be2961e19 R08: 0000000000000000 R09: 0000000000000000
[   54.946443][ T4769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   54.946457][ T4769] R13: 00007f1be2b16128 R14: 00007f1be2b16090 R15: 00007ffe735d0648
[   54.946475][ T4769]  </TASK>
[   54.946482][ T4769] ---[ end trace 0000000000000000 ]---
[   55.008104][ T4768] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   55.010307][ T4768] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   55.156742][ T4785] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   55.156808][ T4785] SELinux: failed to load policy
[   55.163798][ T4785] loop6: detected capacity change from 0 to 512
[   55.208913][ T4785] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.297637][ T4796] loop5: detected capacity change from 0 to 1024
[   55.504056][   T29] kauditd_printk_skb: 504 callbacks suppressed
[   55.504088][   T29] audit: type=1400 audit(1757323990.137:2810): avc:  denied  { read } for  pid=4795 comm="syz.5.334" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   55.533676][   T29] audit: type=1400 audit(1757323990.137:2811): avc:  denied  { open } for  pid=4795 comm="syz.5.334" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   55.569904][   T29] audit: type=1400 audit(1757323990.197:2812): avc:  denied  { ioctl } for  pid=4795 comm="syz.5.334" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   55.620165][ T4803] loop5: detected capacity change from 0 to 2048
[   55.645907][ T4200] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.686681][   T29] audit: type=1326 audit(1757323990.327:2813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4802 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   55.710177][   T29] audit: type=1326 audit(1757323990.327:2814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4802 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   55.740336][ T4811] ./file0: Can't open blockdev
[   55.744530][   T29] audit: type=1326 audit(1757323990.327:2815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4802 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   55.768785][   T29] audit: type=1326 audit(1757323990.327:2816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4802 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   55.792267][   T29] audit: type=1326 audit(1757323990.327:2817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4802 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   55.815752][   T29] audit: type=1326 audit(1757323990.327:2818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4802 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   55.839457][   T29] audit: type=1326 audit(1757323990.327:2819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4802 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   55.864049][ T4200] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.886048][ T4200] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.896541][ T4200] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.999191][ T4825] FAULT_INJECTION: forcing a failure.
[   55.999191][ T4825] name failslab, interval 1, probability 0, space 0, times 0
[   56.012288][ T4825] CPU: 1 UID: 0 PID: 4825 Comm: syz.1.341 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   56.012371][ T4825] Tainted: [W]=WARN
[   56.012378][ T4825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   56.012392][ T4825] Call Trace:
[   56.012398][ T4825]  <TASK>
[   56.012407][ T4825]  __dump_stack+0x1d/0x30
[   56.012484][ T4825]  dump_stack_lvl+0xe8/0x140
[   56.012505][ T4825]  dump_stack+0x15/0x1b
[   56.012523][ T4825]  should_fail_ex+0x265/0x280
[   56.012618][ T4825]  should_failslab+0x8c/0xb0
[   56.012742][ T4825]  kmem_cache_alloc_noprof+0x50/0x310
[   56.012766][ T4825]  ? dup_fd+0x3a/0x540
[   56.012790][ T4825]  dup_fd+0x3a/0x540
[   56.012828][ T4825]  copy_files+0x98/0xf0
[   56.012856][ T4825]  copy_process+0xc5b/0x2000
[   56.012888][ T4825]  ? 0xffffffffff600000
[   56.012932][ T4825]  kernel_clone+0x16c/0x5c0
[   56.012960][ T4825]  ? 0xffffffffff600000
[   56.012974][ T4825]  __x64_sys_clone+0xe6/0x120
[   56.013089][ T4825]  ? 0xffffffffff600000
[   56.013106][ T4825]  x64_sys_call+0x119c/0x2ff0
[   56.013135][ T4825]  do_syscall_64+0xd2/0x200
[   56.013167][ T4825]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   56.013198][ T4825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.013258][ T4825] RIP: 0033:0x7fc7c2bbebe9
[   56.013273][ T4825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.013292][ T4825] RSP: 002b:00007fc7c1626fe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[   56.013313][ T4825] RAX: ffffffffffffffda RBX: 00007fc7c2df5fa0 RCX: 00007fc7c2bbebe9
[   56.013460][ T4825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c9a4080
[   56.013472][ T4825] RBP: 00007fc7c1627090 R08: ffffffffff600000 R09: ffffffffff600000
[   56.013486][ T4825] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[   56.013499][ T4825] R13: 00007fc7c2df6038 R14: 00007fc7c2df5fa0 R15: 00007ffcd5fff068
[   56.013545][ T4825]  ? 0xffffffffff600000
[   56.013564][ T4825]  ? 0xffffffffff600000
[   56.013578][ T4825]  </TASK>
[   56.027819][ T4840] loop5: detected capacity change from 0 to 164
[   56.175303][ T4851] loop2: detected capacity change from 0 to 1024
[   56.275083][ T4851] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   56.286148][ T4851] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   56.316456][ T4855] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   56.330530][ T4851] JBD2: no valid journal superblock found
[   56.333490][ T4855] SELinux: failed to load policy
[   56.336356][ T4851] EXT4-fs (loop2): Could not load journal inode
[   56.357760][ T4855] loop5: detected capacity change from 0 to 512
[   56.414045][ T4855] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.618373][ T4887] __nla_validate_parse: 19 callbacks suppressed
[   56.618392][ T4887] netlink: 72 bytes leftover after parsing attributes in process `syz.4.359'.
[   56.658480][ T4887] netlink: 8 bytes leftover after parsing attributes in process `syz.4.359'.
[   56.672982][ T4887] netlink: 132 bytes leftover after parsing attributes in process `syz.4.359'.
[   56.716517][ T4891] 9pnet_fd: p9_fd_create_tcp (4891): problem connecting socket to 127.0.0.1
[   56.743698][ T4897] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   56.755987][ T4897] SELinux: failed to load policy
[   56.768162][ T4897] loop5: detected capacity change from 0 to 512
[   56.798432][ T4897] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.841874][ T4914] netlink: 'syz.1.369': attribute type 3 has an invalid length.
[   56.844552][ T4912] loop5: detected capacity change from 0 to 2048
[   57.013643][ T4928] netlink: 72 bytes leftover after parsing attributes in process `syz.5.374'.
[   57.024775][ T4928] netlink: 8 bytes leftover after parsing attributes in process `syz.5.374'.
[   57.035269][ T4928] netlink: 132 bytes leftover after parsing attributes in process `syz.5.374'.
[   57.147199][ T4952] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   57.185954][ T4952] SELinux: failed to load policy
[   57.332118][ T4962] SELinux: ebitmap: truncated map
[   57.341916][ T4962] SELinux: failed to load policy
[   57.355063][ T4966] loop6: detected capacity change from 0 to 2048
[   57.509725][ T4983] SELinux:  policydb magic number 0x10 does not match expected magic number 0xf97cff8c
[   57.551036][ T4983] SELinux: failed to load policy
[   57.623908][ T4990] netlink: 72 bytes leftover after parsing attributes in process `syz.6.386'.
[   57.635661][ T4995] SELinux:  policydb magic number 0x10 does not match expected magic number 0xf97cff8c
[   57.673663][ T4990] netlink: 8 bytes leftover after parsing attributes in process `syz.6.386'.
[   57.682765][ T4995] SELinux: failed to load policy
[   57.689207][ T4993] SELinux: ebitmap: truncated map
[   57.695087][ T4993] SELinux: failed to load policy
[   57.699877][ T4995] loop4: detected capacity change from 0 to 512
[   57.716290][ T4990] netlink: 132 bytes leftover after parsing attributes in process `syz.6.386'.
[   57.793948][ T4995] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.864772][ T5012] loop2: detected capacity change from 0 to 8192
[   57.873073][ T5021] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   57.901079][ T5021] FAT-fs (loop11): unable to read boot sector
[   57.928100][ T5025] FAULT_INJECTION: forcing a failure.
[   57.928100][ T5025] name failslab, interval 1, probability 0, space 0, times 0
[   57.941334][ T5025] CPU: 0 UID: 0 PID: 5025 Comm: syz.6.396 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   57.941370][ T5025] Tainted: [W]=WARN
[   57.941407][ T5025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   57.941419][ T5025] Call Trace:
[   57.941425][ T5025]  <TASK>
[   57.941434][ T5025]  __dump_stack+0x1d/0x30
[   57.941458][ T5025]  dump_stack_lvl+0xe8/0x140
[   57.941539][ T5025]  dump_stack+0x15/0x1b
[   57.941557][ T5025]  should_fail_ex+0x265/0x280
[   57.941578][ T5025]  should_failslab+0x8c/0xb0
[   57.941600][ T5025]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   57.941632][ T5025]  ? sidtab_sid2str_get+0xa0/0x130
[   57.941712][ T5025]  kmemdup_noprof+0x2b/0x70
[   57.941737][ T5025]  sidtab_sid2str_get+0xa0/0x130
[   57.941846][ T5025]  security_sid_to_context_core+0x1eb/0x2e0
[   57.941888][ T5025]  security_sid_to_context+0x27/0x40
[   57.941905][ T5025]  selinux_lsmprop_to_secctx+0x67/0xf0
[   57.941927][ T5025]  security_lsmprop_to_secctx+0x43/0x80
[   57.941951][ T5025]  audit_log_task_context+0x77/0x190
[   57.942016][ T5025]  audit_log_task+0xf4/0x250
[   57.942046][ T5025]  audit_seccomp+0x61/0x100
[   57.942073][ T5025]  ? __seccomp_filter+0x68c/0x10d0
[   57.942142][ T5025]  __seccomp_filter+0x69d/0x10d0
[   57.942165][ T5025]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   57.942194][ T5025]  ? vfs_write+0x7e8/0x960
[   57.942294][ T5025]  ? __rcu_read_unlock+0x4f/0x70
[   57.942330][ T5025]  ? __fget_files+0x184/0x1c0
[   57.942358][ T5025]  __secure_computing+0x82/0x150
[   57.942382][ T5025]  syscall_trace_enter+0xcf/0x1e0
[   57.942419][ T5025]  do_syscall_64+0xac/0x200
[   57.942452][ T5025]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.942474][ T5025]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   57.942503][ T5025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.942567][ T5025] RIP: 0033:0x7fb2277bebe9
[   57.942639][ T5025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.942655][ T5025] RSP: 002b:00007fb226227038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   57.942674][ T5025] RAX: ffffffffffffffda RBX: 00007fb2279f5fa0 RCX: 00007fb2277bebe9
[   57.942686][ T5025] RDX: 0000000000000013 RSI: 0000000000000006 RDI: 0000000000000003
[   57.942698][ T5025] RBP: 00007fb226227090 R08: 0000000000000004 R09: 0000000000000000
[   57.942709][ T5025] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[   57.942742][ T5025] R13: 00007fb2279f6038 R14: 00007fb2279f5fa0 R15: 00007ffee244de68
[   57.942766][ T5025]  </TASK>
[   58.226311][ T4995] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #18: comm syz.4.389: corrupted inode contents
[   58.257734][ T4995] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #18: comm syz.4.389: mark_inode_dirty error
[   58.284756][ T4995] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #18: comm syz.4.389: corrupted inode contents
[   58.312582][ T5021] netlink: 96 bytes leftover after parsing attributes in process `syz.5.394'.
[   58.338027][ T4995] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.389: mark_inode_dirty error
[   58.338493][ T5035] SELinux: ebitmap: truncated map
[   58.357600][ T5035] SELinux: failed to load policy
[   58.366896][ T4995] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.389: mark inode dirty (error -117)
[   58.370657][ T5035] loop6: detected capacity change from 0 to 512
[   58.380434][ T4995] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[   58.386492][ T5041] FAULT_INJECTION: forcing a failure.
[   58.386492][ T5041] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.408105][ T5041] CPU: 0 UID: 0 PID: 5041 Comm: syz.2.402 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   58.408216][ T5041] Tainted: [W]=WARN
[   58.408223][ T5041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   58.408234][ T5041] Call Trace:
[   58.408251][ T5041]  <TASK>
[   58.408259][ T5041]  __dump_stack+0x1d/0x30
[   58.408353][ T5041]  dump_stack_lvl+0xe8/0x140
[   58.408383][ T5041]  dump_stack+0x15/0x1b
[   58.408401][ T5041]  should_fail_ex+0x265/0x280
[   58.408426][ T5041]  should_fail+0xb/0x20
[   58.408445][ T5041]  should_fail_usercopy+0x1a/0x20
[   58.408466][ T5041]  _copy_from_user+0x1c/0xb0
[   58.408533][ T5041]  __se_sys_prlimit64+0xa5/0x520
[   58.408578][ T5041]  __x64_sys_prlimit64+0x55/0x70
[   58.408601][ T5041]  x64_sys_call+0x2835/0x2ff0
[   58.408623][ T5041]  do_syscall_64+0xd2/0x200
[   58.408669][ T5041]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   58.408690][ T5041]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   58.408714][ T5041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.408738][ T5041] RIP: 0033:0x7f68b1baebe9
[   58.408754][ T5041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.408820][ T5041] RSP: 002b:00007f68b060f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012e
[   58.408842][ T5041] RAX: ffffffffffffffda RBX: 00007f68b1de5fa0 RCX: 00007f68b1baebe9
[   58.408856][ T5041] RDX: 0000200000000140 RSI: 000000000000000e RDI: 0000000000000000
[   58.408867][ T5041] RBP: 00007f68b060f090 R08: 0000000000000000 R09: 0000000000000000
[   58.408923][ T5041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.408934][ T5041] R13: 00007f68b1de6038 R14: 00007f68b1de5fa0 R15: 00007fffa399d7c8
[   58.408963][ T5041]  </TASK>
[   58.410192][ T5039] SELinux:  policydb magic number 0x10 does not match expected magic number 0xf97cff8c
[   58.417415][ T5028] 9pnet_fd: Insufficient options for proto=fd
[   58.422458][ T5039] SELinux: failed to load policy
[   58.589070][ T5035] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.685357][ T5035] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #18: comm syz.6.398: corrupted inode contents
[   58.690514][ T5057] loop4: detected capacity change from 0 to 512
[   58.704682][ T5035] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #18: comm syz.6.398: mark_inode_dirty error
[   58.714603][ T5057] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   58.729271][ T5035] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #18: comm syz.6.398: corrupted inode contents
[   58.741459][ T5057] EXT4-fs (loop4): orphan cleanup on readonly fs
[   58.743785][ T5035] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2991: inode #18: comm syz.6.398: mark_inode_dirty error
[   58.760813][ T5057] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.406: Block bitmap for bg 0 marked uninitialized
[   58.774791][ T5035] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2994: inode #18: comm syz.6.398: mark inode dirty (error -117)
[   58.796020][ T5035] EXT4-fs warning (device loop6): ext4_evict_inode:274: xattr delete (err -117)
[   58.805475][ T5060] 9pnet_fd: Insufficient options for proto=fd
[   58.836271][ T5070] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   58.848751][ T5070] SELinux: failed to load policy
[   58.854364][ T5035] syz.6.398 (5035) used greatest stack depth: 10016 bytes left
[   58.864979][ T5057] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   58.865692][ T5070] netlink: 'syz.1.409': attribute type 3 has an invalid length.
[   58.907763][ T5057] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.406: Block bitmap for bg 0 marked uninitialized
[   58.952842][ T5074] loop6: detected capacity change from 0 to 8192
[   58.956671][ T5057] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   58.990004][ T5057] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.406: Block bitmap for bg 0 marked uninitialized
[   59.028632][ T5057] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   59.043735][ T5057] EXT4-fs (loop4): 1 orphan inode deleted
[   59.119792][ T5091] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   59.130575][ T5094] loop4: detected capacity change from 0 to 2048
[   59.178264][ T5100] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   59.191141][ T5100] loop6: detected capacity change from 0 to 512
[   59.218583][ T5100] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.270910][ T5110] loop6: detected capacity change from 0 to 2048
[   59.288174][ T5112] SELinux:  policydb magic number 0x10 does not match expected magic number 0xf97cff8c
[   59.319460][ T5112] loop4: detected capacity change from 0 to 512
[   59.327049][ T5108] netlink: 'syz.1.421': attribute type 3 has an invalid length.
[   59.358147][ T5112] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.399877][ T5120] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   59.414762][ T5120] FAT-fs (loop13): unable to read boot sector
[   59.428506][ T5112] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #18: comm syz.4.420: corrupted inode contents
[   59.442296][ T5112] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #18: comm syz.4.420: mark_inode_dirty error
[   59.454855][ T5112] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #18: comm syz.4.420: corrupted inode contents
[   59.467211][ T5112] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.420: mark_inode_dirty error
[   59.490381][ T5112] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.420: mark inode dirty (error -117)
[   59.519809][ T5112] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[   59.535076][ T5127] loop2: detected capacity change from 0 to 1024
[   59.543152][ T5123] 9pnet_fd: Insufficient options for proto=fd
[   59.547412][ T5127] EXT4-fs: Ignoring removed nobh option
[   59.554864][ T5127] EXT4-fs: Ignoring removed bh option
[   59.588485][ T5127] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.426: Allocating blocks 465-513 which overlap fs metadata
[   59.604805][ T5127] EXT4-fs (loop2): pa ffff88810711a3f0: logic 256, phys. 369, len 9
[   59.613289][ T5127] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   59.626073][ T5127] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   59.658416][ T5133] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.667118][ T5133] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   59.708623][ T5137] loop5: detected capacity change from 0 to 2048
[   59.765948][ T5144] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   59.770755][ T5146] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   59.784220][ T5148] netlink: 'syz.4.434': attribute type 12 has an invalid length.
[   59.815590][ T5146] loop2: detected capacity change from 0 to 512
[   59.859974][ T5146] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.926812][ T5165] loop4: detected capacity change from 0 to 1024
[   59.937995][ T5165] EXT4-fs: Ignoring removed nobh option
[   59.943609][ T5165] EXT4-fs: Ignoring removed bh option
[   59.974803][ T5165] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.437: Allocating blocks 465-513 which overlap fs metadata
[   59.993181][ T5165] EXT4-fs (loop4): pa ffff888107242b60: logic 256, phys. 369, len 9
[   60.001309][ T5165] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   60.015359][ T5165] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   60.085423][ T5184] loop4: detected capacity change from 0 to 256
[   60.101252][ T5184] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   60.111545][ T5184] FAT-fs (loop4): Filesystem has been set read-only
[   60.120232][ T5186] wg2: left promiscuous mode
[   60.124943][ T5186] wg2: left allmulticast mode
[   60.151691][ T5186] wg2: entered promiscuous mode
[   60.156699][ T5186] wg2: entered allmulticast mode
[   60.331920][ T5219] netlink: 'syz.1.451': attribute type 12 has an invalid length.
[   60.459391][ T5235] openvswitch: netlink: Message has 6 unknown bytes.
[   60.503933][ T5238] siw: device registration error -23
[   60.521613][   T29] kauditd_printk_skb: 1159 callbacks suppressed
[   60.521627][   T29] audit: type=1326 audit(1757323995.157:3978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.5.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   60.551851][ T5240] loop5: detected capacity change from 0 to 1024
[   60.556139][   T29] audit: type=1326 audit(1757323995.167:3979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.5.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   60.581752][   T29] audit: type=1326 audit(1757323995.167:3980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.5.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   60.605404][   T29] audit: type=1326 audit(1757323995.167:3981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.5.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   60.621729][ T5246] loop4: detected capacity change from 0 to 1024
[   60.628827][   T29] audit: type=1326 audit(1757323995.167:3982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.5.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   60.637528][ T5246] EXT4-fs: Ignoring removed nobh option
[   60.658792][   T29] audit: type=1326 audit(1757323995.167:3983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.5.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   60.664252][ T5246] EXT4-fs: Ignoring removed bh option
[   60.687578][   T29] audit: type=1326 audit(1757323995.167:3984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.5.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac11febe9 code=0x7ffc0000
[   60.716509][   T29] audit: type=1326 audit(1757323995.167:3985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.5.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1ac1200b07 code=0x7ffc0000
[   60.739847][   T29] audit: type=1326 audit(1757323995.167:3986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.5.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f1ac1200a7c code=0x7ffc0000
[   60.763361][   T29] audit: type=1326 audit(1757323995.167:3987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5239 comm="syz.5.460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f1ac12009b4 code=0x7ffc0000
[   60.764273][ T5240] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.809203][ T5246] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.462: Allocating blocks 481-513 which overlap fs metadata
[   60.865236][ T5246] EXT4-fs (loop4): pa ffff88810711a460: logic 352, phys. 465, len 3
[   60.873446][ T5246] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   60.965770][ T5268] openvswitch: netlink: Message has 6 unknown bytes.
[   60.975563][ T5266] program syz.2.470 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   61.011373][ T5271] loop2: detected capacity change from 0 to 1024
[   61.032535][ T5271] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.472: Allocating blocks 465-513 which overlap fs metadata
[   61.062858][ T5271] EXT4-fs (loop2): pa ffff88810711a460: logic 256, phys. 369, len 9
[   61.071082][ T5271] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 3
[   61.086727][ T5271] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[   61.108122][ T5276] loop4: detected capacity change from 0 to 8192
[   61.164184][ T5279] netlink: 'syz.5.475': attribute type 3 has an invalid length.
[   61.264129][ T5293] wg2: left promiscuous mode
[   61.269026][ T5293] wg2: left allmulticast mode
[   61.286431][ T5293] wg2: entered promiscuous mode
[   61.291421][ T5293] wg2: entered allmulticast mode
[   61.299964][ T5294] loop2: detected capacity change from 0 to 2048
[   61.451639][ T5314] loop2: detected capacity change from 0 to 164
[   61.592623][ T5327] loop2: detected capacity change from 0 to 1024
[   61.611129][ T5327] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.487: Allocating blocks 385-513 which overlap fs metadata
[   61.627943][ T5326] EXT4-fs (loop2): pa ffff88810711a540: logic 16, phys. 129, len 24
[   61.636082][ T5326] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   61.676693][ T5331] loop2: detected capacity change from 0 to 1024
[   61.703566][ T5331] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.740806][ T5335] loop2: detected capacity change from 0 to 1024
[   61.748515][ T5335] EXT4-fs: Ignoring removed nobh option
[   61.754244][ T5335] EXT4-fs: Ignoring removed bh option
[   61.773920][ T5335] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.489: Allocating blocks 481-513 which overlap fs metadata
[   61.804468][ T5335] EXT4-fs (loop2): pa ffff88810711a4d0: logic 352, phys. 465, len 3
[   61.812623][ T5335] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   61.859714][ T5339] __nla_validate_parse: 9 callbacks suppressed
[   61.859731][ T5339] netlink: 24 bytes leftover after parsing attributes in process `syz.2.490'.
[   61.941716][ T5343] SELinux: ebitmap: truncated map
[   61.950555][ T5343] sel_write_load: 5 callbacks suppressed
[   61.950569][ T5343] SELinux: failed to load policy
[   61.965580][ T5343] loop4: detected capacity change from 0 to 512
[   61.978324][ T5343] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.002999][ T5350] netlink: 24 bytes leftover after parsing attributes in process `syz.2.494'.
[   62.017410][ T5350] netlink: 12 bytes leftover after parsing attributes in process `syz.2.494'.
[   62.027573][ T5343] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #18: comm syz.4.492: corrupted inode contents
[   62.042164][ T5343] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #18: comm syz.4.492: mark_inode_dirty error
[   62.049626][ T5350] loop2: detected capacity change from 0 to 164
[   62.053716][ T5343] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #18: comm syz.4.492: corrupted inode contents
[   62.072266][ T5343] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm syz.4.492: mark_inode_dirty error
[   62.084860][ T5343] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm syz.4.492: mark inode dirty (error -117)
[   62.098527][ T5343] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[   62.108383][ T5351] 9pnet_fd: Insufficient options for proto=fd
[   62.164099][ T5354] loop2: detected capacity change from 0 to 1024
[   62.199418][ T5354] EXT4-fs: Ignoring removed nobh option
[   62.205049][ T5354] EXT4-fs: Ignoring removed bh option
[   62.235919][ T5362] loop4: detected capacity change from 0 to 1024
[   62.253333][ T5362] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.255652][ T5368] netlink: 24 bytes leftover after parsing attributes in process `syz.1.501'.
[   62.300913][ T5370] loop5: detected capacity change from 0 to 2048
[   62.328480][ T5354] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.496: Allocating blocks 481-513 which overlap fs metadata
[   62.423885][ T5354] EXT4-fs (loop2): pa ffff88810711a5b0: logic 352, phys. 465, len 3
[   62.428258][ T5378] infiniband syz2: set down
[   62.432026][ T5354] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[   62.436551][ T5378] infiniband syz2: added bond0
[   62.470847][ T5379] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[   62.474850][ T5378] RDS/IB: syz2: added
[   62.477418][ T5379] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   62.477568][ T5379] vhci_hcd vhci_hcd.0: Device attached
[   62.485051][ T5378] smc: adding ib device syz2 with port count 1
[   62.502312][ T5378] smc:    ib device syz2 port 1 has pnetid 
[   62.530328][ T5386] wg2: left promiscuous mode
[   62.534985][ T5386] wg2: left allmulticast mode
[   62.550418][ T5386] wg2: entered promiscuous mode
[   62.555359][ T5386] wg2: entered allmulticast mode
[   62.623932][ T5393] SELinux: ebitmap: truncated map
[   62.630490][ T5393] SELinux: failed to load policy
[   62.641007][ T5393] loop2: detected capacity change from 0 to 512
[   62.680714][ T5393] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.700778][ T5402] loop6: detected capacity change from 0 to 512
[   62.711014][ T5402] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   62.740722][ T5402] EXT4-fs (loop6): 1 truncate cleaned up
[   62.743049][ T5393] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #18: comm syz.2.509: corrupted inode contents
[   62.755950][    T9] usb 10-1: SetAddress Request (2) to port 0
[   62.764335][    T9] usb 10-1: new SuperSpeed USB device number 2 using vhci_hcd
[   62.796668][ T5393] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #18: comm syz.2.509: mark_inode_dirty error
[   62.823790][ T5393] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #18: comm syz.2.509: corrupted inode contents
[   62.839419][ T5393] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #18: comm syz.2.509: mark_inode_dirty error
[   62.851488][ T5393] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #18: comm syz.2.509: mark inode dirty (error -117)
[   62.865411][ T5393] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[   62.877301][ T5404] 9pnet_fd: Insufficient options for proto=fd
[   62.885559][ T5383] vhci_hcd: connection reset by peer
[   62.890980][ T4207] vhci_hcd: stop threads
[   62.895254][ T4207] vhci_hcd: release socket
[   62.899741][ T4207] vhci_hcd: disconnect device
[   62.950925][ T5408] loop2: detected capacity change from 0 to 8192
[   63.058107][ T5412] ==================================================================
[   63.066237][ T5412] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[   63.073392][ T5412] 
[   63.075746][ T5412] write to 0xffff88811a5093ec of 4 bytes by task 5410 on cpu 1:
[   63.083389][ T5412]  xas_set_mark+0x12b/0x140
[   63.087944][ T5412]  __folio_start_writeback+0x1dd/0x440
[   63.093448][ T5412]  ext4_bio_write_folio+0x5ad/0x9f0
[   63.098678][ T5412]  mpage_process_page_bufs+0x4a1/0x620
[   63.104158][ T5412]  mpage_prepare_extent_to_map+0x786/0xc00
[   63.109995][ T5412]  ext4_do_writepages+0xa05/0x2750
[   63.115128][ T5412]  ext4_writepages+0x176/0x300
[   63.119914][ T5412]  do_writepages+0x1c6/0x310
[   63.124527][ T5412]  filemap_write_and_wait_range+0x144/0x340
[   63.130449][ T5412]  filemap_invalidate_pages+0xa4/0x1a0
[   63.135931][ T5412]  kiocb_invalidate_pages+0x6e/0x80
[   63.141145][ T5412]  __iomap_dio_rw+0x5d4/0x1250
[   63.145938][ T5412]  iomap_dio_rw+0x40/0x90
[   63.150369][ T5412]  ext4_file_write_iter+0xad9/0xf00
[   63.155587][ T5412]  iter_file_splice_write+0x666/0xa60
[   63.160976][ T5412]  direct_splice_actor+0x156/0x2a0
[   63.166114][ T5412]  splice_direct_to_actor+0x312/0x680
[   63.171504][ T5412]  do_splice_direct+0xda/0x150
[   63.176275][ T5412]  do_sendfile+0x380/0x650
[   63.180756][ T5412]  __x64_sys_sendfile64+0x105/0x150
[   63.185970][ T5412]  x64_sys_call+0x2bb0/0x2ff0
[   63.190674][ T5412]  do_syscall_64+0xd2/0x200
[   63.195209][ T5412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.201120][ T5412] 
[   63.203457][ T5412] read to 0xffff88811a5093ec of 4 bytes by task 5412 on cpu 0:
[   63.211018][ T5412]  xas_find_marked+0x5dc/0x620
[   63.215821][ T5412]  find_get_entry+0x5d/0x380
[   63.220487][ T5412]  filemap_get_folios_tag+0x92/0x210
[   63.225835][ T5412]  mpage_prepare_extent_to_map+0x320/0xc00
[   63.231660][ T5412]  ext4_do_writepages+0xa05/0x2750
[   63.236807][ T5412]  ext4_writepages+0x176/0x300
[   63.241592][ T5412]  do_writepages+0x1c6/0x310
[   63.246210][ T5412]  file_write_and_wait_range+0x156/0x2c0
[   63.251874][ T5412]  generic_buffers_fsync_noflush+0x45/0x120
[   63.257796][ T5412]  ext4_sync_file+0x1ab/0x690
[   63.262497][ T5412]  vfs_fsync_range+0x10a/0x130
[   63.267278][ T5412]  ext4_buffered_write_iter+0x34f/0x3c0
[   63.272853][ T5412]  ext4_file_write_iter+0xdbf/0xf00
[   63.278074][ T5412]  iter_file_splice_write+0x666/0xa60
[   63.283453][ T5412]  direct_splice_actor+0x156/0x2a0
[   63.288585][ T5412]  splice_direct_to_actor+0x312/0x680
[   63.294064][ T5412]  do_splice_direct+0xda/0x150
[   63.298848][ T5412]  do_sendfile+0x380/0x650
[   63.303295][ T5412]  __x64_sys_sendfile64+0x105/0x150
[   63.308703][ T5412]  x64_sys_call+0x2bb0/0x2ff0
[   63.313388][ T5412]  do_syscall_64+0xd2/0x200
[   63.317921][ T5412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.323830][ T5412] 
[   63.326158][ T5412] value changed: 0x0a000021 -> 0x04000021
[   63.331881][ T5412] 
[   63.334222][ T5412] Reported by Kernel Concurrency Sanitizer on:
[   63.340478][ T5412] CPU: 0 UID: 0 PID: 5412 Comm: syz.6.512 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   63.351704][ T5412] Tainted: [W]=WARN
[   63.355688][ T5412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[   63.365763][ T5412] ==================================================================
[   63.661001][ T5412] syz.6.512 (5412) used greatest stack depth: 9080 bytes left
[   67.865929][    T9] usb 10-1: device descriptor read/8, error -110
[   67.975987][    T9] usb 10-1: new SuperSpeed USB device number 2 using vhci_hcd
[   67.995945][    T9] usb 10-1: enqueue for inactive port 0
[   68.001536][    T9] usb 10-1: enqueue for inactive port 0
[   68.007150][    T9] usb 10-1: enqueue for inactive port 0
[   69.036174][    T9] usb usb10-port1: attempt power cycle
[   70.866111][    T9] usb usb10-port1: unable to enumerate USB device