last executing test programs:

4m14.734968149s ago: executing program 0 (id=9014):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="5800000002060108000000bca3000000000000400500010006000000050005000200000005000400000000000900020073797a31000000000c000780080012400000000211000300686173683a69702c6d61726b"], 0x58}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140a2fd4ebc08000a400000000205000300020000000900020073797a310000000005000100"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
pipe(&(0x7f0000000000))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5, 0x0, 0x2000000000000}, 0x18)

4m13.550381582s ago: executing program 0 (id=9030):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100004, 0x2, 0xfffffffc, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f0000000080)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5ffdffa)
futex_waitv(&(0x7f0000001e40)=[{0x1, &(0x7f0000000440)=0xde, 0x2}, {0x7, &(0x7f00000004c0)=0x4, 0x2}, {0x1, &(0x7f0000000500)=0x400000000000, 0x2}, {0x5, &(0x7f0000000540)=0xfffffffffffffffd, 0x2}, {0x5, &(0x7f0000000580)=0x8, 0x82}, {0x964, &(0x7f00000005c0)=0xfffffffffffff182, 0x2}, {0x800, &(0x7f0000000600)=0xbd59, 0x82}, {0xaa73, &(0x7f0000000740)=0x7, 0x2}, {0xbea, &(0x7f0000000780)=0x6}, {0x5, &(0x7f0000000880)=0x5df4, 0x2}, {0x4, &(0x7f00000008c0)=0x8, 0x82}, {0x3, &(0x7f0000000900)=0x5, 0x82}, {0x10000, &(0x7f0000000940)=0x4, 0x2}, {0x8, &(0x7f0000000980)=0x7, 0x2}, {0x6, &(0x7f00000009c0)=0x9, 0x82}, {0x100000001, &(0x7f0000000a40)=0xe4c5, 0x82}, {0x10, &(0x7f0000000a80)=0x7, 0x82}, {0x1, &(0x7f0000000ac0)=0x711, 0x82}, {0x5, &(0x7f0000000b00)=0x3}, {0xb, &(0x7f0000000b40)=0xfffffffffffffffc, 0x2}, {0x6, &(0x7f0000000b80)=0x100000001, 0x2}, {0x2b, &(0x7f0000000bc0)=0x3ff, 0x2}, {0x2, &(0x7f0000000c00)=0x6, 0x2}, {0x8000, &(0x7f0000000c40)=0x8000000000000000, 0x80}, {0x3, &(0x7f0000000c80)=0x6, 0x2}, {0x3, &(0x7f0000000cc0), 0x2}, {0x7, &(0x7f0000000d00)=0x6, 0x2}, {0x5, &(0x7f0000000d40), 0x2}, {0x4, &(0x7f0000000d80)=0x49, 0x2}, {0x3, &(0x7f0000000dc0)=0x8, 0x2}, {0x81, &(0x7f0000000e00)=0x2, 0x82}, {0x798, &(0x7f0000000e40)=0xffff, 0x2}, {0x1, &(0x7f0000000e80)=0x6, 0x82}, {0xc350, &(0x7f0000000ec0)=0x5, 0x2}, {0x1, &(0x7f0000000f00)=0xfffffffffffffff8, 0x82}, {0x7, &(0x7f0000000f40)=0x6, 0x82}, {0x0, &(0x7f0000000f80)=0x148f, 0x82}, {0x2800000000000000, &(0x7f0000000fc0)=0x3, 0x82}, {0x1000, &(0x7f0000001000)=0x9, 0x2}, {0x8, &(0x7f0000001040)=0xe, 0x82}, {0x4f04, &(0x7f0000001080)=0xfffffffffffffff5, 0x2}, {0xf, &(0x7f00000010c0)=0x5, 0x2}, {0xfffffffffffffbff, &(0x7f0000001100), 0x2}, {0x1, &(0x7f0000001140)=0x5, 0x82}, {0x1ff, &(0x7f0000001180)=0x1}, {0x7, &(0x7f00000011c0)=0xc, 0x2}, {0x8, &(0x7f0000001200)=0x3, 0x2}, {0x2, &(0x7f0000001240)=0xc0, 0x82}, {0x80, &(0x7f0000001280)=0x7fffffff, 0x2}, {0x80000001, &(0x7f00000012c0), 0x2}, {0x25, &(0x7f0000001300)=0x8d, 0x2}, {0x1, &(0x7f0000001340)=0x9, 0x82}, {0xfffffffffffff801, &(0x7f0000001380)=0x1, 0x2}, {0xfffffffffffffff8, &(0x7f00000013c0)=0x4, 0x2}, {0x800000000000000, &(0x7f0000001400)=0x3, 0x82}, {0x5, &(0x7f0000001440)=0xff, 0x2}, {0x0, &(0x7f0000001480)=0xffffffffffffbfa0}, {0x6, &(0x7f0000001680)=0x8000, 0xc3}, {0x2, &(0x7f00000016c0)=0x3ff, 0x2}, {0x5, &(0x7f0000001700)=0xfffffffffffffc01, 0x2}, {0x7, &(0x7f0000001740)=0x4, 0x82}, {0x2, &(0x7f0000001780), 0x82}, {0x3, &(0x7f00000017c0)=0x9, 0x82}, {0xe, &(0x7f0000001800)=0x8, 0x2}, {0x7fffffffffffffff, &(0x7f0000001840)=0x4, 0x82}, {0x7, &(0x7f0000001880)=0x8, 0x82}, {0xc, &(0x7f00000018c0)=0x4, 0x82}, {0x3, &(0x7f0000001900)=0x3bce7626, 0x82}, {0x4, &(0x7f0000001940)=0x3, 0x76898381b7e9a2fd}, {0x72fa, &(0x7f0000001980)=0x7, 0x2}, {0x3, &(0x7f00000019c0)=0xd, 0x82}, {0x3608000000000000, &(0x7f0000001a00)=0x3, 0x2}, {0x7, &(0x7f0000001a40)=0x1, 0x2}, {0x1, &(0x7f0000001a80)=0x944d, 0x2}, {0xc, &(0x7f0000001ac0)=0x5, 0x82}, {0x7fff, &(0x7f0000001b00)=0xfffffffffffffffc, 0x2}, {0x8, &(0x7f0000001b40)=0x101, 0x2}, {0x5, &(0x7f0000001b80)=0x7, 0x82}, {0x20, &(0x7f0000001bc0)=0x2, 0x82}, {0x6, &(0x7f0000001c00)=0x10000, 0x82}, {0x6, &(0x7f0000001c40)=0x5, 0x82}, {0xd, &(0x7f0000001c80)=0xfffffffffffff381, 0x82}], 0x52, 0x0, &(0x7f00000026c0), 0x1)

4m13.49146918s ago: executing program 0 (id=9031):
r0 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x18)
add_key(&(0x7f0000000000)='ceph\x00', 0x0, &(0x7f0000000080)="010000000037a788a11d18000000000000006923c63a4541062101b60a2156566de77062086575a59ea9cb", 0x2b, r0)

4m13.420917379s ago: executing program 0 (id=9033):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x4}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c00000010000b042bbd70000005000000000000", @ANYRES32=0x0, @ANYBLOB="220871d61e4001001c0012800b0001006d616373656300000c000280050003000b"], 0x3c}}, 0x0)

4m13.33682446s ago: executing program 0 (id=9034):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000040)='FROZEN\x00', 0x7)
openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000300000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94)
r5 = socket(0x1, 0x3, 0x0)
bind$unix(r5, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000880)=[{{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1400"], 0x18, 0x64001}}], 0x2, 0x0)
r6 = perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0xa109, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x0, 0x2000000000000}, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_RESET(r6, 0x2403, 0x80000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
r7 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r7, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x21)
openat(0xffffffffffffff9c, 0x0, 0x202a03, 0x0)
bind$inet6(r2, &(0x7f0000000380)={0xa, 0x2, 0xfffffffc, @empty, 0x80000001}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
r8 = dup(r2)
sendto$packet(r8, &(0x7f00000003c0)='(', 0xfffffffffffffed1, 0x24004090, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000080)='THAWED\x00', 0x7)

4m13.167770342s ago: executing program 0 (id=9036):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000040)='FROZEN\x00', 0x7)
r2 = openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000300000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94)
r6 = socket(0x1, 0x3, 0x0)
bind$unix(r6, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000880)=[{{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1400"], 0x18, 0x64001}}], 0x2, 0x0)
r7 = perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0xa109, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x0, 0x2000000000000}, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_RESET(r7, 0x2403, 0x80000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
r8 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r8, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x21)
openat(0xffffffffffffff9c, 0x0, 0x202a03, 0x0)
bind$inet6(r3, &(0x7f0000000380)={0xa, 0x2, 0xfffffffc, @empty, 0x80000001}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
r9 = dup(r3)
sendto$packet(r9, &(0x7f00000003c0)='(', 0xfffffffffffffed1, 0x24004090, 0x0, 0x0)
r10 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(r2, &(0x7f0000000180)=r10, 0x12)

3m58.77425764s ago: executing program 32 (id=9036):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000040)='FROZEN\x00', 0x7)
r2 = openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000300000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94)
r6 = socket(0x1, 0x3, 0x0)
bind$unix(r6, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000880)=[{{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1400"], 0x18, 0x64001}}], 0x2, 0x0)
r7 = perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0xa109, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x0, 0x2000000000000}, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_RESET(r7, 0x2403, 0x80000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
r8 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r8, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x21)
openat(0xffffffffffffff9c, 0x0, 0x202a03, 0x0)
bind$inet6(r3, &(0x7f0000000380)={0xa, 0x2, 0xfffffffc, @empty, 0x80000001}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
r9 = dup(r3)
sendto$packet(r9, &(0x7f00000003c0)='(', 0xfffffffffffffed1, 0x24004090, 0x0, 0x0)
r10 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(r2, &(0x7f0000000180)=r10, 0x12)

3.222816004s ago: executing program 3 (id=12707):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000176fa5c4009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file1\x00', 0x0, &(0x7f0000000000), 0xfe, 0x250, &(0x7f0000000300)="$eJzs3T9oJFUcB/DvzO565m7RUxtB/AMiooFwdoLN2SgcyHGICCqciNgod8J5h11iZWOhtUoqmyB2RktJE2wUwSpqitgIGiwMFlqs7M4G8mc1ZnfdkcznA5OZybyZ3xt2vm+3ebsBGutskvNJWknmk3SSFHsb3FctZ4e7y3Prl5Ne7+lfi0G7ar+ye96ZJEtJHk2yVhZ5tZ3cWH1+6/eNJx9853rngY9Wn5ub6U0ObW9tPrXz4cW3P73wyI2vv/35YpHz6e67r+krRvyvXSS3/xfF/ieKdt094N+49OYn3/Vzf0eS+wf576RM9eK9e+2mtU4e/uDvzn3vl2/ummVfgenr9Tr998ClHtA4ZZJuinIhSbVdlgsL1Wf471uny9euXntj/pWr16+8XPdIBUxLN9l84vNTn505kP+fWlX+gZOrn/9nLq380N/eadXdG2Am7q5W/fzPv7j4UOQfGkf+obnkH5pL/qG55B+aS/6hueQfTrDOPx+Wf2gu+Yfmkn9orr35BwCapXdqnFnDt05/IjIwc3WPPwAAAAAAAAAAAAAAAAAAwGHLc+uXd5dxr1Ecs/2X7yfbjydpj6rfGvwecXLz4O/p34p+s3212uN2dOiFeye8wIQ+rnn29S0/1lv/q3vqrb94JVl6K8m5dvvw81cMn7/x3XbE8c5LExY4poP5fOzZ2dY/6M+Veutf2Ei+6I8/50aNP2XuHKxHjz/do79i+Uiv/zHhBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJiZvwIAAP//1rxsXQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x1)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000880)=0x40)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r4, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
ioctl$EXT4_IOC_MIGRATE(r3, 0x6609)

3.076460062s ago: executing program 3 (id=12710):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='mm_page_free\x00', r2, 0x0, 0x3}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="71756965742c646f74732c6572726f72733d636f6e74696e75652c6e6f646f74732c636865636b3d72656c617865642c646f733178666c6f7070792c6e66732c646f74732c6e6f646f74732c0052bbde30ad1b84bbd4c68ac5df60afc617ca0829fb9a153080d7fe1db0f2c220c8"], 0x1, 0x255, &(0x7f0000001980)="$eJzs3TFrE2EYB/DHNm1jHexcHA5cnII6uQapIAaESAadPKgurQjX5XS6j+Fn8CP5MTp1O7EXmjRGi9jr2+R+Pwj3wD+B500gb4bnzb1/8Ono8PPJx/rHt+j3s+hFVHUdsRcbsRmNO9Prxnm9HfOqAABWzXicD1P3QLuKYphvRcTOb8nke5KGAAAAAAAAAAAA+G/L5v/jzPw/AKyz+fn//bSt0JKiGOa7099vl5n/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANI5q+v79V8eqfsDAK6f/R8Ausf+DwDdY/8HgO558/bdq+FodDDOsn7EaVVOyklzbfIXL0cHj7Nze7NXnZblZPMif9Lk2eV8K3an+dOl+XY8etjkv7Lnr0cL+U4cLjZ7t5W3AAAAAAAAAAAAAAAAAAAAAJIbZBeWnu8fDP6UN9Xc/wMsnN/vxX7vxpYBAAAAAAAAAAAAAAAAAAAAK+3ky9ej/Pj4Q6G4urgXt6KNq4p4divauOkiVuPTSVj0/uXJqb+ZAAAAAAAAAAAAAAAAAACge2aHflN3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADpzO7/314REVXdSL1cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYI39DAAA//8hc5nH")
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0)
r4 = socket$inet(0x10, 0x3, 0xffffffff)
socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r5, &(0x7f00000001c0)="5402aec779", 0x0}, 0x20)
r6 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r7 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x1}, 0x0, 0x0, r6)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x1e, r7, r7, r6, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'macvlan0\x00'})
openat$sysfs(0xffffff9c, &(0x7f00000003c0)='/sys/power/pm_trace_dev_match', 0x20800, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = add_key$keyring(&(0x7f0000000580), &(0x7f00000006c0)={'syz', 0x2}, 0x0, 0x0, r6)
request_key(&(0x7f0000000400)='id_resolver\x00', &(0x7f00000004c0)={'syz', 0x0}, &(0x7f0000000500)='-(\x00', r8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$can_raw(0xffffffffffffffff, &(0x7f0000000240), 0x10)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x1d, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES16], 0x48)

2.933160341s ago: executing program 3 (id=12714):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000740)='kfree\x00', r2, 0x0, 0x40008003}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r4=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="010000000b000000050010000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r4, @ANYRES32, @ANYBLOB="0000000002"], 0x50)

2.873991718s ago: executing program 3 (id=12715):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000440)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000040000000c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r2, 0xe0, &(0x7f0000000940)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000600)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000007c0)=[0x0], 0x0, 0x3, &(0x7f0000000800)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x0, 0x0, &(0x7f00000008c0), 0x8, 0x4f, 0x8, 0x8, &(0x7f0000000900)}}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c"], 0x38}, 0x1, 0x0, 0x0, 0x8040044}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08d1ca4eb6b8b4889cdd4e786eb807e04eb88b935d78"], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='mm_collapse_huge_page_swapin\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@fallback=<r6=>r4, 0x35, 0x0, 0x6, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0], <r7=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000b40)=ANY=[@ANYRES32=r5, @ANYRES32, @ANYRESOCT=r6, @ANYRES32, @ANYRESDEC=r1, @ANYRES32, @ANYRESHEX=r3, @ANYRES64=r7], 0x20)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_tracing={0x1a, 0x1d, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@exit, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @generic={0x1, 0x0, 0x7, 0x80, 0x3}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x3}, @generic={0x1, 0x5, 0x7, 0x8, 0xc4fa}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000140)='syzkaller\x00', 0x42e, 0x60, &(0x7f0000000400)=""/96, 0x41000, 0x1, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x3, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x2ff12, 0xffffffffffffffff, 0x8, 0x0, &(0x7f0000000480)=[{0x1, 0x5, 0x1, 0x9}, {0x5, 0x4, 0xd, 0xa}, {0x1, 0x1, 0x4, 0x9}, {0x4, 0x5, 0x4, 0x2}, {0x2, 0x4, 0x4, 0x5}, {0x2, 0x3, 0xd, 0x2}, {0x3, 0x5, 0x8, 0xb}, {0x4, 0x2, 0x4, 0x9}]}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x25, 0x11, @val=@netkit={@void, @value=r8, @void, @void, r7}}, 0x1c)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KDSKBSENT(r6, 0x4b49, &(0x7f0000000d00)={0xf0, "79428f34c6c8b938468025447cac8a7812cabb17fabdc2339cc6e8160220284a0e964c880809df8751ba45b2934e101eb4976b608b909eb409ba1bccbb6035480e960ad141b97d197f1ecd3286a3a3249a660681f981603bc6c37559c5450e4b6b61971578498efd8ebaf8b32e9cda4bdc49bf601193c38abd837eaa1f2124d385674228534da2baf45dcaa1a1f74586bd4c6ea71a68a2f76a7338ce8657146efeb3d66a148e75cd644a81d2e416c95ed4f88fa2575ba9000092d060241f4803bcbb8f7f6bf11545627b6809eabc6fb4940d963240edea6674cf75fb329d9ed583a3e02db2ec3851caeff2b713d49401b99d247a3550772aae649e7648651540afd6ecd245bffe2db082dfb3fd0b74d072578d24741f59da24d33eebf2b1de9dabd0b5ee6a996756e901269dc7b57bdd3ef537ce6b8bf96f412009f612bd1f5ac918c443bac7d90bcd338f07ad4e10115956bb0a177ac59717b2db5b5cfc5a6679c23901b34ac7f1ad54df168ebdf8271d1174d2fc32d1dd42bf8381a68ae17fb2746ade0b2fa87cf76908ee32a5721ef07cc264b1339a9d7b788f2bb47bc7375b537404840504c5330b21a5d71790888a4d7f424636bf44f3bfbfc71870153698b7669b6202cde681a6d031760057e6e74d2ad4ef2b08eea4cba57f84a4cd6252bbffd51d4115d712ce9181cea2bb0c21e48e965886bceacc3ebc4da0908fb4"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000340)='kfree\x00', r9, 0x0, 0x80000}, 0x18)

2.809865177s ago: executing program 3 (id=12717):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kfree\x00', r2, 0x0, 0xffff}, 0x18)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0xfd, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x4}, 0x4202, 0x400000000000002, 0x0, 0x0, 0xa, 0x2000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xb)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
close(0xffffffffffffffff)
inotify_init1(0x800)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2c00)
r3 = gettid()
fcntl$setown(0xffffffffffffffff, 0x8, r3)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff7]}, 0x0, 0x0, 0x8)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000000c0)='./control\x00', 0xa400080a)
rmdir(&(0x7f0000000100)='./control\x00')

2.306616872s ago: executing program 2 (id=12723):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffbfe, 0x1, @perf_config_ext={0x2, 0xb}, 0x182, 0xfffc, 0x5, 0x2, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, 0x0, 0x18)
syz_mount_image$msdos(&(0x7f0000000480), &(0x7f0000000200)='./file0\x00', 0x14814, &(0x7f0000000640)=ANY=[], 0x1, 0x20e, &(0x7f0000000d00)="$eJzs27FqU1EYB/B/alpv7GAHJ1EMdHEq6hMYpIIYECoZdDJQXVoR0iUKYp/HWfAVfBmXDtItcnujbWMKrWmaGn8/OJyPfDnkuwfCd4ZzX916u7X5bufN4se9FLVmFpKH2U9WymioNpyLg3gpx9QyiR8TrQYA/srGRreVfJ11GUxRr9fq3lhdHpPpfJ5BOQAAAAAAAAAAAJyDs9z/X0g+jd7/373gegGAyVX3/5lHjeHc67W6t6vz2wj3/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDZ2R8Mrg/KUQzn4biapEjSSHItST1J+fms6wUAJrc/ON73T+r/SWpJ9H8AmAPPX7x82mq31zeazSL5vtvv9DvVXOUfP2mv32seWDlctdfvd64kKUd7/X6Vbx7PLx6cG8r1D8bml3J3tcqXuUfP2iP55WxexAYAwH9orfnbkf7+q7cna2vj8mV/rqIj54OR/l3PzfrYn1yY0qMAAKe08/7DVnd7+3Xv3IPa2VY1hgWd/J0v9WmVOmnQmPpmXorgW+0ylJFcjt34h4PidPsMzLfDP/1opphNQQAAAAAAAAAAAAAAwB8u4pWjJHdm/ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMyXnwEAAP//2d9NhA==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x0, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r4, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
getdents64(r1, &(0x7f0000002fc0)=""/4113, 0x1011)

2.24393239s ago: executing program 2 (id=12724):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='mm_page_free\x00', r2, 0x0, 0x3}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="71756965742c646f74732c6572726f72733d636f6e74696e75652c6e6f646f74732c636865636b3d72656c617865642c646f733178666c6f7070792c6e66732c646f74732c6e6f646f74732c0052bbde30ad1b84bbd4c68ac5df60afc617ca0829fb9a153080d7fe1db0f2c220c8"], 0x1, 0x255, &(0x7f0000001980)="$eJzs3TFrE2EYB/DHNm1jHexcHA5cnII6uQapIAaESAadPKgurQjX5XS6j+Fn8CP5MTp1O7EXmjRGi9jr2+R+Pwj3wD+B500gb4bnzb1/8Ono8PPJx/rHt+j3s+hFVHUdsRcbsRmNO9Prxnm9HfOqAABWzXicD1P3QLuKYphvRcTOb8nke5KGAAAAAAAAAAAA+G/L5v/jzPw/AKyz+fn//bSt0JKiGOa7099vl5n/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANI5q+v79V8eqfsDAK6f/R8Ausf+DwDdY/8HgO558/bdq+FodDDOsn7EaVVOyklzbfIXL0cHj7Nze7NXnZblZPMif9Lk2eV8K3an+dOl+XY8etjkv7Lnr0cL+U4cLjZ7t5W3AAAAAAAAAAAAAAAAAAAAAJIbZBeWnu8fDP6UN9Xc/wMsnN/vxX7vxpYBAAAAAAAAAAAAAAAAAAAAK+3ky9ej/Pj4Q6G4urgXt6KNq4p4divauOkiVuPTSVj0/uXJqb+ZAAAAAAAAAAAAAAAAAACge2aHflN3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADpzO7/314REVXdSL1cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYI39DAAA//8hc5nH")
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0)
r4 = socket$inet(0x10, 0x3, 0xffffffff)
socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r5, &(0x7f00000001c0)="5402aec779", 0x0}, 0x20)
r6 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r7 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x1}, 0x0, 0x0, r6)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x1e, r7, r7, r6, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'macvlan0\x00'})
openat$sysfs(0xffffff9c, &(0x7f00000003c0)='/sys/power/pm_trace_dev_match', 0x20800, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = add_key$keyring(&(0x7f0000000580), &(0x7f00000006c0)={'syz', 0x2}, 0x0, 0x0, r6)
request_key(&(0x7f0000000400)='id_resolver\x00', &(0x7f00000004c0)={'syz', 0x0}, &(0x7f0000000500)='-(\x00', r8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$can_raw(0xffffffffffffffff, &(0x7f0000000240), 0x10)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x1d, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES16], 0x48)

2.169311649s ago: executing program 2 (id=12726):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r2], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000000a40)}], 0x3)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000800000000000000000000000000000002"])
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_timeval(r4, 0x1, 0x2, 0x0, 0x48)
getsockopt$inet6_mptcp_buf(r4, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000005c0)=0x98)
socket(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0xd9a, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x17c, 0x28, 0xd27, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xffff, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x14c, 0x2, [@TCA_CGROUP_ACT={0x5b}]}}]}, 0x17c}, 0x1, 0x0, 0x0, 0x8810}, 0x404c0c0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f0000000340), 0x1, 0x7c3, &(0x7f0000001680)="$eJzs3c1rHOcZAPBnVpJXkt1KhdLWN0HBFRivKle1W+jBpYdSqMHQnmuL1Vq4WmmNdmUsIahNCeQSSEIOgeTicz6cW675gFyS/Bc5BBsnkU0ccggKszsrydKuPmxpV7F+PxjN+87M6nmf+Xx3Z9gN4MgaSf/kIk5GxMtJxFA2PYmIvnqpN+JCY7nHK8v9EVFMYnX1X18n9WUerSwXY8NrUsezym8i4qMXIk7ntsatLi7NTJbLpfmsPlabvT5WXVw6c212cro0XZo7Nz4xcfb8H8+f279cv/186cT9V/7+u3cvfP//X9996eMkLsSJbN7GPPbLSIxk66QvXYVP+Nt+B+uypNsN4Kmkh2ZP4yiPkzEUPfVSGwOdbBkAcFD+FxGrAMARk7j+A8AR0/wc4NHKcrE5dPcTic568NeI6G/k/zgbGnN6s3t2/fX7oIOPkifujCQRMbwP8Uci4s33/3OqJ6un7XAvDeiEW7cj4srwyNbzf7LlmYW9+v12M1fz9dHIpslH7foD3fRB2v/5U6v+X26t/xMt+j/5xrH7q2eNv/Pxn7v3rDG2k/b//tJ4tm1T/2/tobXhnqz2s3qfry+5eq1cSs9tP4+I0ejLp/Xx+qKte26jD3942C5+1v97Ox2+efW/b6Xx0/H6Erl7vfknXzM1Wev95FkTzzy4HYNZcVP+ydr2T9r0fy/tMsY//vziG+3mpfmn+TaHrfkfrNU7Eadabv/1bZls+3ziWH13GGvuFC2898Xrg+3ib9z+6ZDGT8f7n2lrD25HfQdIkvV10Jizlv9wsvF5zereY3x2Z+jDdvN2zr/l/j95LPl3vXwsm3ZzslabH484lvxz6/Sz669t1pvLp/mP/rb18d8I23r/T98TXtll/r33v3rn6fM/WGn+U9vv/5u2f382eX3KToW7j2d62sXf3fafqJdGsynp9t8pr9206+n2ZgAAAAAAAAAAAAAAAAAAAAAAAADYu1xEnIgkV1gr53KFQuM3vH8Zg7lypVo7fbWyMDcV9d/KHo6+XPOrLoc2fB/qePZ9+M362U31P0TELyLitfxAvV4oVspT3U4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADLH2/z+f+rLfLdbBwAcmP5uNwAA6DjXfwA4evZ2/R84sHYAAJ3j/T8AHD27vv5fOdh2AACd0+b6v9zpdgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDcunTxYjqsfreyXEzrUzcWF2YqN85MlaozhdmFYqFYmb9emK5UpsulQrEy2/Yf3WqMypXK9YmYW7g5VitVa2PVxaXLs5WFudrla7OT06XLpb6OZQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu1ddXJqZLJdL889D4dP8emL7HGKgqwkOHorVu7HQG4eiGYe6kI8ts3KHomG7Kmw8Swx04cwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8NPwYwAAAP//L0cXYQ==")
r6 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
readv(r6, &(0x7f0000000100)=[{&(0x7f0000000080)=""/20, 0x14}], 0x1)

1.990443463s ago: executing program 3 (id=12728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000000c0)='kmem_cache_free\x00', r1}, 0x18)
syz_emit_ethernet(0x9a, &(0x7f0000000880)=ANY=[@ANYBLOB="0180c2000000ffffffffffff86dd6000008000641100fe80000000f0ffffffffffffff0000bbff02000000000000000000000000000100004e22004d90"], 0x0)
r2 = socket(0xa, 0x801, 0x0)
getsockopt(r2, 0x29, 0x40, &(0x7f0000000000)=""/84, &(0x7f0000001ffc)=0x54)
r3 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x9, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYRESHEX=r3], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x22e6, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=<r6=>r4, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="0b000000050000000400000032a9000009"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000900000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000f9ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x40083}, [@IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "6f5dd65353431b8b38e8f0ed9d71914e79f7a2943c8b59558ab11f"}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
arch_prctl$ARCH_GET_CPUID(0x1011)
futex(&(0x7f0000004000), 0x5, 0x0, 0x0, &(0x7f0000004000), 0xba01fffe)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000140)={<r11=>0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x4e24, 0x9, @private2, 0x7177}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r10, 0x84, 0x9, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e24, 0x9, @private2={0xfc, 0x2, '\x00', 0x1}, 0x807}}, 0x5, 0x0, 0x80000003, 0x104, 0xa4a5d775fdfb06c4, 0x7, 0x6}, 0x9c)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f00000001c0)=ANY=[@ANYRES16=r6, @ANYRES32=r4, @ANYRES64=r4, @ANYRES64=r10, @ANYRESDEC=r11, @ANYRES16, @ANYRESHEX=r10, @ANYRESHEX=r5, @ANYRESDEC, @ANYRESOCT=r10], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r12}, 0x10)
r13 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r13, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r13, 0x400455c8, 0x0)

1.834323973s ago: executing program 4 (id=12735):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000440)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000040000000c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r2, 0xe0, &(0x7f0000000940)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000600)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000007c0)=[0x0], 0x0, 0x3, &(0x7f0000000800)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x0, 0x0, &(0x7f00000008c0), 0x8, 0x4f, 0x8, 0x8, &(0x7f0000000900)}}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x8040044}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r4, 0x0, 0x0)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='mm_collapse_huge_page_swapin\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@fallback=<r6=>r4, 0x35, 0x0, 0x6, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0], <r7=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000b40)=ANY=[@ANYRES32=r5, @ANYRES32, @ANYRESOCT=r6, @ANYRES32, @ANYRESDEC=r1, @ANYRES32, @ANYRESHEX=r3, @ANYRES64=r7], 0x20)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_tracing={0x1a, 0x1d, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@exit, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @generic={0x1, 0x0, 0x7, 0x80, 0x3}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x3}, @generic={0x1, 0x5, 0x7, 0x8, 0xc4fa}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000140)='syzkaller\x00', 0x42e, 0x60, &(0x7f0000000400)=""/96, 0x41000, 0x1, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x3, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x2ff12, 0xffffffffffffffff, 0x8, 0x0, &(0x7f0000000480)=[{0x1, 0x5, 0x1, 0x9}, {0x5, 0x4, 0xd, 0xa}, {0x1, 0x1, 0x4, 0x9}, {0x4, 0x5, 0x4, 0x2}, {0x2, 0x4, 0x4, 0x5}, {0x2, 0x3, 0xd, 0x2}, {0x3, 0x5, 0x8, 0xb}, {0x4, 0x2, 0x4, 0x9}]}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x25, 0x11, @val=@netkit={@void, @value=r8, @void, @void, r7}}, 0x1c)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KDSKBSENT(r6, 0x4b49, &(0x7f0000000d00)={0xf0, "79428f34c6c8b938468025447cac8a7812cabb17fabdc2339cc6e8160220284a0e964c880809df8751ba45b2934e101eb4976b608b909eb409ba1bccbb6035480e960ad141b97d197f1ecd3286a3a3249a660681f981603bc6c37559c5450e4b6b61971578498efd8ebaf8b32e9cda4bdc49bf601193c38abd837eaa1f2124d385674228534da2baf45dcaa1a1f74586bd4c6ea71a68a2f76a7338ce8657146efeb3d66a148e75cd644a81d2e416c95ed4f88fa2575ba9000092d060241f4803bcbb8f7f6bf11545627b6809eabc6fb4940d963240edea6674cf75fb329d9ed583a3e02db2ec3851caeff2b713d49401b99d247a3550772aae649e7648651540afd6ecd245bffe2db082dfb3fd0b74d072578d24741f59da24d33eebf2b1de9dabd0b5ee6a996756e901269dc7b57bdd3ef537ce6b8bf96f412009f612bd1f5ac918c443bac7d90bcd338f07ad4e10115956bb0a177ac59717b2db5b5cfc5a6679c23901b34ac7f1ad54df168ebdf8271d1174d2fc32d1dd42bf8381a68ae17fb2746ade0b2fa87cf76908ee32a5721ef07cc264b1339a9d7b788f2bb47bc7375b537404840504c5330b21a5d71790888a4d7f424636bf44f3bfbfc71870153698b7669b6202cde681a6d031760057e6e74d2ad4ef2b08eea4cba57f84a4cd6252bbffd51d4115d712ce9181cea2bb0c21e48e965886bceacc3ebc4da0908fb4"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000340)='kfree\x00', r9, 0x0, 0x80000}, 0x18)

1.804126556s ago: executing program 4 (id=12736):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newsa={0x194, 0x10, 0x1, 0x70bd2b, 0x0, {{@in6=@private1, @in=@private=0xa010100, 0x0, 0xecdf}, {@in=@broadcast, 0x0, 0x32}, @in6=@private0, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x400800}, {0x1000}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x2c}, [@algo_crypt={0x58, 0x2, {{'cbc(aes)\x00'}, 0x80, "e0fad3f10cd3a506627800000000074f"}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha256)\x00'}, 0x0, 0x80}}]}, 0x194}}, 0x4050)

1.788703019s ago: executing program 4 (id=12737):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
close_range(r2, 0xffffffffffffffff, 0x0)

1.771363941s ago: executing program 4 (id=12738):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kfree\x00', r2, 0x0, 0xffff}, 0x18)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0xfd, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x4}, 0x4202, 0x400000000000002, 0x0, 0x0, 0xa, 0x2000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xb)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
close(0xffffffffffffffff)
inotify_init1(0x800)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2c00)
r3 = gettid()
fcntl$setown(0xffffffffffffffff, 0x8, r3)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff7]}, 0x0, 0x0, 0x8)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000000c0)='./control\x00', 0xa400080a)
rmdir(&(0x7f0000000100)='./control\x00')

1.359745904s ago: executing program 1 (id=12745):
r0 = socket$key(0xf, 0x3, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_io_uring_setup(0xa, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
listen(0xffffffffffffffff, 0xfff)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000480), 0x4)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$xdp(0x2c, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000100)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x3, {0x1, 0x1, 0x2}}, 0x10, 0x0}, 0x4800)
sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000040003"], 0xa8}}, 0x40000)

1.300839532s ago: executing program 2 (id=12747):
socket(0x10, 0x3, 0x0)
getgid()
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f0000000000)={0x1d, r2}, 0xb)
close_range(r0, 0xffffffffffffffff, 0x0)

1.287925653s ago: executing program 1 (id=12748):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
close_range(r2, 0xffffffffffffffff, 0x0)

1.256603677s ago: executing program 2 (id=12749):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES16, @ANYBLOB="0000000000000000b708000c000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x200, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
syz_clone(0xa5144411, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
ioprio_set$pid(0x2, 0x0, 0x4007)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x5c, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000004c0)='net_dev_start_xmit\x00', r3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r4}, 0x10)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x51, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0x5, 0x3, 0x2, 0x0, 0xe61b, 0x0, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xff, 0x55c, &(0x7f0000000440)="$eJzs3c9rHFUcAPDvbDb9rU2hFPQgwR6s1G6axB8VPNSjaLGg97ok01Cy6ZbspjSxYHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzUx+7ubntkndzwdm+97O27757pv3+mbelA2gZw1mL6WIVyLi2yTi+Ip95ch3Di6Wm396eyzbklhY+OyvJJL8vaJ8kv95tMiUI377OuJsaVWVA9lLY3ZuslqrpdP5m0PNqRtDjdm5c9emqhPpRHp9ZHT0wjujI++/9+7aQ07u7DDWNy//88OnDz+68M3p+e9/eXzifhIX41i+b2Ucu7Dq0AZjMP9O+uPimoLDXahsP0n2+gDYkb68n/dHNgYcj7681wP/f19FxALQoxL9H3pUMQ8oru27dB38wnjy4eIF0Pr4y4v3RuJQ69royHyy6sooKW5k7FJWx69/PrifbdG9+xAAm7pzNyLOl8vrx78kH/927vwWyqytw/gHz8/DbP7zVrv5T2lp/hNt5j9H2/Tdndi8/5ced6GajrL53wdt57/5otVADPTluZda2f7k6rVamo1tL0fEmeg/mOU3Ws+5MP9oodO+lfO/bMvqL+aC+XE8Lh9c/ZnxarO6u6iXPbkb8Wrb+W+y1P5Jm/bPvo/LW6zjVPrgtU77No//2Vr4OeKNtu2/vKKVbLw+OdQ6H4aKs2K9v++d+r1T/Xsdf9b+RzaOfyBZuV7b2H4dPx36N+20r2P8B4oS7c//A8nnrXRR7Fa12ZwejjiQfLL+/ZHlzxb5onwW/5nTG49/7c7/wxHxxRbjv3fyXseiu2r/Liy6ZvGPb6v9t5949PGXP24//kv53Yms/d9ulT2Tf2Yr499WD3D33yAAAAAAAADsH6WIOBZJqbKULpUqlcXnO07GkVKt3mievVp/PVr7Ws8/lIqV7uMrnocYzp+HLfIja/KjEXEiIr7rO9zKV8bqtfG9Dh4AAAAAAAAAAAAAAAAAAAD2iaMd/v9/5o++vT464Jnzk9/Quzbt/934pSdgX/LvP/Qu/R96l/4PvUv/h96l/0Pv0v+hd+n/0Lv0fwAAAAAAAAAAAAAAAAAAAAAAAAAAAOiqy5cuZdvC/NPbY1l+/ObszGT95rnxtDFZmZoZq4zVp29UJur1iVpaGatPbfb31er1G8MjMXNrqJk2mkON2bkrU/WZ680r16aqE+mVtP+5RAUAAAAAAAAAAAAAAAAAAAAvlsbs3GS1VkunJSR2lCjvj8OQ6HJir0cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFj2XwAAAP//4Uw7cA==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x100)
ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000180)={0x0, 0x3, 0x7, {0x2, 0x1ff}, {0x10a, 0xf771}, @ramp={0x10, 0x5, {0x5, 0x8, 0xe5b}}})
syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x4, 0x18e}, &(0x7f00000000c0), 0x0)
r5 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r5, &(0x7f0000000400)=[{&(0x7f0000000040)="aa1d484ea0c00000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)=0x6, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000080000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000004850000000600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)

1.249769468s ago: executing program 1 (id=12750):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES16, @ANYBLOB="0000000000000000b708000c000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x200, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
syz_clone(0xa5144411, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
ioprio_set$pid(0x2, 0x0, 0x4007)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x5c, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000004c0)='net_dev_start_xmit\x00', r3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r4}, 0x10)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x51, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0x5, 0x3, 0x2, 0x0, 0xe61b, 0x0, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xff, 0x55c, &(0x7f0000000440)="$eJzs3c9rHFUcAPDvbDb9rU2hFPQgwR6s1G6axB8VPNSjaLGg97ok01Cy6ZbspjSxYHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzUx+7ubntkndzwdm+97O27757pv3+mbelA2gZw1mL6WIVyLi2yTi+Ip95ch3Di6Wm396eyzbklhY+OyvJJL8vaJ8kv95tMiUI377OuJsaVWVA9lLY3ZuslqrpdP5m0PNqRtDjdm5c9emqhPpRHp9ZHT0wjujI++/9+7aQ07u7DDWNy//88OnDz+68M3p+e9/eXzifhIX41i+b2Ucu7Dq0AZjMP9O+uPimoLDXahsP0n2+gDYkb68n/dHNgYcj7681wP/f19FxALQoxL9H3pUMQ8oru27dB38wnjy4eIF0Pr4y4v3RuJQ69royHyy6sooKW5k7FJWx69/PrifbdG9+xAAm7pzNyLOl8vrx78kH/927vwWyqytw/gHz8/DbP7zVrv5T2lp/hNt5j9H2/Tdndi8/5ced6GajrL53wdt57/5otVADPTluZda2f7k6rVamo1tL0fEmeg/mOU3Ws+5MP9oodO+lfO/bMvqL+aC+XE8Lh9c/ZnxarO6u6iXPbkb8Wrb+W+y1P5Jm/bPvo/LW6zjVPrgtU77No//2Vr4OeKNtu2/vKKVbLw+OdQ6H4aKs2K9v++d+r1T/Xsdf9b+RzaOfyBZuV7b2H4dPx36N+20r2P8B4oS7c//A8nnrXRR7Fa12ZwejjiQfLL+/ZHlzxb5onwW/5nTG49/7c7/wxHxxRbjv3fyXseiu2r/Liy6ZvGPb6v9t5949PGXP24//kv53Yms/d9ulT2Tf2Yr499WD3D33yAAAAAAAADsH6WIOBZJqbKULpUqlcXnO07GkVKt3mievVp/PVr7Ws8/lIqV7uMrnocYzp+HLfIja/KjEXEiIr7rO9zKV8bqtfG9Dh4AAAAAAAAAAAAAAAAAAAD2iaMd/v9/5o++vT464Jnzk9/Quzbt/934pSdgX/LvP/Qu/R96l/4PvUv/h96l/0Pv0v+hd+n/0Lv0fwAAAAAAAAAAAAAAAAAAAAAAAAAAAOiqy5cuZdvC/NPbY1l+/ObszGT95rnxtDFZmZoZq4zVp29UJur1iVpaGatPbfb31er1G8MjMXNrqJk2mkON2bkrU/WZ680r16aqE+mVtP+5RAUAAAAAAAAAAAAAAAAAAAAvlsbs3GS1VkunJSR2lCjvj8OQ6HJir0cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFj2XwAAAP//4Uw7cA==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x100)
ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000180)={0x0, 0x3, 0x7, {0x2, 0x1ff}, {0x10a, 0xf771}, @ramp={0x10, 0x5, {0x5, 0x8, 0xe5b}}})
syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x4, 0x18e}, &(0x7f00000000c0), 0x0)
r5 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r5, &(0x7f0000000400)=[{&(0x7f0000000040)="aa1d484ea0c00000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_int(r6, 0x0, 0x5, &(0x7f0000000080)=0x6, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000080000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000004850000000600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)

924.67909ms ago: executing program 4 (id=12758):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r2], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000000a40)}], 0x3)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000800000000000000000000000000000002"])
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_timeval(r4, 0x1, 0x2, 0x0, 0x48)
getsockopt$inet6_mptcp_buf(r4, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000005c0)=0x98)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0xd9a, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x17c, 0x28, 0xd27, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xffff, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x14c, 0x2, [@TCA_CGROUP_ACT={0x5b}]}}]}, 0x17c}, 0x1, 0x0, 0x0, 0x8810}, 0x404c0c0)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f0000000340), 0x1, 0x7c3, &(0x7f0000001680)="$eJzs3c1rHOcZAPBnVpJXkt1KhdLWN0HBFRivKle1W+jBpYdSqMHQnmuL1Vq4WmmNdmUsIahNCeQSSEIOgeTicz6cW675gFyS/Bc5BBsnkU0ccggKszsrydKuPmxpV7F+PxjN+87M6nmf+Xx3Z9gN4MgaSf/kIk5GxMtJxFA2PYmIvnqpN+JCY7nHK8v9EVFMYnX1X18n9WUerSwXY8NrUsezym8i4qMXIk7ntsatLi7NTJbLpfmsPlabvT5WXVw6c212cro0XZo7Nz4xcfb8H8+f279cv/186cT9V/7+u3cvfP//X9996eMkLsSJbN7GPPbLSIxk66QvXYVP+Nt+B+uypNsN4Kmkh2ZP4yiPkzEUPfVSGwOdbBkAcFD+FxGrAMARk7j+A8AR0/wc4NHKcrE5dPcTic568NeI6G/k/zgbGnN6s3t2/fX7oIOPkifujCQRMbwP8Uci4s33/3OqJ6un7XAvDeiEW7cj4srwyNbzf7LlmYW9+v12M1fz9dHIpslH7foD3fRB2v/5U6v+X26t/xMt+j/5xrH7q2eNv/Pxn7v3rDG2k/b//tJ4tm1T/2/tobXhnqz2s3qfry+5eq1cSs9tP4+I0ejLp/Xx+qKte26jD3942C5+1v97Ox2+efW/b6Xx0/H6Erl7vfknXzM1Wev95FkTzzy4HYNZcVP+ydr2T9r0fy/tMsY//vziG+3mpfmn+TaHrfkfrNU7Eadabv/1bZls+3ziWH13GGvuFC2898Xrg+3ib9z+6ZDGT8f7n2lrD25HfQdIkvV10Jizlv9wsvF5zereY3x2Z+jDdvN2zr/l/j95LPl3vXwsm3ZzslabH484lvxz6/Sz669t1pvLp/mP/rb18d8I23r/T98TXtll/r33v3rn6fM/WGn+U9vv/5u2f382eX3KToW7j2d62sXf3fafqJdGsynp9t8pr9206+n2ZgAAAAAAAAAAAAAAAAAAAAAAAADYu1xEnIgkV1gr53KFQuM3vH8Zg7lypVo7fbWyMDcV9d/KHo6+XPOrLoc2fB/qePZ9+M362U31P0TELyLitfxAvV4oVspT3U4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADLH2/z+f+rLfLdbBwAcmP5uNwAA6DjXfwA4evZ2/R84sHYAAJ3j/T8AHD27vv5fOdh2AACd0+b6v9zpdgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDcunTxYjqsfreyXEzrUzcWF2YqN85MlaozhdmFYqFYmb9emK5UpsulQrEy2/Yf3WqMypXK9YmYW7g5VitVa2PVxaXLs5WFudrla7OT06XLpb6OZQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu1ddXJqZLJdL889D4dP8emL7HGKgqwkOHorVu7HQG4eiGYe6kI8ts3KHomG7Kmw8Swx04cwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8NPwYwAAAP//L0cXYQ==")
r7 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
readv(r7, &(0x7f0000000100)=[{&(0x7f0000000080)=""/20, 0x14}], 0x1)

626.974849ms ago: executing program 5 (id=12761):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000b80)="d8000000150081044e81f782db44b9040a87080211000000040000a118000200e000000800000e1208000f0100810401a80016ea1f000940032e5f54c92011148ed08734843cb12b00000803600cfab44dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d1688683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bbfe5a09d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x4000884)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={0x0, @empty}, &(0x7f0000000180)=0xc)
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000180)=ANY=[], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r6}, 0x10)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7ee, @empty, 0x1}, {0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0x37}, 0x108}, r5, 0xb}}, 0x48)
write$RDMA_USER_CM_CMD_DESTROY_ID(r4, &(0x7f0000000f80)={0x1, 0x10, 0xfa00, {0x0, r5}}, 0x18)

599.146742ms ago: executing program 5 (id=12762):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3000046, &(0x7f0000000bc0)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@nojournal_checksum}, {@errors_remount}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@nombcache}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\a'], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000ff0f00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x2c, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a3000000000080007006e6174"], 0xcc}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0xa)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x5485, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0x4, 0xa}, {0x0, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0)

461.12382ms ago: executing program 5 (id=12763):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newsa={0x194, 0x10, 0x1, 0x70bd2b, 0x0, {{@in6=@private1, @in=@private=0xa010100, 0x0, 0xecdf}, {@in=@broadcast, 0x0, 0x32}, @in6=@private0, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x400800}, {0x1000}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x2c}, [@algo_crypt={0x58, 0x2, {{'cbc(aes)\x00'}, 0x80, "e0fad3f10cd3a506627800000000074f"}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha256)\x00'}, 0x0, 0x80}}]}, 0x194}}, 0x4050)

434.705793ms ago: executing program 5 (id=12764):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r0, 0x20)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000380)={@initdev={0xfe, 0x88, '\x00', 0xfe, 0x0}, 0x800, 0x1, 0x1, 0xb, 0x0, 0x100}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x9, &(0x7f0000000000)={[{@barrier}, {@jqfmt_vfsv0}, {@abort}, {}, {@noquota}, {@usrjquota, 0x2e}], [], 0x2e}, 0x6, 0x48d, &(0x7f0000000980)="$eJzs3EtvG1UbAOB3xnV6/5qv3wV6AQIFEXFJmrRAF2xAIHWDhARIZRnStCpNG9QEiVYVTREqS9RfACyR+AWsYIOAFYgtSGyQEFKFuqGwGjT2TOpcHGzHjil+HsntOTNnfM47M8c+MyfjAAbWSP5PErErIr4fithTzy4vMFL/79bNy9O/37w8nUSWvfRrUiv3283L02XRcrudRWY0jUjfTeLAGvXOX7x0dmp2duZCkR9fOPfG+PzFS4+fOTd1eub0zPnJY8eOHpl46snJJ7oS5+68rfvfnju47/ir11+YPnH9ta8+yZfvKtY3xlE33PJ7b2+yfCRGlu/LBg9F/JRlWct1/N3tbkgnW/rYENpSiYj8cFXz/h97ohK3D96eeP6dvjYO6Kksy7Ktq5ZWysRiBvyDJdF0VbqpDQE2WflFn1//lq9NHH703Y1n6hdAedy3ild9zZZIizLVFde33TQSEScW//ggf8Wa9yEAALrrs3z889ha4780/t9Q7l9Rnxsajoh/R8TeiPhPRPw3Iv4XUSt7V0Tc3Wb9Iyvyq8c/3zabXumKfPz3dDG3dXv8N1SLvzBcKXK7a/FXk1NnZmcOF/tkNKpb8/zEOnV8/tx37y9lti1f1zj+y195/eVYsC79ZcuKG3QnpxamuhB6zY2rS4GuGP8mSzMBSUTsi4j9Hbx/vs/OPPLxwWbr/zr+dXRhnin7KOLh+vFfjBXxl5L15yfHt8XszOHx8qxY7etvrr3YrP4Nxd8FN65G7Fh1/kdj/MNJ43ztfPt1XPvhvabXNJ2e/0PJy7X0ULHsramFhQsTEUPJ4urlk7e3LfNl+Tz+0UNrxZ/W3uPDYrsDEZGfxPdExL0RcV/R9vsj4oGIOLRO/F8+++DrncffW3n8J9s6/u0nKme/+LRZ/a0d/6O11GixpJXPv1YbuJF9BwAAAHeKtPY38Ek6tpRO07GxiFdq93Z3pLNz8wuPnpp78/zJ+t/KD0c1Le90pQ33QyeKe8NlfnJF/kjtvnGWZdn2Wn5sem62V3PqQGt2Nun/uZ8r/W4d0HNtzaM1e6INuCO11f9XPy0E3ME8rw2Dq9X+X+1xO4DN5/sfBtda/f9KxK0+NAXYZL7/YXDp/zC49H8YXPo/DKSNPNe/XmLv8Y43zzZUe/n7Kh1u/mNP9sZ6iUqnm29t42cOepCIdM1V1YjoS3vaSqS9qyI/+drbKj+QrRa+0umJ3XZi2cfEUD8+mwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrhzwAAAP//dNfhIw==")
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000020000000a3c000000120a01010000000000000000020000000900020073797a31000000000800044000000000"], 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x0)

290.677352ms ago: executing program 2 (id=12765):
perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0xf3, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x550, 0xfffffffffffffc75}, 0x10000, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000040)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x8, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x4000010)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001a00910c07a551559a257aac81"], 0xfe33)
write$tun(0xffffffffffffffff, &(0x7f00000003c0)={@void, @void, @mpls={[{0x9, 0x0, 0x1}], @ipv4=@icmp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x66, 0x0, 0x9, 0x1, 0x0, @rand_addr=0x64010100, @local, {[@timestamp_addr={0x44, 0x4, 0xf, 0x1, 0x1}]}}, @info_request={0xf, 0x0, 0x0, 0x8b5, 0x2}}}}, 0x24)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f00000007c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4c40, &(0x7f0000000000), 0xfe, 0x27a, &(0x7f0000000980)="$eJzs3TtoJHUcB/Df7CMPEyRqI4gPEBENhFgIgo02CoEQgoigQkTEShIhJthlrWwstFZJZRPEztyVxzXhmoNrc3cpcs0VF664cMVdscfs7OY2yYbsZV8h8/nAZua/+38t7Pc/m5CZCSC3JiLio4goRsRkRJQjImmu8Eb2mKgX10e3FiKq1c/uJ7V6WTnTaDcWEZWI+CCi1HhtdfOr3Yfbn77920r5rX82vxzt1/trtre7M7v/99yv/8+8t1qoPzde3za/j25KWjxXSiJe7MVg50RSGvQMaMf8z//dTHP/UkS8Wct/OQr1yP6+PHS1HO/+dVLbP+7deKWfcwW6r1otp8fAShXInULtO3BSmIqIbL9QmJrKvsPfKibxw9LyT5PfL60sfjfolQroSNNv3eMRO59cHr40diT/d4tZ/tvyfq8mCpzJcHvV0vx/Pr9xO93fL/Z4TsD58Gq2SfM/+c3aOyH/kDvyD/l1kP9Z+Ye8cfyHC+CM2ZV/uKhO//da+Yf8kn+4wMqNnUrLl+Uf8kv+Ib+e5n8kzX/jDwZDA54W0AfNx38AIF+qw4M+AxkYlEGvPwAAAAAAAAAAAAAAAAAAwHHro1sLjUe/xrz2Z8TexxFROjx+dgvTYu1+xBEjtZ/PPUjSageSrFlHvn69ww469G+Xz76ea/Perw3P3+nu+M/q+mu96feXw8UTL4a/thhRSStPl0rHP/9J/fN3qhP7f+GUhuVv2xugW5Ij5Q+/6O/4Rz3eGOz4M9sRV9L1Z7rV+leIl2vb1uvPePMlls/ox0cddgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDfPAkAAP//Z9RrGg==")
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
listxattr(&(0x7f0000006440)='./file0\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000300)=ANY=[@ANYBLOB='_\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000030000002000018004000280"], 0x68}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6401000010000100feffffff00010000fc00000000000000000000000000000164010101000000000000000000000000000107144e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000ac14143f000000000000000000000000000000000000000092010000000000000600000000000000ffff0000000000001c250800000000000200000000000000f8ffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000feffffffffffffff02000000fcffffff000000002abd700004350000020001002000000000000000480003006465666c6174650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000b000600000008001800400000000a001000010000000000000008000b000600000008000c"], 0x164}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

254.110267ms ago: executing program 5 (id=12766):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prctl$PR_GET_CHILD_SUBREAPER(0xe)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x7e1f, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x300}}], 0x3, 0x0)

177.613866ms ago: executing program 5 (id=12767):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x1ffffffffffffffd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20081e, &(0x7f0000000840)={[{@grpjquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xa30}}, {@grpquota}]}, 0x1, 0x52a, &(0x7f0000001440)="$eJzs3c9vHFcdAPDvjL22k7h1WnoABG1oCwFFWcebNqp6gHJCCFVC9AhSauyNFWXXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di7tpPYXmv385FG+9688XzfizPvzbxd7wtgbF2LiO2ImIqI9yNirtyflFu8093y4z7bebi0u/NwKYkse++fSVGe74uen8ldKc85ExE/+E7Ej5PDcdubWw8WG436epmf7zTX5tubWzfvNxdX6iv11VrtzsKdW2/dfrP2BK2ZObL0leZUmfryp3/Y/sZP82rNlnt623Gauk2v7MfJTUbE984i2BBMlO2ZGnZFeCppRLwYEa8W1/9cTBS/TQBglGXZXGRzvXkAYNSlxRxYklbLuYDZSNNqtTuH91JcThutdufGvdbG6nJ3ruxqVNJ79xv1W+Vc4dWoJHl+oUg/ytcO5G9HxAsR8YvpS0W+utRqLA/zxgcAxtiVA+P/f6a74z8AMOKO/tgMADCKjP8AMH6M/wAwfoz/ADB+uuP/pSf9sSzLfnYW1QEAzoHnfwAYP8Z/ABgr33/33XzLdsvvv17+YHPjQeuDm8v19oNqc2OputRaX6uutForxXf2NI87X6PVWlt4IzY+vPrNtXZnvr25dbfZ2ljt3C2+1/tuvVIctX0OLQMABnnhlU/+nOQj8tuXii161nKoDLVmwFlLh10BYGgmhl0BYGi6q331WaAPGHmPnvGf+EMApgdgRBx3BzDT7w+EsizLzq5KwBm7/gXz/zCuyvn/SZ8ChvFz3Px/sTawNwlhJE0OuwLA0GRZctI1/+OkBwIAF9sRc/xXz/M+BBieAe//v1i+/rZ8c+BHyweP+PgsawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX2976v9Vymd/ZSNNqNeK5YgGgSnLvfqN+KyKej4g/TVem8/zCkOsMADyr9G9Juf7X9bnXZx8revnKfnIqIn7yq/d++eFip7P+x4ip5F/Te/s7H5f7a8cGmzmLFgAAR9sbp4vXngf5z3YeLu1t51mfv3+7e1eQx93dmYrd/fiTMVm8zkQlIi7/OynzXUnP3MWz2P4oIj7fr/1JzBZzIN1bloPx89jPnVL8iRPFTx+Ln5YLNKflv8XnTqEuMG4+yfufd/pdf2lcK177X/8zRQ/17Mr+Lz/V0m7RBz6Kv9f/TQzo/66dNMYbv/9uN3XpcNlHEV+cjNiLvdvT/+zFTwbEf/2E8f/ypZdfHVSW/TrievSP3xtrvtNcm29vbt2831xcqa/UV2u1Owt3br11+83afDFHPT94NPjH2zeeH1SWt//ygPgzx7T/q4NOeuAp9zf/e/+HXzki/tdf6xc/jZeOiJ+PiV8b2OLHLV7+3cDn7jz+8uH2Jyf5/d84YfxP/7p1aNlwAGB42ptbDxYbjfq6hMTFT+T/ZS9ANfomvnVesaaif9HPX+te0weKsuypYg3qMU5j1g24CPYv+oj477ArAwAAAAAAAAAAAAAA9HUef7E07DYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwuv4fAAD//9VG0+g=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000005c0))
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x8}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700100000000000ff000020850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
ioctl$EXT4_IOC_MIGRATE(r3, 0x6609)

146.77433ms ago: executing program 1 (id=12768):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x80)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
membarrier(0x10, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0x60, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$kcm(0x2, 0x1, 0x106)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x3, 0x0}, 0x30004001)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x4000)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r3)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r7 = dup(r6)
ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x103, 0x100, 0x551}})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x81}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r8 = socket(0xa, 0x3, 0x87)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'ipvlan0\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x18, r9})
r10 = inotify_init()
inotify_add_watch(r10, &(0x7f00000000c0)='./file0\x00', 0x0)

57.962062ms ago: executing program 1 (id=12769):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x1000000000000008}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x4000, &(0x7f00000001c0)={[{@usrquota}, {@grpjquota}, {@nodelalloc}]}, 0x23, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff)

29.263196ms ago: executing program 4 (id=12770):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x4}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="02030003310000002cbd7000fbdbdf2502000900080000001c0000000000000005000600000000000a0000000000000000000000000000000000000000000001020000000000000002000100000000000000070c0000000005000500000000000a00000000000000fc0100000000000000000000000000010700000000000000210008000008"], 0x188}, 0x1, 0x7}, 0x0)

0s ago: executing program 1 (id=12771):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
close_range(r2, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

1163.851998][T10388] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12160'.
[ 1163.861176][T10388] netlink: 32 bytes leftover after parsing attributes in process `syz.1.12160'.
[ 1163.870282][T10388] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12160'.
[ 1163.879685][T10388] netlink: 32 bytes leftover after parsing attributes in process `syz.1.12160'.
[ 1163.947085][T10399] loop4: detected capacity change from 0 to 512
[ 1163.950368][T10398] loop1: detected capacity change from 0 to 512
[ 1164.109436][T10412] loop1: detected capacity change from 0 to 128
[ 1164.117990][T10412] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1164.130838][T10412] ext4 filesystem being mounted at /587/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1164.145925][   T23] IPVS: starting estimator thread 0...
[ 1164.162845][ T1573] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1164.247974][T10416] IPVS: using max 2016 ests per chain, 100800 per kthread
[ 1164.275037][T10359] delete_channel: no stack
[ 1164.324412][T10425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12178'.
[ 1164.337235][T10415] loop4: detected capacity change from 0 to 2048
[ 1164.419614][T25442] Bluetooth: hci0: command 0x1003 tx timeout
[ 1164.425973][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1164.497961][T10439] loop1: detected capacity change from 0 to 128
[ 1164.536798][T10439] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1164.551418][T10439] ext4 filesystem being mounted at /595/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1164.578820][ T1573] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1164.670928][T10457] netlink: 56 bytes leftover after parsing attributes in process `syz.4.12191'.
[ 1164.715411][T10466] loop1: detected capacity change from 0 to 512
[ 1164.725690][T10466] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.12196: error while reading EA inode 32 err=-116
[ 1164.754220][T10466] EXT4-fs (loop1): Remounting filesystem read-only
[ 1164.766658][T10466] EXT4-fs warning (device loop1): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[ 1164.789127][T10466] EXT4-fs (loop1): 1 orphan inode deleted
[ 1164.807846][T10466] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1164.860662][T10466] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1164.887987][T10475] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1164.928002][T10475] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1164.966150][T10488] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12208'.
[ 1164.998490][T10494] EXT4-fs: inline encryption not supported
[ 1165.006567][T10488] netlink: 236 bytes leftover after parsing attributes in process `syz.4.12208'.
[ 1165.017646][T10084] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1165.043813][T10494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1165.059934][T10488] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1165.105765][T10504] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1165.107492][T10494] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12209'.
[ 1165.112459][T10504] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[ 1165.142139][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1165.151944][T10504] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1165.178742][ T1573] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1165.191359][T10504] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.12212: attempt to clear invalid blocks 2 len 1
[ 1165.210490][T10504] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12212: invalid indirect mapped block 1819239214 (level 0)
[ 1165.229200][T10504] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12212: invalid indirect mapped block 1819239214 (level 1)
[ 1165.258623][T10504] EXT4-fs (loop5): 1 truncate cleaned up
[ 1165.264793][T10504] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1165.344133][T10508] EXT4-fs: Ignoring removed oldalloc option
[ 1165.350308][T10504] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[ 1165.366123][T10504] EXT4-fs error (device loop5): __ext4_remount:6789: comm syz.5.12212: Abort forced by user
[ 1165.390380][T10504] EXT4-fs (loop5): Remounting filesystem read-only
[ 1165.397015][T10504] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1165.429023][T10508] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12214: Parent and EA inode have the same ino 15
[ 1165.453886][T10508] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12214: Parent and EA inode have the same ino 15
[ 1165.467031][T10084] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1165.467780][T10508] EXT4-fs (loop2): 1 orphan inode deleted
[ 1165.482344][T10508] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1165.583725][  T985] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1165.662832][T10544] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1165.723061][T10084] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1165.746113][T10561] siw: device registration error -23
[ 1165.806106][T10565] FAT-fs (loop4): bogus number of directory entries (390)
[ 1165.813383][T10565] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1165.862477][T10571] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1165.890364][T10571] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1165.911402][T10571] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1165.938388][T10084] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1165.953560][T10566] lo speed is unknown, defaulting to 1000
[ 1165.965429][T10574] EXT4-fs: Ignoring removed oldalloc option
[ 1165.979323][T10574] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.12236: Parent and EA inode have the same ino 15
[ 1165.998002][T10574] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.12236: Parent and EA inode have the same ino 15
[ 1166.012785][T10574] EXT4-fs (loop4): 1 orphan inode deleted
[ 1166.020593][T10574] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1166.096475][T10589] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun!
[ 1166.111885][T10566] chnl_net:caif_netlink_parms(): no params data found
[ 1166.116717][T10589] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1166.130896][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1166.182567][T10598] pimreg: entered allmulticast mode
[ 1166.201936][T10598] pimreg: left allmulticast mode
[ 1166.207472][T10602] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[ 1166.214098][T10602] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1166.222003][T10602] vhci_hcd vhci_hcd.0: Device attached
[ 1166.245761][T10606] netlink: 'syz.4.12243': attribute type 10 has an invalid length.
[ 1166.290328][T10606] team0 (unregistering): Port device team_slave_0 removed
[ 1166.307221][T10603] vhci_hcd: connection closed
[ 1166.307639][ T6355] vhci_hcd vhci_hcd.5: stop threads
[ 1166.317787][ T6355] vhci_hcd vhci_hcd.5: release socket
[ 1166.323209][ T6355] vhci_hcd vhci_hcd.5: disconnect device
[ 1166.332199][T10606] team0 (unregistering): Port device team_slave_1 removed
[ 1166.348024][T10566] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1166.355174][T10566] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1166.362424][T10566] bridge_slave_0: entered allmulticast mode
[ 1166.369479][T10566] bridge_slave_0: entered promiscuous mode
[ 1166.378142][T10566] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1166.385470][T10566] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1166.410300][T10566] bridge_slave_1: entered allmulticast mode
[ 1166.413552][T10609] EXT4-fs: inline encryption not supported
[ 1166.417824][T10566] bridge_slave_1: entered promiscuous mode
[ 1166.434402][T10609] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1166.459929][T10566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1166.471310][T10566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1166.507883][T10566] team0: Port device team_slave_0 added
[ 1166.524783][T10566] team0: Port device team_slave_1 added
[ 1166.552626][T10566] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1166.560296][T10566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1166.587672][T10566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1166.600086][T10566] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1166.608467][T10566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1166.635671][T10566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1166.653000][ T1573] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1166.709574][T10566] hsr_slave_0: entered promiscuous mode
[ 1166.720031][T10566] hsr_slave_1: entered promiscuous mode
[ 1166.742671][T10566] debugfs: 'hsr0' already exists in 'hsr'
[ 1166.748495][T10566] Cannot create hsr debugfs directory
[ 1166.899799][T10566] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1166.920036][T10635] netlink: 'syz.5.12254': attribute type 10 has an invalid length.
[ 1166.958837][T10635] team0 (unregistering): Port device team_slave_0 removed
[ 1166.968761][T10635] team0 (unregistering): Port device team_slave_1 removed
[ 1167.003225][T10566] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1167.124015][T10566] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1167.212995][T10566] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1167.224653][T10648] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1167.248444][T10648] ext4 filesystem being mounted at /605/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1167.308747][ T1573] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1167.336527][T10566] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1167.351306][T10566] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1167.362752][T10566] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1167.376913][T10566] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1167.467115][T10566] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1167.493641][T10566] 8021q: adding VLAN 0 to HW filter on device team0
[ 1167.515703][ T6355] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1167.522921][ T6355] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1167.560246][ T6355] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1167.567536][ T6355] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1167.586979][T10566] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1167.597763][T10566] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1167.686153][T10684] FAULT_INJECTION: forcing a failure.
[ 1167.686153][T10684] name failslab, interval 1, probability 0, space 0, times 0
[ 1167.699790][T10684] CPU: 0 UID: 0 PID: 10684 Comm: syz.4.12270 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1167.699832][T10684] Tainted: [W]=WARN
[ 1167.699839][T10684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1167.699852][T10684] Call Trace:
[ 1167.699859][T10684]  <TASK>
[ 1167.699867][T10684]  __dump_stack+0x1d/0x30
[ 1167.699900][T10684]  dump_stack_lvl+0x95/0xd0
[ 1167.699949][T10684]  dump_stack+0x15/0x1b
[ 1167.699975][T10684]  should_fail_ex+0x265/0x280
[ 1167.700006][T10684]  should_failslab+0x8c/0xb0
[ 1167.700066][T10684]  kmem_cache_alloc_noprof+0x69/0x4b0
[ 1167.700089][T10684]  ? getname_flags+0x80/0x3b0
[ 1167.700129][T10684]  getname_flags+0x80/0x3b0
[ 1167.700161][T10684]  do_sys_openat2+0x60/0x150
[ 1167.700197][T10684]  __x64_sys_openat+0xf2/0x120
[ 1167.700235][T10684]  x64_sys_call+0x2b07/0x3000
[ 1167.700373][T10684]  do_syscall_64+0xca/0x2b0
[ 1167.700414][T10684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1167.700444][T10684] RIP: 0033:0x7feb69fcf749
[ 1167.700464][T10684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1167.700541][T10684] RSP: 002b:00007feb68a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1167.700567][T10684] RAX: ffffffffffffffda RBX: 00007feb6a225fa0 RCX: 00007feb69fcf749
[ 1167.700584][T10684] RDX: 000000000000275a RSI: 0000200000000280 RDI: ffffffffffffff9c
[ 1167.700601][T10684] RBP: 00007feb68a37090 R08: 0000000000000000 R09: 0000000000000000
[ 1167.700619][T10684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1167.700636][T10684] R13: 00007feb6a226038 R14: 00007feb6a225fa0 R15: 00007ffe2c0fee48
[ 1167.700657][T10684]  </TASK>
[ 1167.814731][T10566] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1168.058637][T10701] set_capacity_and_notify: 14 callbacks suppressed
[ 1168.058654][T10701] loop3: detected capacity change from 0 to 512
[ 1168.087711][   T29] kauditd_printk_skb: 732 callbacks suppressed
[ 1168.087732][   T29] audit: type=1326 audit(1768399074.622:238077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10705 comm="syz.5.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe252b1f749 code=0x7ffc0000
[ 1168.194168][   T29] audit: type=1326 audit(1768399074.622:238078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10705 comm="syz.5.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe252b1f749 code=0x7ffc0000
[ 1168.218134][   T29] audit: type=1326 audit(1768399074.622:238079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10705 comm="syz.5.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe252b1f749 code=0x7ffc0000
[ 1168.242326][   T29] audit: type=1326 audit(1768399074.622:238080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10705 comm="syz.5.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe252b1f749 code=0x7ffc0000
[ 1168.266297][   T29] audit: type=1326 audit(1768399074.622:238081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10705 comm="syz.5.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe252b1f749 code=0x7ffc0000
[ 1168.290281][   T29] audit: type=1326 audit(1768399074.632:238082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10705 comm="syz.5.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe252b1f749 code=0x7ffc0000
[ 1168.315067][   T29] audit: type=1326 audit(1768399074.632:238083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10705 comm="syz.5.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe252b1f749 code=0x7ffc0000
[ 1168.339396][   T29] audit: type=1326 audit(1768399074.632:238084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10705 comm="syz.5.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe252b1f749 code=0x7ffc0000
[ 1168.363755][   T29] audit: type=1326 audit(1768399074.632:238085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10705 comm="syz.5.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe252b1f749 code=0x7ffc0000
[ 1168.363803][   T29] audit: type=1326 audit(1768399074.632:238086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10705 comm="syz.5.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe252b1f749 code=0x7ffc0000
[ 1168.412462][T10566] veth0_vlan: entered promiscuous mode
[ 1168.427311][T10566] veth1_vlan: entered promiscuous mode
[ 1168.487746][T10566] veth0_macvtap: entered promiscuous mode
[ 1168.508977][T10566] veth1_macvtap: entered promiscuous mode
[ 1168.544636][T10566] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1168.572110][T10566] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1168.587703][T30115] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1168.605459][T30115] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1168.622937][T10730] loop4: detected capacity change from 0 to 128
[ 1168.630891][T30115] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1168.645288][T10731] loop3: detected capacity change from 0 to 512
[ 1168.651702][T30115] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1168.652977][T10730] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1168.678388][T10730] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1168.723224][T10741] __nla_validate_parse: 7 callbacks suppressed
[ 1168.723265][T10741] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12288'.
[ 1168.758026][ T9763] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1168.781923][T10747] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12292'.
[ 1168.819800][T10751] loop2: detected capacity change from 0 to 512
[ 1168.827299][T10751] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1168.844798][T10753] siw: device registration error -23
[ 1168.852460][T10751] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1168.903234][T10751] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1168.952545][T10759] loop5: detected capacity change from 0 to 512
[ 1168.978771][T10749] netlink: 4280 bytes leftover after parsing attributes in process `syz.4.12291'.
[ 1168.995501][T10566] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1168.998506][T10749] netlink: 4280 bytes leftover after parsing attributes in process `syz.4.12291'.
[ 1169.053239][T10770] netlink: 'syz.2.12299': attribute type 10 has an invalid length.
[ 1169.068367][T10770] team0 (unregistering): Port device team_slave_0 removed
[ 1169.079970][T10770] team0 (unregistering): Port device team_slave_1 removed
[ 1169.127382][T10768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1169.147725][T10776] loop4: detected capacity change from 0 to 128
[ 1169.155995][T10768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1169.173621][T10776] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1169.201491][T10776] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1169.245145][ T9763] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1169.408291][T10787] lo speed is unknown, defaulting to 1000
[ 1169.522289][T10787] chnl_net:caif_netlink_parms(): no params data found
[ 1169.533548][T10801] FAULT_INJECTION: forcing a failure.
[ 1169.533548][T10801] name failslab, interval 1, probability 0, space 0, times 0
[ 1169.546737][T10801] CPU: 1 UID: 0 PID: 10801 Comm: syz.4.12308 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1169.546774][T10801] Tainted: [W]=WARN
[ 1169.546784][T10801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1169.546801][T10801] Call Trace:
[ 1169.546810][T10801]  <TASK>
[ 1169.546821][T10801]  __dump_stack+0x1d/0x30
[ 1169.546851][T10801]  dump_stack_lvl+0x95/0xd0
[ 1169.546906][T10801]  dump_stack+0x15/0x1b
[ 1169.546925][T10801]  should_fail_ex+0x265/0x280
[ 1169.546948][T10801]  should_failslab+0x8c/0xb0
[ 1169.546981][T10801]  __kmalloc_cache_node_noprof+0x6a/0x4d0
[ 1169.547026][T10801]  ? __get_vm_area_node+0x106/0x1d0
[ 1169.547059][T10801]  __get_vm_area_node+0x106/0x1d0
[ 1169.547091][T10801]  __vmalloc_node_range_noprof+0x28e/0x1310
[ 1169.547142][T10801]  ? copy_process+0x37d/0x1ef0
[ 1169.547178][T10801]  ? __pfx_perf_pmu_nop_void+0x10/0x10
[ 1169.547210][T10801]  ? __memcg_slab_post_alloc_hook+0x44b/0x530
[ 1169.547292][T10801]  ? __tsan_unaligned_write8+0x6c/0x190
[ 1169.547313][T10801]  ? __memcg_slab_post_alloc_hook+0x44b/0x530
[ 1169.547355][T10801]  __vmalloc_node_noprof+0x89/0xc0
[ 1169.547443][T10801]  ? copy_process+0x37d/0x1ef0
[ 1169.547463][T10801]  ? copy_process+0x37d/0x1ef0
[ 1169.547483][T10801]  dup_task_struct+0x219/0x950
[ 1169.547501][T10801]  ? copy_process+0x36c/0x1ef0
[ 1169.547562][T10801]  copy_process+0x37d/0x1ef0
[ 1169.547585][T10801]  ? kstrtouint+0x76/0xc0
[ 1169.547661][T10801]  ? kstrtouint_from_user+0x9f/0xf0
[ 1169.547689][T10801]  ? 0xffffffff81000000
[ 1169.547713][T10801]  kernel_clone+0x16c/0x5c0
[ 1169.547762][T10801]  ? vfs_write+0x7e8/0x960
[ 1169.547781][T10801]  __x64_sys_clone+0xe6/0x120
[ 1169.547813][T10801]  x64_sys_call+0x12d0/0x3000
[ 1169.547924][T10801]  do_syscall_64+0xca/0x2b0
[ 1169.547966][T10801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1169.547989][T10801] RIP: 0033:0x7feb69fcf749
[ 1169.548009][T10801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1169.548031][T10801] RSP: 002b:00007feb689f4fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1169.548083][T10801] RAX: ffffffffffffffda RBX: 00007feb6a226180 RCX: 00007feb69fcf749
[ 1169.548100][T10801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000041aa1000
[ 1169.548117][T10801] RBP: 00007feb689f5090 R08: 0000000000000000 R09: 0000000000000000
[ 1169.548197][T10801] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1169.548210][T10801] R13: 00007feb6a226218 R14: 00007feb6a226180 R15: 00007ffe2c0fee48
[ 1169.548234][T10801]  </TASK>
[ 1169.548244][T10801] syz.4.12308: vmalloc error: size 16384, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[ 1169.816073][T10801] CPU: 1 UID: 0 PID: 10801 Comm: syz.4.12308 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1169.816133][T10801] Tainted: [W]=WARN
[ 1169.816143][T10801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1169.816157][T10801] Call Trace:
[ 1169.816167][T10801]  <TASK>
[ 1169.816244][T10801]  __dump_stack+0x1d/0x30
[ 1169.816284][T10801]  dump_stack_lvl+0x95/0xd0
[ 1169.816340][T10801]  dump_stack+0x15/0x1b
[ 1169.816420][T10801]  warn_alloc+0x12b/0x1a0
[ 1169.816459][T10801]  __vmalloc_node_range_noprof+0x2b3/0x1310
[ 1169.816495][T10801]  ? __pfx_perf_pmu_nop_void+0x10/0x10
[ 1169.816537][T10801]  ? __memcg_slab_post_alloc_hook+0x44b/0x530
[ 1169.816637][T10801]  ? __tsan_unaligned_write8+0x6c/0x190
[ 1169.816682][T10801]  ? __memcg_slab_post_alloc_hook+0x44b/0x530
[ 1169.816716][T10801]  __vmalloc_node_noprof+0x89/0xc0
[ 1169.816739][T10801]  ? copy_process+0x37d/0x1ef0
[ 1169.816758][T10801]  ? copy_process+0x37d/0x1ef0
[ 1169.816837][T10801]  dup_task_struct+0x219/0x950
[ 1169.816860][T10801]  ? copy_process+0x36c/0x1ef0
[ 1169.816879][T10801]  copy_process+0x37d/0x1ef0
[ 1169.816946][T10801]  ? kstrtouint+0x76/0xc0
[ 1169.816971][T10801]  ? kstrtouint_from_user+0x9f/0xf0
[ 1169.816996][T10801]  ? 0xffffffff81000000
[ 1169.817031][T10801]  kernel_clone+0x16c/0x5c0
[ 1169.817056][T10801]  ? vfs_write+0x7e8/0x960
[ 1169.817075][T10801]  __x64_sys_clone+0xe6/0x120
[ 1169.817163][T10801]  x64_sys_call+0x12d0/0x3000
[ 1169.817308][T10801]  do_syscall_64+0xca/0x2b0
[ 1169.817377][T10801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1169.817406][T10801] RIP: 0033:0x7feb69fcf749
[ 1169.817424][T10801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1169.817445][T10801] RSP: 002b:00007feb689f4fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1169.817463][T10801] RAX: ffffffffffffffda RBX: 00007feb6a226180 RCX: 00007feb69fcf749
[ 1169.817478][T10801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000041aa1000
[ 1169.817559][T10801] RBP: 00007feb689f5090 R08: 0000000000000000 R09: 0000000000000000
[ 1169.817645][T10801] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1169.817662][T10801] R13: 00007feb6a226218 R14: 00007feb6a226180 R15: 00007ffe2c0fee48
[ 1169.817688][T10801]  </TASK>
[ 1169.817697][T10801] Mem-Info:
[ 1170.049020][T10801] active_anon:10297 inactive_anon:6 isolated_anon:0
[ 1170.049020][T10801]  active_file:27068 inactive_file:4399 isolated_file:0
[ 1170.049020][T10801]  unevictable:0 dirty:185 writeback:0
[ 1170.049020][T10801]  slab_reclaimable:3714 slab_unreclaimable:50181
[ 1170.049020][T10801]  mapped:38050 shmem:3048 pagetables:1263
[ 1170.049020][T10801]  sec_pagetables:0 bounce:0
[ 1170.049020][T10801]  kernel_misc_reclaimable:0
[ 1170.049020][T10801]  free:1789778 free_pcp:15691 free_cma:0
[ 1170.094588][T10801] Node 0 active_anon:41188kB inactive_anon:24kB active_file:108272kB inactive_file:17596kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:152200kB dirty:740kB writeback:0kB shmem:12192kB kernel_stack:5344kB pagetables:5052kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1170.122605][T10801] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1170.152293][T10801] lowmem_reserve[]: 0 2880 7859 7859
[ 1170.157822][T10801] Node 0 DMA32 free:2945888kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949520kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3528kB free_cma:0kB
[ 1170.189330][T10801] lowmem_reserve[]: 0 0 4978 4978
[ 1170.194470][T10801] Node 0 Normal free:4197864kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:41188kB inactive_anon:24kB active_file:108272kB inactive_file:17596kB unevictable:0kB writepending:740kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:59132kB local_pcp:28128kB free_cma:0kB
[ 1170.228185][T10801] lowmem_reserve[]: 0 0 0 0
[ 1170.232953][T10801] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1170.245703][T10801] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 3*16kB (M) 3*32kB (M) 3*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945888kB
[ 1170.262127][T10801] Node 0 Normal: 3668*4kB (UM) 853*8kB (UME) 1274*16kB (UME) 2412*32kB (UME) 2297*64kB (UME) 1370*128kB (UM) 1007*256kB (UME) 561*512kB (UME) 450*1024kB (UME) 325*2048kB (UME) 509*4096kB (UM) = 4197720kB
[ 1170.282447][T10801] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1170.291913][T10801] 34309 total pagecache pages
[ 1170.296711][T10801] 6 pages in swap cache
[ 1170.300962][T10801] Free swap  = 124972kB
[ 1170.305113][T10801] Total swap = 124996kB
[ 1170.309290][T10801] 2097051 pages RAM
[ 1170.313095][T10801] 0 pages HighMem/MovableOnly
[ 1170.317793][T10801] 81271 pages reserved
[ 1170.366429][T10787] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1170.373591][T10787] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1170.373899][T10809] loop3: detected capacity change from 0 to 512
[ 1170.383473][T10787] bridge_slave_0: entered allmulticast mode
[ 1170.394133][T10787] bridge_slave_0: entered promiscuous mode
[ 1170.403420][T10787] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1170.410564][T10787] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1170.419250][T10787] bridge_slave_1: entered allmulticast mode
[ 1170.426405][T10787] bridge_slave_1: entered promiscuous mode
[ 1170.512633][T10814] loop4: detected capacity change from 0 to 2048
[ 1170.519837][T10787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1170.567269][T30105] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1170.580004][T10819] netlink: 4280 bytes leftover after parsing attributes in process `syz.5.12311'.
[ 1170.590045][T10814] EXT4-fs error (device loop4): __ext4_iget:5426: inode #2: block 127754: comm syz.4.12313: invalid block
[ 1170.602985][T10787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1170.605201][T10819] netlink: 4280 bytes leftover after parsing attributes in process `syz.5.12311'.
[ 1170.622444][T10814] EXT4-fs (loop4): get root inode failed
[ 1170.628149][T10814] EXT4-fs (loop4): mount failed
[ 1170.659957][T30105] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1170.691739][T10826] loop3: detected capacity change from 0 to 1024
[ 1170.705378][T10826] EXT4-fs: inline encryption not supported
[ 1170.714371][T10787] team0: Port device team_slave_0 added
[ 1170.722974][T10826] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1170.738273][T10787] team0: Port device team_slave_1 added
[ 1170.772279][T30105] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1170.792383][T10826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12315'.
[ 1170.807603][T10787] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1170.814665][T10787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1170.840793][T10787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1170.852976][T10787] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1170.860111][T10787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1170.886186][T10787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1170.912651][ T8751] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1170.922274][T10836] netlink: 16 bytes leftover after parsing attributes in process `syz.5.12318'.
[ 1170.948329][T30105] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1171.016050][T10787] hsr_slave_0: entered promiscuous mode
[ 1171.018592][T10841] netlink: 4280 bytes leftover after parsing attributes in process `syz.4.12317'.
[ 1171.027561][T10787] hsr_slave_1: entered promiscuous mode
[ 1171.038346][T10787] debugfs: 'hsr0' already exists in 'hsr'
[ 1171.040578][T10841] netlink: 4280 bytes leftover after parsing attributes in process `syz.4.12317'.
[ 1171.044442][T10787] Cannot create hsr debugfs directory
[ 1171.133983][T30105] bridge_slave_1: left allmulticast mode
[ 1171.139721][T30105] bridge_slave_1: left promiscuous mode
[ 1171.145483][T30105] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1171.157305][T30105] bridge_slave_0: left allmulticast mode
[ 1171.163063][T30105] bridge_slave_0: left promiscuous mode
[ 1171.168884][T30105] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1171.199534][T10843] loop5: detected capacity change from 0 to 256
[ 1171.213106][T10843] vfat: Unknown parameter 'roset'
[ 1171.224261][T10848] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1171.230906][T10848] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[ 1171.239986][T10848] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1171.255036][T10848] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.12321: attempt to clear invalid blocks 2 len 1
[ 1171.268403][T10848] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.12321: invalid indirect mapped block 1819239214 (level 0)
[ 1171.283493][T30105] bond1 (unregistering): (slave geneve2): Releasing active interface
[ 1171.292622][T10848] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.12321: invalid indirect mapped block 1819239214 (level 1)
[ 1171.307222][T10848] EXT4-fs (loop4): 1 truncate cleaned up
[ 1171.313823][T10848] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1171.327585][T10848] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[ 1171.337217][T10848] EXT4-fs error (device loop4): __ext4_remount:6789: comm syz.4.12321: Abort forced by user
[ 1171.347782][T10848] EXT4-fs (loop4): Remounting filesystem read-only
[ 1171.354712][T10848] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1171.374158][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1171.422943][T30105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1171.433564][T30105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1171.444611][T30105] bond0 (unregistering): Released all slaves
[ 1171.453758][T30105] bond1 (unregistering): Released all slaves
[ 1171.479935][T10846] lo speed is unknown, defaulting to 1000
[ 1171.506862][T30105] tipc: Disabling bearer <eth:vlan0>
[ 1171.514415][T30105] tipc: Left network mode
[ 1171.567982][T10853] EXT4-fs: Ignoring removed oldalloc option
[ 1171.580093][T10853] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.12323: Parent and EA inode have the same ino 15
[ 1171.596707][T10853] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.12323: Parent and EA inode have the same ino 15
[ 1171.610262][T10853] EXT4-fs (loop4): 1 orphan inode deleted
[ 1171.616520][T10853] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1171.633100][T30105] hsr_slave_0: left promiscuous mode
[ 1171.645729][T30105] hsr_slave_1: left promiscuous mode
[ 1171.654753][T30105] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1171.662371][T30105] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1171.673318][T30105] veth1_vlan: left promiscuous mode
[ 1171.679619][T30105] veth0_vlan: left promiscuous mode
[ 1171.733838][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1171.753103][T10840] delete_channel: no stack
[ 1171.759356][T30116] smc: removing ib device syz!
[ 1171.812356][ T3510] lo speed is unknown, defaulting to 1000
[ 1171.818154][ T3510] syz2: Port: 1 Link DOWN
[ 1171.872207][T10871] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1171.889227][T10873] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1171.909602][T10873] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1171.921318][T10865] EXT4-fs: Ignoring removed oldalloc option
[ 1171.935365][T10877] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1171.941796][T10877] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[ 1171.951187][T10871] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1171.966072][T10871] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1171.982063][T10877] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1171.996069][T10787] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1172.006945][T10877] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.12331: attempt to clear invalid blocks 2 len 1
[ 1172.020704][T10865] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.12327: Parent and EA inode have the same ino 15
[ 1172.034525][T10566] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1172.049312][T10787] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1172.049991][T10877] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.12331: invalid indirect mapped block 1819239214 (level 0)
[ 1172.071813][T10084] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1172.084837][T10877] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.12331: invalid indirect mapped block 1819239214 (level 1)
[ 1172.085614][T10787] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1172.111933][T10865] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.12327: Parent and EA inode have the same ino 15
[ 1172.128353][T10877] EXT4-fs (loop4): 1 truncate cleaned up
[ 1172.135167][T10865] EXT4-fs (loop3): 1 orphan inode deleted
[ 1172.141054][T10877] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1172.141810][T10865] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1172.170433][T10787] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1172.190029][T10877] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[ 1172.220812][T10877] EXT4-fs error (device loop4): __ext4_remount:6789: comm syz.4.12331: Abort forced by user
[ 1172.249847][T10877] EXT4-fs (loop4): Remounting filesystem read-only
[ 1172.256506][T10877] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1172.285457][T10787] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1172.296243][ T8751] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1172.315380][T10787] 8021q: adding VLAN 0 to HW filter on device team0
[ 1172.348697][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1172.360264][T30114] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1172.367416][T30114] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1172.404004][T10896] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1172.416200][T30114] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1172.423504][T30114] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1172.444917][T10896] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1172.481462][T10896] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1172.498906][T10787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1172.560470][T10896] ext4 filesystem being mounted at /124/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1172.624562][ T6355] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1172.660099][T10911] FAULT_INJECTION: forcing a failure.
[ 1172.660099][T10911] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1172.673330][T10911] CPU: 1 UID: 0 PID: 10911 Comm: syz.4.12339 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1172.673524][T10911] Tainted: [W]=WARN
[ 1172.673534][T10911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1172.673552][T10911] Call Trace:
[ 1172.673599][T10911]  <TASK>
[ 1172.673610][T10911]  __dump_stack+0x1d/0x30
[ 1172.673644][T10911]  dump_stack_lvl+0x95/0xd0
[ 1172.673736][T10911]  dump_stack+0x15/0x1b
[ 1172.673758][T10911]  should_fail_ex+0x265/0x280
[ 1172.673787][T10911]  should_fail+0xb/0x20
[ 1172.673813][T10911]  should_fail_usercopy+0x1a/0x20
[ 1172.673845][T10911]  strncpy_from_user+0x27/0x260
[ 1172.673911][T10911]  __se_sys_memfd_create+0x206/0x6b0
[ 1172.673958][T10911]  __x64_sys_memfd_create+0x31/0x40
[ 1172.673997][T10911]  x64_sys_call+0x28cb/0x3000
[ 1172.674094][T10911]  do_syscall_64+0xca/0x2b0
[ 1172.674134][T10911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1172.674156][T10911] RIP: 0033:0x7feb69fcf749
[ 1172.674207][T10911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1172.674245][T10911] RSP: 002b:00007feb68a36e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1172.674266][T10911] RAX: ffffffffffffffda RBX: 0000000000000512 RCX: 00007feb69fcf749
[ 1172.674279][T10911] RDX: 00007feb68a36ef0 RSI: 0000000000000000 RDI: 00007feb6a054960
[ 1172.674295][T10911] RBP: 0000200000000380 R08: 00007feb68a36bb7 R09: 00007feb68a36e40
[ 1172.674313][T10911] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[ 1172.674330][T10911] R13: 00007feb68a36ef0 R14: 00007feb68a36eb0 R15: 0000200000000340
[ 1172.674363][T10911]  </TASK>
[ 1172.699081][T10787] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1172.863468][T10916] set_capacity_and_notify: 8 callbacks suppressed
[ 1172.863481][T10916] loop4: detected capacity change from 0 to 1024
[ 1172.877328][T10916] EXT4-fs: inline encryption not supported
[ 1172.898137][T10916] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1172.971989][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1173.002095][T10787] veth0_vlan: entered promiscuous mode
[ 1173.010209][T10787] veth1_vlan: entered promiscuous mode
[ 1173.026453][T10787] veth0_macvtap: entered promiscuous mode
[ 1173.037331][T10787] veth1_macvtap: entered promiscuous mode
[ 1173.054896][T10787] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1173.070778][T10787] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1173.092180][T30119] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1173.114641][T30119] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1173.128304][T30119] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1173.153804][T10939] loop2: detected capacity change from 0 to 256
[ 1173.154294][ T8751] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1173.169347][T10939] vfat: Unknown parameter 'roset'
[ 1173.176868][T30119] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1173.236765][   T29] kauditd_printk_skb: 521 callbacks suppressed
[ 1173.236784][   T29] audit: type=1326 audit(1768399080.018:238608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10941 comm="syz.3.12347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14da0df749 code=0x7ffc0000
[ 1173.272973][   T29] audit: type=1326 audit(1768399080.018:238609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10941 comm="syz.3.12347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14da0df749 code=0x7ffc0000
[ 1173.297146][   T29] audit: type=1326 audit(1768399080.028:238610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10941 comm="syz.3.12347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14da0df749 code=0x7ffc0000
[ 1173.320929][   T29] audit: type=1326 audit(1768399080.028:238611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10941 comm="syz.3.12347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14da0df749 code=0x7ffc0000
[ 1173.344757][   T29] audit: type=1326 audit(1768399080.028:238612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10941 comm="syz.3.12347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14da0df749 code=0x7ffc0000
[ 1173.368923][   T29] audit: type=1326 audit(1768399080.028:238613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10941 comm="syz.3.12347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14da0df749 code=0x7ffc0000
[ 1173.392861][   T29] audit: type=1326 audit(1768399080.028:238614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10941 comm="syz.3.12347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14da0df749 code=0x7ffc0000
[ 1173.416831][   T29] audit: type=1326 audit(1768399080.028:238615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10941 comm="syz.3.12347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14da0df749 code=0x7ffc0000
[ 1173.440946][   T29] audit: type=1326 audit(1768399080.028:238616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10941 comm="syz.3.12347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14da0df749 code=0x7ffc0000
[ 1173.465223][   T29] audit: type=1326 audit(1768399080.028:238617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10941 comm="syz.3.12347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14da0df749 code=0x7ffc0000
[ 1173.780115][T10931] delete_channel: no stack
[ 1174.015565][T10961] loop2: detected capacity change from 0 to 512
[ 1174.022952][T10961] EXT4-fs: Ignoring removed oldalloc option
[ 1174.036828][T10961] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12353: Parent and EA inode have the same ino 15
[ 1174.054871][T10961] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12353: Parent and EA inode have the same ino 15
[ 1174.064214][T10967] loop3: detected capacity change from 0 to 1024
[ 1174.069478][T10961] EXT4-fs (loop2): 1 orphan inode deleted
[ 1174.074816][T10967] EXT4-fs: inline encryption not supported
[ 1174.082562][T10961] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1174.110142][T10967] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1174.134689][T10566] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1174.159770][T10967] __nla_validate_parse: 8 callbacks suppressed
[ 1174.159789][T10967] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12354'.
[ 1174.192946][ T8751] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1174.297242][T10946] delete_channel: no stack
[ 1174.564339][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1174.570689][T10987] Bluetooth: hci0: command 0x1003 tx timeout
[ 1174.616507][T10998] loop2: detected capacity change from 0 to 256
[ 1174.633490][T10998] vfat: Unknown parameter 'roset'
[ 1174.666022][T10994] delete_channel: no stack
[ 1174.826545][T11003] loop2: detected capacity change from 0 to 1024
[ 1174.833723][T11003] EXT4-fs: inline encryption not supported
[ 1174.853847][T11003] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1174.875605][T11003] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12366'.
[ 1174.885203][T11003] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1174.898229][T11003] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1174.971539][T10566] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1174.993807][T11008] netlink: 20 bytes leftover after parsing attributes in process `syz.3.12367'.
[ 1175.016713][T11012] ------------[ cut here ]------------
[ 1175.022318][T11012] verifier bug: REG INVARIANTS VIOLATION (true_reg1): range bounds violation u64=[0xffffdfcd, 0xffffffffffffdfcc] s64=[0x80000000ffffdfcd, 0x7fffffffffffdfcc] u32=[0xffffdfcd, 0xffffdfcc] s32=[0xffffdfcd, 0xffffdfcc] var_off=(0xffffdfcc, 0xffffffff00000000)
[ 1175.046940][T11012] WARNING: kernel/bpf/verifier.c:2748 at reg_bounds_sanity_check+0x15b/0x660, CPU#1: syz.2.12369/11012
[ 1175.058183][T11012] Modules linked in:
[ 1175.062372][T11012] CPU: 1 UID: 0 PID: 11012 Comm: syz.2.12369 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1175.074097][T11012] Tainted: [W]=WARN
[ 1175.077929][T11012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1175.088136][T11012] RIP: 0010:reg_bounds_sanity_check+0x27d/0x660
[ 1175.094487][T11012] Code: 24 78 4c 8b 44 24 70 4c 8b 4c 24 60 41 ff 74 24 20 41 55 53 ff 74 24 68 ff 74 24 78 ff b4 24 90 00 00 00 ff b4 24 b0 00 00 00 <67> 48 0f b9 3a 48 83 c4 38 4c 8b ac 24 98 00 00 00 49 8d 85 80 08
[ 1175.114187][T11012] RSP: 0018:ffffc9000256b3a0 EFLAGS: 00010246
[ 1175.120381][T11012] RAX: ffff888157553c10 RBX: 00000000ffffdfcc RCX: 00000000ffffdfcd
[ 1175.128534][T11012] RDX: ffffffff865fc107 RSI: ffffffff864c642d RDI: ffffffff86db6a10
[ 1175.136635][T11012] RBP: ffff888167323270 R08: ffffffffffffdfcc R09: 80000000ffffdfcd
[ 1175.144687][T11012] R10: ffffffff88ee5a70 R11: 00000000ffffdfce R12: ffff888167323230
[ 1175.152809][T11012] R13: 00000000ffffdfcc R14: ffff88816732327c R15: ffff888167323268
[ 1175.160883][T11012] FS:  00007f24c2ab76c0(0000) GS:ffff8882aeec5000(0000) knlGS:0000000000000000
[ 1175.169998][T11012] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1175.176663][T11012] CR2: 0000200000001000 CR3: 00000001ccca0000 CR4: 00000000003506f0
[ 1175.184755][T11012] DR0: 0000000000007fff DR1: 0000000000000000 DR2: 0000000000000000
[ 1175.193162][T11012] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 1175.201172][T11012] Call Trace:
[ 1175.204510][T11012]  <TASK>
[ 1175.207546][T11012]  reg_set_min_max+0x1c8/0x260
[ 1175.212411][T11012]  check_cond_jmp_op+0x13bd/0x1a80
[ 1175.217912][T11012]  do_check+0x3347/0x81f0
[ 1175.222415][T11012]  do_check_common+0xccf/0x1300
[ 1175.227463][T11012]  bpf_check+0x2f98/0xc860
[ 1175.232122][T11012]  ? __alloc_frozen_pages_noprof+0x18f/0x360
[ 1175.238348][T11012]  ? alloc_pages_bulk_noprof+0x4b9/0x540
[ 1175.244122][T11012]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[ 1175.250105][T11012]  ? pcpu_block_update+0x232/0x3b0
[ 1175.255291][T11012]  ? pcpu_block_update+0x232/0x3b0
[ 1175.260558][T11012]  ? pcpu_chunk_refresh_hint+0x47e/0x4b0
[ 1175.266262][T11012]  ? pcpu_block_update_hint_alloc+0x636/0x660
[ 1175.272486][T11012]  ? css_rstat_updated+0xbb/0x280
[ 1175.277612][T11012]  ? mod_memcg_state+0x182/0x270
[ 1175.282902][T11012]  ? __rcu_read_unlock+0x4f/0x70
[ 1175.288113][T11012]  ? pcpu_memcg_post_alloc_hook+0xec/0x170
[ 1175.294046][T11012]  ? bpf_prog_alloc+0x5b/0x150
[ 1175.298959][T11012]  ? pcpu_alloc_noprof+0xd0d/0x1240
[ 1175.304218][T11012]  ? should_fail_ex+0x30/0x280
[ 1175.309207][T11012]  ? __kmalloc_noprof+0x2b4/0x5a0
[ 1175.314276][T11012]  ? security_bpf_prog_load+0x60/0x140
[ 1175.320239][T11012]  ? selinux_bpf_prog_load+0xad/0xd0
[ 1175.325772][T11012]  ? security_bpf_prog_load+0x9e/0x140
[ 1175.331354][T11012]  bpf_prog_load+0xf6e/0x1140
[ 1175.336112][T11012]  ? security_bpf+0x2b/0x90
[ 1175.340671][T11012]  __sys_bpf+0x469/0x7c0
[ 1175.344963][T11012]  __x64_sys_bpf+0x41/0x50
[ 1175.349521][T11012]  x64_sys_call+0x28e1/0x3000
[ 1175.354389][T11012]  do_syscall_64+0xca/0x2b0
[ 1175.358986][T11012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1175.365125][T11012] RIP: 0033:0x7f24c404f749
[ 1175.369577][T11012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1175.389406][T11012] RSP: 002b:00007f24c2ab7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1175.397933][T11012] RAX: ffffffffffffffda RBX: 00007f24c42a5fa0 RCX: 00007f24c404f749
[ 1175.406072][T11012] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[ 1175.414165][T11012] RBP: 00007f24c40d3f91 R08: 0000000000000000 R09: 0000000000000000
[ 1175.422206][T11012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1175.430209][T11012] R13: 00007f24c42a6038 R14: 00007f24c42a5fa0 R15: 00007ffe1ea61328
[ 1175.438263][T11012]  </TASK>
[ 1175.441347][T11012] ---[ end trace 0000000000000000 ]---
[ 1175.620986][T11024] loop2: detected capacity change from 0 to 512
[ 1175.628433][T11024] EXT4-fs: Ignoring removed oldalloc option
[ 1175.644989][T11024] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12374: Parent and EA inode have the same ino 15
[ 1175.664427][T11024] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12374: Parent and EA inode have the same ino 15
[ 1175.678724][T11024] EXT4-fs (loop2): 1 orphan inode deleted
[ 1175.797606][T11037] loop3: detected capacity change from 0 to 512
[ 1175.835536][T11042] loop3: detected capacity change from 0 to 1024
[ 1175.842963][T11042] EXT4-fs: inline encryption not supported
[ 1175.917881][T11042] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12379'.
[ 1176.074943][T11065] loop3: detected capacity change from 0 to 512
[ 1176.082345][T11065] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1176.092823][T11065] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=42c028, mo2=0002]
[ 1176.101613][T11065] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1176.109690][T11065] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[ 1176.124588][T11065] EXT4-fs (loop3): Remounting filesystem read-only
[ 1176.131335][T11065] EXT4-fs (loop3): 1 truncate cleaned up
[ 1176.137486][T30114] EXT4-fs (loop3): Quota write (off=8192, len=1024) cancelled because transaction is not started
[ 1176.148137][T30114] EXT4-fs (loop3): Quota write (off=8192, len=1024) cancelled because transaction is not started
[ 1176.159504][T30114] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[ 1176.193302][T11013] delete_channel: no stack
[ 1176.399403][T25442] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1176.419100][T11074] netlink: 20 bytes leftover after parsing attributes in process `syz.5.12388'.
[ 1176.455524][T11073] SELinux: ebitmap: truncated map
[ 1176.479733][T11073] SELinux: failed to load policy
[ 1176.577132][T11082] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1176.597936][T11087] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1176.662977][T11087] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1176.723550][T11087] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1176.768520][T11087] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1176.801879][ T6355] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1176.843666][T11098] vfat: Unknown parameter 'roset'
[ 1176.853860][T11097] delete_channel: no stack
[ 1176.861610][T30116] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1176.873609][T30116] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1176.885564][T30116] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1176.897977][T30116] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1176.974858][T11112] FAULT_INJECTION: forcing a failure.
[ 1176.974858][T11112] name failslab, interval 1, probability 0, space 0, times 0
[ 1176.987578][T11112] CPU: 0 UID: 0 PID: 11112 Comm: syz.4.12403 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1176.987608][T11112] Tainted: [W]=WARN
[ 1176.987614][T11112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1176.987626][T11112] Call Trace:
[ 1176.987633][T11112]  <TASK>
[ 1176.987640][T11112]  __dump_stack+0x1d/0x30
[ 1176.987663][T11112]  dump_stack_lvl+0x95/0xd0
[ 1176.987771][T11112]  dump_stack+0x15/0x1b
[ 1176.987789][T11112]  should_fail_ex+0x265/0x280
[ 1176.987810][T11112]  should_failslab+0x8c/0xb0
[ 1176.987830][T11112]  __kmalloc_noprof+0xb9/0x5a0
[ 1176.987971][T11112]  ? hci_alloc_dev_priv+0x24/0xe70
[ 1176.987996][T11112]  hci_alloc_dev_priv+0x24/0xe70
[ 1176.988030][T11112]  hci_uart_tty_ioctl+0x290/0x5c0
[ 1176.988088][T11112]  ? __pfx_hci_uart_tty_ioctl+0x10/0x10
[ 1176.988130][T11112]  tty_ioctl+0x83f/0xb80
[ 1176.988164][T11112]  ? __pfx_tty_ioctl+0x10/0x10
[ 1176.988182][T11112]  __se_sys_ioctl+0xce/0x140
[ 1176.988260][T11112]  __x64_sys_ioctl+0x43/0x50
[ 1176.988362][T11112]  x64_sys_call+0x14b0/0x3000
[ 1176.988385][T11112]  do_syscall_64+0xca/0x2b0
[ 1176.988416][T11112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1176.988436][T11112] RIP: 0033:0x7feb69fcf749
[ 1176.988460][T11112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1176.988477][T11112] RSP: 002b:00007feb68a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1176.988494][T11112] RAX: ffffffffffffffda RBX: 00007feb6a225fa0 RCX: 00007feb69fcf749
[ 1176.988506][T11112] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003
[ 1176.988517][T11112] RBP: 00007feb68a37090 R08: 0000000000000000 R09: 0000000000000000
[ 1176.988528][T11112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1176.988539][T11112] R13: 00007feb6a226038 R14: 00007feb6a225fa0 R15: 00007ffe2c0fee48
[ 1176.988573][T11112]  </TASK>
[ 1176.988580][T11112] Bluetooth: Can't allocate HCI device
[ 1177.076303][T11114] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1177.234509][T30116] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1177.279581][T11122] EXT4-fs: inline encryption not supported
[ 1177.318970][T11122] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12406'.
[ 1177.394060][T11136] FAULT_INJECTION: forcing a failure.
[ 1177.394060][T11136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1177.407363][T11136] CPU: 1 UID: 0 PID: 11136 Comm: syz.1.12412 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1177.407427][T11136] Tainted: [W]=WARN
[ 1177.407435][T11136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1177.407449][T11136] Call Trace:
[ 1177.407456][T11136]  <TASK>
[ 1177.407465][T11136]  __dump_stack+0x1d/0x30
[ 1177.407501][T11136]  dump_stack_lvl+0x95/0xd0
[ 1177.407533][T11136]  dump_stack+0x15/0x1b
[ 1177.407560][T11136]  should_fail_ex+0x265/0x280
[ 1177.407654][T11136]  should_fail+0xb/0x20
[ 1177.407688][T11136]  should_fail_usercopy+0x1a/0x20
[ 1177.407744][T11136]  _copy_from_user+0x1c/0xb0
[ 1177.407783][T11136]  __sys_bpf+0x183/0x7c0
[ 1177.407811][T11136]  __x64_sys_bpf+0x41/0x50
[ 1177.407873][T11136]  x64_sys_call+0x28e1/0x3000
[ 1177.407909][T11136]  do_syscall_64+0xca/0x2b0
[ 1177.407966][T11136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1177.407996][T11136] RIP: 0033:0x7f7e7760f749
[ 1177.408052][T11136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1177.408129][T11136] RSP: 002b:00007f7e7606f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1177.408157][T11136] RAX: ffffffffffffffda RBX: 00007f7e77865fa0 RCX: 00007f7e7760f749
[ 1177.408176][T11136] RDX: 0000000000000050 RSI: 0000200000000a00 RDI: 0000000000000000
[ 1177.408240][T11136] RBP: 00007f7e7606f090 R08: 0000000000000000 R09: 0000000000000000
[ 1177.408253][T11136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1177.408267][T11136] R13: 00007f7e77866038 R14: 00007f7e77865fa0 R15: 00007ffc3388b138
[ 1177.408294][T11136]  </TASK>
[ 1177.657521][T11140] set_capacity_and_notify: 4 callbacks suppressed
[ 1177.657534][T11140] loop3: detected capacity change from 0 to 256
[ 1177.671420][T11140] vfat: Unknown parameter 'roset'
[ 1177.681807][T11139] delete_channel: no stack
[ 1177.769569][T11147] loop1: detected capacity change from 0 to 512
[ 1177.799896][T11152] loop1: detected capacity change from 0 to 1024
[ 1177.806819][T11152] EXT4-fs: inline encryption not supported
[ 1177.808243][T11153] loop3: detected capacity change from 0 to 512
[ 1177.828179][T11152] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12418'.
[ 1177.838108][T11152] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1177.851839][T11152] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1177.871152][T11158] vlan2: entered allmulticast mode
[ 1177.981561][T11165] netlink: 'syz.3.12423': attribute type 1 has an invalid length.
[ 1177.995692][T11165] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1178.100524][   T29] kauditd_printk_skb: 1551 callbacks suppressed
[ 1178.100543][   T29] audit: type=1326 audit(1768399085.130:240161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11167 comm="syz.1.12424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7760f749 code=0x7ffc0000
[ 1178.131203][   T29] audit: type=1326 audit(1768399085.130:240162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11167 comm="syz.1.12424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7760f749 code=0x7ffc0000
[ 1178.155308][   T29] audit: type=1326 audit(1768399085.130:240163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11167 comm="syz.1.12424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7760f749 code=0x7ffc0000
[ 1178.179257][   T29] audit: type=1326 audit(1768399085.130:240164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11167 comm="syz.1.12424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e7760f749 code=0x7ffc0000
[ 1178.203201][   T29] audit: type=1326 audit(1768399085.130:240165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11167 comm="syz.1.12424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7760f749 code=0x7ffc0000
[ 1178.227404][   T29] audit: type=1326 audit(1768399085.130:240166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11167 comm="syz.1.12424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7760f749 code=0x7ffc0000
[ 1178.251451][   T29] audit: type=1326 audit(1768399085.130:240167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11167 comm="syz.1.12424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7760f749 code=0x7ffc0000
[ 1178.275549][   T29] audit: type=1326 audit(1768399085.130:240168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11167 comm="syz.1.12424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f7e7760f749 code=0x7ffc0000
[ 1178.299482][   T29] audit: type=1326 audit(1768399085.130:240169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11167 comm="syz.1.12424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7760f749 code=0x7ffc0000
[ 1178.323495][   T29] audit: type=1326 audit(1768399085.130:240170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11167 comm="syz.1.12424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7760f749 code=0x7ffc0000
[ 1178.370036][   T53] bridge_slave_1: left allmulticast mode
[ 1178.375753][   T53] bridge_slave_1: left promiscuous mode
[ 1178.381499][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1178.399670][   T53] bridge_slave_0: left allmulticast mode
[ 1178.405609][   T53] bridge_slave_0: left promiscuous mode
[ 1178.411377][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1178.539491][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1178.549848][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1178.560068][   T53] bond0 (unregistering): Released all slaves
[ 1178.561975][T11177] loop4: detected capacity change from 0 to 512
[ 1178.572976][   T53] bond1 (unregistering): Released all slaves
[ 1178.579563][T11177] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1178.585502][   T53] bond2 (unregistering): Released all slaves
[ 1178.586092][T11177] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[ 1178.606220][T11177] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1178.621091][T11177] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.12426: attempt to clear invalid blocks 2 len 1
[ 1178.635077][T11177] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.12426: invalid indirect mapped block 1819239214 (level 0)
[ 1178.649779][T11177] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.12426: invalid indirect mapped block 1819239214 (level 1)
[ 1178.664109][   T53] tipc: Disabling bearer <eth:vlan0>
[ 1178.664556][T11177] EXT4-fs (loop4): 1 truncate cleaned up
[ 1178.675554][   T53] tipc: Left network mode
[ 1178.680086][T11177] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[ 1178.689587][T11177] EXT4-fs error (device loop4): __ext4_remount:6789: comm syz.4.12426: Abort forced by user
[ 1178.699906][   T53] hsr_slave_0: left promiscuous mode
[ 1178.700276][T11177] EXT4-fs (loop4): Remounting filesystem read-only
[ 1178.711776][T11177] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1178.720270][   T53] hsr_slave_1: left promiscuous mode
[ 1178.726183][T11177] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12426'.
[ 1178.727504][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1178.742694][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1178.749935][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[ 1178.750036][T25442] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1178.763003][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1178.770847][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1178.810071][   T53] veth1_vlan: left promiscuous mode
[ 1178.826469][   T53] veth0_vlan: left promiscuous mode
[ 1178.832486][T11182] loop4: detected capacity change from 0 to 512
[ 1178.844254][T11182] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1178.881853][T11182] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1178.912140][T11185] loop2: detected capacity change from 0 to 256
[ 1178.918518][T11187] FAULT_INJECTION: forcing a failure.
[ 1178.918518][T11187] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1178.918688][T11187] CPU: 1 UID: 0 PID: 11187 Comm: syz.3.12429 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1178.918731][T11187] Tainted: [W]=WARN
[ 1178.918744][T11187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1178.918761][T11187] Call Trace:
[ 1178.918826][T11187]  <TASK>
[ 1178.918872][T11187]  __dump_stack+0x1d/0x30
[ 1178.918977][T11187]  dump_stack_lvl+0x95/0xd0
[ 1178.919051][T11187]  dump_stack+0x15/0x1b
[ 1178.919200][T11187]  should_fail_ex+0x265/0x280
[ 1178.919285][T11187]  should_fail+0xb/0x20
[ 1178.919352][T11187]  should_fail_usercopy+0x1a/0x20
[ 1178.919427][T11187]  _copy_from_user+0x1c/0xb0
[ 1178.919544][T11187]  ___sys_sendmsg+0xc1/0x1d0
[ 1178.919678][T11187]  __x64_sys_sendmsg+0xd4/0x160
[ 1178.919874][T11187]  x64_sys_call+0x17ba/0x3000
[ 1178.919967][T11187]  do_syscall_64+0xca/0x2b0
[ 1178.920084][T11187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1178.920151][T11187] RIP: 0033:0x7f14da0df749
[ 1178.920204][T11187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1178.920346][T11187] RSP: 002b:00007f14d8b47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1178.920448][T11187] RAX: ffffffffffffffda RBX: 00007f14da335fa0 RCX: 00007f14da0df749
[ 1178.920491][T11187] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1178.920526][T11187] RBP: 00007f14d8b47090 R08: 0000000000000000 R09: 0000000000000000
[ 1178.920569][T11187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1178.920606][T11187] R13: 00007f14da336038 R14: 00007f14da335fa0 R15: 00007ffcb96809e8
[ 1178.920678][T11187]  </TASK>
[ 1179.097520][T11185] vfat: Unknown parameter 'roset'
[ 1179.182012][T11199] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12435'.
[ 1179.192371][T11199] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1179.199840][T11199] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1179.212550][T25442] Bluetooth: hci1: command 0x1003 tx timeout
[ 1179.214011][T10987] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1179.235974][T11179] delete_channel: no stack
[ 1179.277255][T11208] loop5: detected capacity change from 0 to 512
[ 1179.289717][T11208] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1179.296222][T11208] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[ 1179.304887][T11208] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1179.339797][T11208] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.12438: attempt to clear invalid blocks 2 len 1
[ 1179.363588][T11208] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12438: invalid indirect mapped block 1819239214 (level 0)
[ 1179.393975][T11208] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12438: invalid indirect mapped block 1819239214 (level 1)
[ 1179.423487][T11208] EXT4-fs (loop5): 1 truncate cleaned up
[ 1179.437078][T11208] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[ 1179.451593][T11216] loop3: detected capacity change from 0 to 512
[ 1179.459372][T11218] xt_hashlimit: max too large, truncated to 1048576
[ 1179.477561][T11208] EXT4-fs error (device loop5): __ext4_remount:6789: comm syz.5.12438: Abort forced by user
[ 1179.489923][T11219] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12438'.
[ 1179.507164][T11208] EXT4-fs (loop5): Remounting filesystem read-only
[ 1179.513976][T11208] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1179.578695][T11230] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12447'.
[ 1179.726016][T11234] loop1: detected capacity change from 0 to 256
[ 1179.740878][T11234] vfat: Unknown parameter 'roset'
[ 1179.758190][T11246] netlink: 176 bytes leftover after parsing attributes in process `syz.3.12451'.
[ 1179.774765][T11245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1179.804333][T11232] delete_channel: no stack
[ 1179.809371][T11245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1179.830957][T11245] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1179.867119][T11245] netlink: 14 bytes leftover after parsing attributes in process `syz.2.12453'.
[ 1179.951509][T11258] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1180.371415][T11265] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12459'.
[ 1180.393230][T11265] netlink: 236 bytes leftover after parsing attributes in process `syz.4.12459'.
[ 1180.404472][ T3489] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[ 1180.414204][ T3489] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1180.474773][T11272] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12461'.
[ 1180.556454][T11267] EXT4-fs: Ignoring removed oldalloc option
[ 1180.569878][T11267] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12460: Parent and EA inode have the same ino 15
[ 1180.591177][T11267] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12460: Parent and EA inode have the same ino 15
[ 1180.606333][T11267] EXT4-fs (loop2): 1 orphan inode deleted
[ 1180.860847][T11284] vfat: Unknown parameter 'roset'
[ 1180.867718][T11286] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.12467'.
[ 1180.885810][T11286] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.12467'.
[ 1181.198541][T11303] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1181.198541][T11303]    program syz.1.12470 not setting count and/or reply_len properly
[ 1181.253421][T11325] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1181.474093][T11283] delete_channel: no stack
[ 1181.582463][T11337] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1181.754033][T11351] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1181.769255][T11351] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1181.803939][T26009] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[ 1181.814896][T26009] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1181.930609][T11318] delete_channel: no stack
[ 1181.997080][T11372] vfat: Unknown parameter 'roset'
[ 1182.124534][T11374] EXT4-fs: Ignoring removed oldalloc option
[ 1182.136855][T11374] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12493: Parent and EA inode have the same ino 15
[ 1182.155409][T11374] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12493: Parent and EA inode have the same ino 15
[ 1182.168517][T11374] EXT4-fs (loop2): 1 orphan inode deleted
[ 1182.651786][T11364] delete_channel: no stack
[ 1182.872187][   T29] kauditd_printk_skb: 5936 callbacks suppressed
[ 1182.872224][   T29] audit: type=1326 audit(1768399090.127:246107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11382 comm="syz.2.12496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f24c4082005 code=0x7ffc0000
[ 1183.038910][   T29] audit: type=1326 audit(1768399090.169:246108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11382 comm="syz.2.12496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f24c4082005 code=0x7ffc0000
[ 1183.062801][   T29] audit: type=1326 audit(1768399090.169:246109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11382 comm="syz.2.12496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f24c4082005 code=0x7ffc0000
[ 1183.086620][   T29] audit: type=1326 audit(1768399090.169:246110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11382 comm="syz.2.12496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f24c4082005 code=0x7ffc0000
[ 1183.110641][   T29] audit: type=1326 audit(1768399090.180:246111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11382 comm="syz.2.12496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f24c4082005 code=0x7ffc0000
[ 1183.134713][   T29] audit: type=1326 audit(1768399090.180:246112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11382 comm="syz.2.12496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f24c4082005 code=0x7ffc0000
[ 1183.158567][   T29] audit: type=1326 audit(1768399090.180:246113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11382 comm="syz.2.12496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f24c4082005 code=0x7ffc0000
[ 1183.182372][   T29] audit: type=1326 audit(1768399090.180:246114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11382 comm="syz.2.12496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f24c4082005 code=0x7ffc0000
[ 1183.206292][   T29] audit: type=1326 audit(1768399090.190:246115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11382 comm="syz.2.12496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f24c4082005 code=0x7ffc0000
[ 1183.230113][   T29] audit: type=1326 audit(1768399090.190:246116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11382 comm="syz.2.12496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f24c4082005 code=0x7ffc0000
[ 1183.376363][   T53] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1183.383768][T11420] set_capacity_and_notify: 13 callbacks suppressed
[ 1183.383782][T11420] loop5: detected capacity change from 0 to 512
[ 1183.398006][T11420] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1183.415831][T11420] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1183.491150][T11431] loop1: detected capacity change from 0 to 128
[ 1183.500149][T11431] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1183.597475][T26009] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[ 1183.614713][T26009] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1183.625825][T11437] loop1: detected capacity change from 0 to 2048
[ 1183.709075][T11408] delete_channel: no stack
[ 1183.999883][T11452] loop3: detected capacity change from 0 to 256
[ 1184.007064][T11452] vfat: Unknown parameter 'roset'
[ 1184.016425][T11451] delete_channel: no stack
[ 1184.228025][T11467] __nla_validate_parse: 12 callbacks suppressed
[ 1184.228057][T11467] netlink: 20 bytes leftover after parsing attributes in process `syz.3.12519'.
[ 1184.228390][T11466] vlan2: entered allmulticast mode
[ 1184.439253][T11475] netlink: 4280 bytes leftover after parsing attributes in process `syz.4.12523'.
[ 1184.458286][T11475] netlink: 4280 bytes leftover after parsing attributes in process `syz.4.12523'.
[ 1184.519259][T11484] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12525'.
[ 1184.640114][T11486] loop1: detected capacity change from 0 to 512
[ 1184.647592][T11486] EXT4-fs: Ignoring removed oldalloc option
[ 1184.665525][T11499] loop5: detected capacity change from 0 to 256
[ 1184.667361][T11486] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.12527: Parent and EA inode have the same ino 15
[ 1184.682659][T11499] vfat: Unknown parameter 'roset'
[ 1184.690063][T11496] veth0_to_team: entered promiscuous mode
[ 1184.694494][T11486] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.12527: Parent and EA inode have the same ino 15
[ 1184.716583][T11486] EXT4-fs (loop1): 1 orphan inode deleted
[ 1184.739910][T11488] delete_channel: no stack
[ 1184.855435][T11517] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12539'.
[ 1184.879245][T11519] loop5: detected capacity change from 0 to 512
[ 1184.888062][T11519] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1184.894735][T11519] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[ 1184.904144][T11519] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1184.919414][T11519] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.12540: attempt to clear invalid blocks 2 len 1
[ 1184.932882][T11519] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12540: invalid indirect mapped block 1819239214 (level 0)
[ 1184.948495][T11519] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12540: invalid indirect mapped block 1819239214 (level 1)
[ 1184.963373][T11519] EXT4-fs (loop5): 1 truncate cleaned up
[ 1184.970824][T11519] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[ 1184.980775][T11519] EXT4-fs error (device loop5): __ext4_remount:6789: comm syz.5.12540: Abort forced by user
[ 1184.991462][T11519] EXT4-fs (loop5): Remounting filesystem read-only
[ 1184.998059][T11519] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1185.013715][T11521] loop4: detected capacity change from 0 to 512
[ 1185.021333][T11521] EXT4-fs: Ignoring removed oldalloc option
[ 1185.042170][T11521] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.12541: Parent and EA inode have the same ino 15
[ 1185.067514][T11521] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.12541: Parent and EA inode have the same ino 15
[ 1185.081782][T11521] EXT4-fs (loop4): 1 orphan inode deleted
[ 1185.113820][T11533] loop5: detected capacity change from 0 to 256
[ 1185.122627][T11533] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1185.299425][T10987] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1185.305692][T25442] Bluetooth: hci0: command 0x1003 tx timeout
[ 1185.317124][T11536] loop3: detected capacity change from 0 to 256
[ 1185.324697][T11536] vfat: Unknown parameter 'roset'
[ 1185.534008][T11544] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1185.534008][T11544]    program syz.5.12549 not setting count and/or reply_len properly
[ 1185.635983][T11555] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12551'.
[ 1185.744936][T11560] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1185.751514][T11560] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[ 1185.760222][T11560] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1185.774883][T11560] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.12553: attempt to clear invalid blocks 2 len 1
[ 1185.788506][T11560] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.12553: invalid indirect mapped block 1819239214 (level 0)
[ 1185.804103][T11560] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.12553: invalid indirect mapped block 1819239214 (level 1)
[ 1185.818802][T11560] EXT4-fs (loop1): 1 truncate cleaned up
[ 1185.826517][T11560] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[ 1185.836513][T11560] EXT4-fs error (device loop1): __ext4_remount:6789: comm syz.1.12553: Abort forced by user
[ 1185.846939][T11560] EXT4-fs (loop1): Remounting filesystem read-only
[ 1185.853637][T11560] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1185.927908][T11571] EXT4-fs: inline encryption not supported
[ 1185.936765][T11535] delete_channel: no stack
[ 1185.967802][T30114] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1185.976593][T11571] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12558'.
[ 1186.145859][T11595] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12564'.
[ 1186.206311][T11597] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1186.212808][T11597] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[ 1186.222711][T11581] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.12561'.
[ 1186.232230][T11581] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.12561'.
[ 1186.243353][T11597] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1186.264216][T11597] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.12565: attempt to clear invalid blocks 2 len 1
[ 1186.277480][T11597] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12565: invalid indirect mapped block 1819239214 (level 0)
[ 1186.293587][T11597] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12565: invalid indirect mapped block 1819239214 (level 1)
[ 1186.308299][T11597] EXT4-fs (loop5): 1 truncate cleaned up
[ 1186.338326][T11597] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[ 1186.348061][T11597] EXT4-fs error (device loop5): __ext4_remount:6789: comm syz.5.12565: Abort forced by user
[ 1186.359616][T11597] EXT4-fs (loop5): Remounting filesystem read-only
[ 1186.366206][T11597] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1186.425051][T26009] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[ 1186.448501][T11616] pimreg: entered allmulticast mode
[ 1186.456273][T11616] pimreg: left allmulticast mode
[ 1186.461118][T26009] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1186.623725][T11617] vfat: Unknown parameter 'roset'
[ 1186.629815][T26009] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[ 1186.646774][T26009] hid-generic 0000:0000:0000.0007: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1186.824204][T11553] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1187.209235][T11611] delete_channel: no stack
[ 1187.310887][T11643] vlan2: entered allmulticast mode
[ 1187.349243][T11647] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1187.379928][T11650] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1187.387284][T11647] ext4 filesystem being mounted at /189/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1187.564554][T11668] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1187.574206][T11668] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1187.588178][T11668] ext4 filesystem being mounted at /133/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1187.642747][   T29] kauditd_printk_skb: 4600 callbacks suppressed
[ 1187.642763][   T29] audit: type=1326 audit(1768399095.135:250717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz.3.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14da112005 code=0x7ffc0000
[ 1187.674134][   T29] audit: type=1326 audit(1768399095.145:250718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz.3.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14da112005 code=0x7ffc0000
[ 1187.698189][   T29] audit: type=1326 audit(1768399095.145:250719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz.3.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14da112005 code=0x7ffc0000
[ 1187.722114][   T29] audit: type=1326 audit(1768399095.145:250720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz.3.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14da112005 code=0x7ffc0000
[ 1187.746065][   T29] audit: type=1326 audit(1768399095.145:250721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz.3.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14da112005 code=0x7ffc0000
[ 1187.770301][   T29] audit: type=1326 audit(1768399095.145:250722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz.3.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14da112005 code=0x7ffc0000
[ 1187.794426][   T29] audit: type=1326 audit(1768399095.145:250723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz.3.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14da112005 code=0x7ffc0000
[ 1187.818385][   T29] audit: type=1326 audit(1768399095.145:250724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz.3.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14da112005 code=0x7ffc0000
[ 1187.842147][   T29] audit: type=1326 audit(1768399095.145:250725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz.3.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14da112005 code=0x7ffc0000
[ 1187.865936][   T29] audit: type=1326 audit(1768399095.145:250726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz.3.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14da112005 code=0x7ffc0000
[ 1187.890649][T25442] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1187.895249][T10987] Bluetooth: hci0: command 0x1003 tx timeout
[ 1188.101401][T11678] vlan2: entered allmulticast mode
[ 1188.243263][T11688] set_capacity_and_notify: 15 callbacks suppressed
[ 1188.243345][T11688] loop4: detected capacity change from 0 to 512
[ 1188.302324][T11692] loop4: detected capacity change from 0 to 512
[ 1188.436967][T11707] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1188.445942][T11707] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1188.456977][T11707] loop1: detected capacity change from 0 to 128
[ 1188.465758][T11707] ext4 filesystem being mounted at /37/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1188.477424][T11684] sch_tbf: peakrate 2 is lower than or equals to rate 19 !
[ 1188.758249][T11718] loop5: detected capacity change from 0 to 512
[ 1188.765264][T11718] EXT4-fs: Ignoring removed oldalloc option
[ 1188.777498][T11718] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.12610: Parent and EA inode have the same ino 15
[ 1188.797155][T11718] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.12610: Parent and EA inode have the same ino 15
[ 1188.810163][T11718] EXT4-fs (loop5): 1 orphan inode deleted
[ 1189.119654][T11729] loop1: detected capacity change from 0 to 512
[ 1189.173473][T11735] loop2: detected capacity change from 0 to 256
[ 1189.184749][T11735] vfat: Unknown parameter 'roset'
[ 1189.195200][T30115] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1189.207802][T11737] loop5: detected capacity change from 0 to 128
[ 1189.228834][T11737] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1189.281977][T11749] loop3: detected capacity change from 0 to 512
[ 1189.291383][T11749] EXT4-fs warning (device loop3): ext4_xattr_inode_get:546: inode #11: comm syz.3.12622: ea_inode file size=0 entry size=6
[ 1189.298886][T11752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1189.305134][T11749] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.12622: corrupted inode contents
[ 1189.325077][T11749] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #15: comm syz.3.12622: mark_inode_dirty error
[ 1189.325258][T11752] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1189.337685][T11749] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.12622: corrupted inode contents
[ 1189.358198][T11749] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3000: inode #15: comm syz.3.12622: mark_inode_dirty error
[ 1189.370729][T11749] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3003: inode #15: comm syz.3.12622: mark inode dirty (error -117)
[ 1189.383568][T11749] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -117)
[ 1189.393148][T11749] EXT4-fs (loop3): 1 orphan inode deleted
[ 1189.403819][T11752] loop1: detected capacity change from 0 to 128
[ 1189.419600][T11752] ext4 filesystem being mounted at /42/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1189.454307][T11752] __nla_validate_parse: 10 callbacks suppressed
[ 1189.454325][T11752] netlink: 14 bytes leftover after parsing attributes in process `syz.1.12623'.
[ 1189.500260][T11754] loop5: detected capacity change from 0 to 512
[ 1189.507462][T11754] EXT4-fs: Ignoring removed oldalloc option
[ 1189.519918][T11754] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.12621: Parent and EA inode have the same ino 15
[ 1189.535887][T11754] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.12621: Parent and EA inode have the same ino 15
[ 1189.548662][T11754] EXT4-fs (loop5): 1 orphan inode deleted
[ 1189.786422][T11763] hub 2-0:1.0: USB hub found
[ 1189.791160][T11763] hub 2-0:1.0: 8 ports detected
[ 1189.824097][T11725] delete_channel: no stack
[ 1190.006590][T11766] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1190.021672][T11766] EXT4-fs error (device loop2): htree_dirblock_to_tree:1080: inode #2: block 4: comm syz.2.12625: bad entry in directory: directory entry overrun - offset=1012, inode=128, rec_len=65544, size=1024 fake=0
[ 1190.042093][T11766] EXT4-fs (loop2): Remounting filesystem read-only
[ 1190.220811][T11783] ext4 filesystem being mounted at /198/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1190.232335][T11783] FAULT_INJECTION: forcing a failure.
[ 1190.232335][T11783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1190.245618][T11783] CPU: 1 UID: 0 PID: 11783 Comm: syz.3.12631 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1190.245690][T11783] Tainted: [W]=WARN
[ 1190.245697][T11783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1190.245710][T11783] Call Trace:
[ 1190.245717][T11783]  <TASK>
[ 1190.245724][T11783]  __dump_stack+0x1d/0x30
[ 1190.245749][T11783]  dump_stack_lvl+0x95/0xd0
[ 1190.245787][T11783]  dump_stack+0x15/0x1b
[ 1190.245879][T11783]  should_fail_ex+0x265/0x280
[ 1190.245901][T11783]  should_fail+0xb/0x20
[ 1190.246022][T11783]  should_fail_usercopy+0x1a/0x20
[ 1190.246058][T11783]  _copy_from_user+0x1c/0xb0
[ 1190.246084][T11783]  do_handle_open+0x6d/0x710
[ 1190.246176][T11783]  __x64_sys_open_by_handle_at+0x44/0x50
[ 1190.246202][T11783]  x64_sys_call+0x2b6a/0x3000
[ 1190.246225][T11783]  do_syscall_64+0xca/0x2b0
[ 1190.246306][T11783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1190.246474][T11783] RIP: 0033:0x7f14da0df749
[ 1190.246488][T11783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1190.246504][T11783] RSP: 002b:00007f14d8b47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 1190.246521][T11783] RAX: ffffffffffffffda RBX: 00007f14da335fa0 RCX: 00007f14da0df749
[ 1190.246533][T11783] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000005
[ 1190.246579][T11783] RBP: 00007f14d8b47090 R08: 0000000000000000 R09: 0000000000000000
[ 1190.246590][T11783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1190.246601][T11783] R13: 00007f14da336038 R14: 00007f14da335fa0 R15: 00007ffcb96809e8
[ 1190.246618][T11783]  </TASK>
[ 1190.575727][T11792] EXT4-fs: Ignoring removed oldalloc option
[ 1190.589384][T11792] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.12634: Parent and EA inode have the same ino 15
[ 1190.607748][T11792] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.12634: Parent and EA inode have the same ino 15
[ 1190.621205][T11792] EXT4-fs (loop5): 1 orphan inode deleted
[ 1190.649201][T11797] vfat: Unknown parameter 'roset'
[ 1190.862585][T11808] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1190.883687][T11808] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1190.900510][T11808] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #18: comm syz.5.12640: corrupted inode contents
[ 1190.912827][T11808] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #18: comm syz.5.12640: mark_inode_dirty error
[ 1190.924563][T11808] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #18: comm syz.5.12640: corrupted inode contents
[ 1190.936853][T11808] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3000: inode #18: comm syz.5.12640: mark_inode_dirty error
[ 1190.949110][T11808] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3003: inode #18: comm syz.5.12640: mark inode dirty (error -117)
[ 1190.962250][T11808] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -117)
[ 1191.050090][T11813] EXT4-fs: Ignoring removed oldalloc option
[ 1191.062095][T11813] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.12641: Parent and EA inode have the same ino 15
[ 1191.083623][T11813] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.12641: Parent and EA inode have the same ino 15
[ 1191.107813][T11813] EXT4-fs (loop1): 1 orphan inode deleted
[ 1191.109613][T11826] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1191.134848][T11828] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1191.155037][T10787] EXT4-fs unmount: 89 callbacks suppressed
[ 1191.155077][T10787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1191.171075][T25442] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1191.176799][T10987] Bluetooth: hci0: command 0x1003 tx timeout
[ 1191.286986][T11789] delete_channel: no stack
[ 1191.291958][T11844] netlink: 1048 bytes leftover after parsing attributes in process `syz.2.12654'.
[ 1191.323130][T11848] netlink: 'syz.2.12655': attribute type 10 has an invalid length.
[ 1191.448974][T11859] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1 sclass=netlink_xfrm_socket pid=11859 comm=syz.3.12660
[ 1191.463008][T11860] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1191.477763][T11860] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1191.505654][T10566] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1191.571908][T11873] netlink: 'syz.2.12666': attribute type 10 has an invalid length.
[ 1191.645484][T11881] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1191.652632][T11881] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.12670: Failed to acquire dquot type 1
[ 1191.665253][T11881] EXT4-fs (loop2): 1 truncate cleaned up
[ 1191.671539][T11881] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1191.710103][T10566] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1191.804891][T11886] EXT4-fs: Ignoring removed oldalloc option
[ 1191.818389][T11886] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12672: Parent and EA inode have the same ino 15
[ 1191.837437][T11886] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.12672: Parent and EA inode have the same ino 15
[ 1191.850529][T11886] EXT4-fs (loop2): 1 orphan inode deleted
[ 1191.856909][T11886] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1191.971136][T10566] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1192.055316][T11892] EXT4-fs: Ignoring removed oldalloc option
[ 1192.086199][T11892] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.12673: Parent and EA inode have the same ino 15
[ 1192.115717][T11908] netlink: 'syz.1.12679': attribute type 10 has an invalid length.
[ 1192.141557][T11892] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.12673: Parent and EA inode have the same ino 15
[ 1192.159609][T11892] EXT4-fs (loop4): 1 orphan inode deleted
[ 1192.161355][T11908] team0 (unregistering): Port device team_slave_0 removed
[ 1192.175908][T11908] team0 (unregistering): Port device team_slave_1 removed
[ 1192.177674][T11892] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1192.236772][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1192.345657][T11918] EXT4-fs: Ignoring removed oldalloc option
[ 1192.357603][T11918] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.12684: Parent and EA inode have the same ino 15
[ 1192.379405][T11918] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.12684: Parent and EA inode have the same ino 15
[ 1192.393078][T11918] EXT4-fs (loop4): 1 orphan inode deleted
[ 1192.409531][T11918] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1192.434123][   T29] kauditd_printk_skb: 3038 callbacks suppressed
[ 1192.434143][   T29] audit: type=1326 audit(1768399100.163:253763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11917 comm="syz.4.12684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feb69fcdf90 code=0x7ffc0000
[ 1192.464307][   T29] audit: type=1326 audit(1768399100.163:253764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11917 comm="syz.4.12684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7feb69fce497 code=0x7ffc0000
[ 1192.488626][   T29] audit: type=1326 audit(1768399100.163:253765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11917 comm="syz.4.12684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feb69fcdf90 code=0x7ffc0000
[ 1192.512666][   T29] audit: type=1326 audit(1768399100.163:253766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11917 comm="syz.4.12684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69fcf749 code=0x7ffc0000
[ 1192.536489][   T29] audit: type=1326 audit(1768399100.163:253767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11917 comm="syz.4.12684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69fcf749 code=0x7ffc0000
[ 1192.560517][   T29] audit: type=1326 audit(1768399100.163:253768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11917 comm="syz.4.12684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7feb69fcf749 code=0x7ffc0000
[ 1192.584346][   T29] audit: type=1326 audit(1768399100.163:253769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11917 comm="syz.4.12684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69fcf749 code=0x7ffc0000
[ 1192.608663][   T29] audit: type=1326 audit(1768399100.163:253770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11917 comm="syz.4.12684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69fcf749 code=0x7ffc0000
[ 1192.644707][   T29] audit: type=1326 audit(1768399100.258:253771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11917 comm="syz.4.12684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7feb69fcf749 code=0x7ffc0000
[ 1192.668676][   T29] audit: type=1326 audit(1768399100.258:253772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11917 comm="syz.4.12684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69fcf749 code=0x7ffc0000
[ 1192.726184][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1192.777233][T11936] EXT4-fs: Ignoring removed oldalloc option
[ 1192.790647][T11936] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.12689: Parent and EA inode have the same ino 15
[ 1192.803749][T11946]  loop2: p1 p3 p4
[ 1192.811107][T11936] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.12689: Parent and EA inode have the same ino 15
[ 1192.826190][T11946] loop2: p4 size 589824 extends beyond EOD, truncated
[ 1192.841692][T11936] EXT4-fs (loop1): 1 orphan inode deleted
[ 1192.857365][T11936] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1192.955460][T11952] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1192.971431][T11952] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1193.019294][ T9763] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1193.042096][T10787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1193.046782][T11958] set_capacity_and_notify: 24 callbacks suppressed
[ 1193.046827][T11958] loop2: detected capacity change from 0 to 512
[ 1193.103039][T11963] loop4: detected capacity change from 0 to 1024
[ 1193.110570][T11963] EXT4-fs: inline encryption not supported
[ 1193.126423][T11965] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12700'.
[ 1193.131120][T11963] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1193.156362][T11965] pimreg: entered allmulticast mode
[ 1193.171590][T11965] pimreg: left allmulticast mode
[ 1193.207918][T11963] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12697'.
[ 1193.238400][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1193.335186][T11979] FAULT_INJECTION: forcing a failure.
[ 1193.335186][T11979] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1193.348539][T11979] CPU: 1 UID: 0 PID: 11979 Comm: syz.4.12705 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1193.348581][T11979] Tainted: [W]=WARN
[ 1193.348591][T11979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1193.348664][T11979] Call Trace:
[ 1193.348670][T11979]  <TASK>
[ 1193.348680][T11979]  __dump_stack+0x1d/0x30
[ 1193.348715][T11979]  dump_stack_lvl+0x95/0xd0
[ 1193.348744][T11979]  dump_stack+0x15/0x1b
[ 1193.348797][T11979]  should_fail_ex+0x265/0x280
[ 1193.348820][T11979]  should_fail+0xb/0x20
[ 1193.348924][T11979]  should_fail_usercopy+0x1a/0x20
[ 1193.348954][T11979]  _copy_from_user+0x1c/0xb0
[ 1193.349031][T11979]  ___sys_sendmsg+0xc1/0x1d0
[ 1193.349088][T11979]  __x64_sys_sendmsg+0xd4/0x160
[ 1193.349126][T11979]  x64_sys_call+0x17ba/0x3000
[ 1193.349216][T11979]  do_syscall_64+0xca/0x2b0
[ 1193.349252][T11979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.349276][T11979] RIP: 0033:0x7feb69fcf749
[ 1193.349295][T11979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1193.349391][T11979] RSP: 002b:00007feb68a37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1193.349452][T11979] RAX: ffffffffffffffda RBX: 00007feb6a225fa0 RCX: 00007feb69fcf749
[ 1193.349465][T11979] RDX: 0000000000004050 RSI: 0000200000000180 RDI: 0000000000000003
[ 1193.349478][T11979] RBP: 00007feb68a37090 R08: 0000000000000000 R09: 0000000000000000
[ 1193.349493][T11979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1193.349510][T11979] R13: 00007feb6a226038 R14: 00007feb6a225fa0 R15: 00007ffe2c0fee48
[ 1193.349536][T11979]  </TASK>
[ 1193.586534][T11983] loop4: detected capacity change from 0 to 1024
[ 1193.595607][T11986] loop3: detected capacity change from 0 to 128
[ 1193.602861][T11983] EXT4-fs: Ignoring removed oldalloc option
[ 1193.620220][T11986] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1193.645724][T11986] ext4 filesystem being mounted at /208/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1193.650196][T11983] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1193.670341][T11983] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1193.694927][T11983] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: comm syz.4.12706: lblock 0 mapped to illegal pblock 0 (length 6)
[ 1193.713929][ T8751] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1193.752649][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1193.794054][T11997] loop3: detected capacity change from 0 to 512
[ 1193.809446][T11999] loop4: detected capacity change from 0 to 1024
[ 1193.823981][T11999] EXT4-fs: inline encryption not supported
[ 1193.847960][T11999] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1193.849783][T12001] syz_tun: entered allmulticast mode
[ 1193.912334][T11999] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12712'.
[ 1193.928335][T12009] lo speed is unknown, defaulting to 1000
[ 1193.941053][T12009] lo speed is unknown, defaulting to 1000
[ 1193.960233][T12009] lo speed is unknown, defaulting to 1000
[ 1193.972105][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1194.036294][T12009] infiniband syz2: set active
[ 1194.041107][T12009] infiniband syz2: added lo
[ 1194.046026][T26009] lo speed is unknown, defaulting to 1000
[ 1194.058739][T12009] RDS/IB: syz2: added
[ 1194.062902][T25442] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1194.063487][T10987] Bluetooth: hci0: command 0x1003 tx timeout
[ 1194.070250][T12009] smc: adding ib device syz2 with port count 1
[ 1194.082606][T12009] smc:    ib device syz2 port 1 has no pnetid
[ 1194.089234][T26009] lo speed is unknown, defaulting to 1000
[ 1194.095488][T12009] lo speed is unknown, defaulting to 1000
[ 1194.140141][T12009] lo speed is unknown, defaulting to 1000
[ 1194.191622][T12009] lo speed is unknown, defaulting to 1000
[ 1194.198043][T12024] loop2: detected capacity change from 0 to 512
[ 1194.215011][T12024] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1194.240125][T12021] lo speed is unknown, defaulting to 1000
[ 1194.249608][T12024] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1194.263912][T12022] loop4: detected capacity change from 0 to 256
[ 1194.270930][T12022] vfat: Unknown parameter 'roset'
[ 1194.279563][T12024] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1194.307841][T10566] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1194.333868][T12009] lo speed is unknown, defaulting to 1000
[ 1194.361871][T12030] loop2: detected capacity change from 0 to 128
[ 1194.371574][T12030] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1194.384145][T12030] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1194.429769][T12009] lo speed is unknown, defaulting to 1000
[ 1194.438092][T10566] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1194.484193][T12009] lo speed is unknown, defaulting to 1000
[ 1194.505502][T12038] loop2: detected capacity change from 0 to 256
[ 1194.513490][T12038] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1194.534833][T12009] lo speed is unknown, defaulting to 1000
[ 1194.627498][T12000] syz_tun: left allmulticast mode
[ 1194.643036][T12045] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12726'.
[ 1194.667941][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[ 1194.676065][   T23] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1194.703999][T12045] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1194.742466][T12047] EXT4-fs: Ignoring removed oldalloc option
[ 1194.754534][T12047] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.12727: Parent and EA inode have the same ino 15
[ 1194.770115][T12047] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.12727: Parent and EA inode have the same ino 15
[ 1194.783205][T12047] EXT4-fs (loop5): 1 orphan inode deleted
[ 1194.789645][T12047] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1194.818314][T12017] delete_channel: no stack
[ 1194.839669][T30121] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1194.872975][T10084] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1194.931978][T12063] netlink: 132 bytes leftover after parsing attributes in process `syz.5.12732'.
[ 1194.975127][T12069] siw: device registration error -23
[ 1194.981926][T12068] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1195.070262][T12080] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1195.076724][T12080] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[ 1195.085375][T12080] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1195.100040][T12080] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.12740: attempt to clear invalid blocks 2 len 1
[ 1195.114284][T12080] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12740: invalid indirect mapped block 1819239214 (level 0)
[ 1195.128863][T12080] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12740: invalid indirect mapped block 1819239214 (level 1)
[ 1195.146656][T12080] EXT4-fs (loop5): 1 truncate cleaned up
[ 1195.153710][T12080] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1195.167768][T12080] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[ 1195.177780][T12080] EXT4-fs error (device loop5): __ext4_remount:6789: comm syz.5.12740: Abort forced by user
[ 1195.188499][T12080] EXT4-fs (loop5): Remounting filesystem read-only
[ 1195.195040][T12080] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1195.203768][T12080] netlink: 40 bytes leftover after parsing attributes in process `syz.5.12740'.
[ 1195.223263][T10084] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1195.259996][T12084] EXT4-fs: Ignoring removed oldalloc option
[ 1195.273213][T12084] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.12741: Parent and EA inode have the same ino 15
[ 1195.290650][T12084] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.12741: Parent and EA inode have the same ino 15
[ 1195.300734][T12093] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1195.305766][T12084] EXT4-fs (loop1): 1 orphan inode deleted
[ 1195.309431][T12093] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[ 1195.324177][T12084] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1195.333743][T12093] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1195.352099][T12093] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.12744: attempt to clear invalid blocks 2 len 1
[ 1195.365898][T12093] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12744: invalid indirect mapped block 1819239214 (level 0)
[ 1195.380455][T12093] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12744: invalid indirect mapped block 1819239214 (level 1)
[ 1195.395712][T12093] EXT4-fs (loop5): 1 truncate cleaned up
[ 1195.402036][T12093] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1195.419766][T12093] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[ 1195.429466][T12093] EXT4-fs error (device loop5): __ext4_remount:6789: comm syz.5.12744: Abort forced by user
[ 1195.442072][T12093] EXT4-fs (loop5): Remounting filesystem read-only
[ 1195.447425][T10787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1195.448815][T12093] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1195.468774][T12093] netlink: 40 bytes leftover after parsing attributes in process `syz.5.12744'.
[ 1195.488822][T10084] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1195.501208][T10566] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1195.523685][T12098] siw: device registration error -23
[ 1195.587676][T12112] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1195.594095][T12112] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[ 1195.603238][T12112] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1195.618133][T12112] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.12752: attempt to clear invalid blocks 2 len 1
[ 1195.631451][T12112] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12752: invalid indirect mapped block 1819239214 (level 0)
[ 1195.646449][T12112] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12752: invalid indirect mapped block 1819239214 (level 1)
[ 1195.661119][T12112] EXT4-fs (loop5): 1 truncate cleaned up
[ 1195.667422][T12112] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1195.681401][T12112] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[ 1195.691017][T12112] EXT4-fs error (device loop5): __ext4_remount:6789: comm syz.5.12752: Abort forced by user
[ 1195.701935][T12112] EXT4-fs (loop5): Remounting filesystem read-only
[ 1195.708506][T12112] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1195.717286][T12112] netlink: 40 bytes leftover after parsing attributes in process `syz.5.12752'.
[ 1195.736398][T10084] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1195.827462][T12104] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[ 1195.844690][T12104] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1195.844690][T12104]    program syz.2.12749 not setting count and/or reply_len properly
[ 1195.869286][T12129] FAULT_INJECTION: forcing a failure.
[ 1195.869286][T12129] name failslab, interval 1, probability 0, space 0, times 0
[ 1195.882212][T12129] CPU: 0 UID: 0 PID: 12129 Comm: syz.5.12757 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1195.882275][T12129] Tainted: [W]=WARN
[ 1195.882285][T12129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1195.882302][T12129] Call Trace:
[ 1195.882311][T12129]  <TASK>
[ 1195.882322][T12129]  __dump_stack+0x1d/0x30
[ 1195.882426][T12129]  dump_stack_lvl+0x95/0xd0
[ 1195.882456][T12129]  dump_stack+0x15/0x1b
[ 1195.882475][T12129]  should_fail_ex+0x265/0x280
[ 1195.882515][T12129]  should_failslab+0x8c/0xb0
[ 1195.882543][T12129]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[ 1195.882602][T12129]  __kmalloc_cache_noprof+0x65/0x4c0
[ 1195.882626][T12129]  ? percpu_ref_init+0x9c/0x250
[ 1195.882648][T12129]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[ 1195.882677][T12129]  percpu_ref_init+0x9c/0x250
[ 1195.882779][T12129]  io_ring_ctx_alloc+0x1b4/0x660
[ 1195.882860][T12129]  io_uring_create+0x50/0x4e0
[ 1195.882896][T12129]  ? memchr_inv+0x30/0x2e0
[ 1195.882924][T12129]  __se_sys_io_uring_setup+0x1be/0x1d0
[ 1195.882971][T12129]  __x64_sys_io_uring_setup+0x31/0x40
[ 1195.883009][T12129]  x64_sys_call+0x244c/0x3000
[ 1195.883036][T12129]  do_syscall_64+0xca/0x2b0
[ 1195.883081][T12129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.883150][T12129] RIP: 0033:0x7fe252b1f749
[ 1195.883171][T12129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1195.883195][T12129] RSP: 002b:00007fe25157efc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1195.883221][T12129] RAX: ffffffffffffffda RBX: 00007fe252d75fa0 RCX: 00007fe252b1f749
[ 1195.883237][T12129] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000116
[ 1195.883254][T12129] RBP: 0000200000000340 R08: 0000000000000000 R09: 0000000000000000
[ 1195.883324][T12129] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 1195.883340][T12129] R13: 0000000000000000 R14: 0000000000000116 R15: 0000000000000000
[ 1195.883364][T12129]  </TASK>
[ 1195.890545][T12131] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12758'.
[ 1196.007108][ T1040] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[ 1196.056928][T12115] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[ 1196.073897][ T1040] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1196.096727][T12108] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1196.096727][T12108]    program syz.1.12750 not setting count and/or reply_len properly
[ 1196.101800][T12131] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1196.181254][T12142] netlink: 132 bytes leftover after parsing attributes in process `syz.5.12761'.
[ 1196.212604][T12144] EXT4-fs: inline encryption not supported
[ 1196.227248][T12144] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1196.244728][T12144] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12762'.
[ 1196.253868][T12144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1196.265988][T12144] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1196.342271][T10084] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1196.379071][T12150] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1196.385565][T12150] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[ 1196.394391][T12150] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1196.409213][T12150] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.12764: attempt to clear invalid blocks 2 len 1
[ 1196.422759][T12150] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12764: invalid indirect mapped block 1819239214 (level 0)
[ 1196.437329][T12150] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.12764: invalid indirect mapped block 1819239214 (level 1)
[ 1196.452802][T12150] EXT4-fs (loop5): 1 truncate cleaned up
[ 1196.458958][T12150] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1196.471987][T10566] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[ 1196.481045][T12150] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[ 1196.490991][T12150] EXT4-fs error (device loop5): __ext4_remount:6789: comm syz.5.12764: Abort forced by user
[ 1196.502623][T12150] EXT4-fs (loop5): Remounting filesystem read-only
[ 1196.509175][T12150] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1196.518375][T12150] netlink: 20 bytes leftover after parsing attributes in process `syz.5.12764'.
[ 1196.531152][T12153] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1196.539689][T12153] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1196.549409][T10084] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1196.565234][T12153] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1196.578088][T12153] ext4 filesystem being mounted at /116/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1196.610974][T12153] netlink: 14 bytes leftover after parsing attributes in process `syz.2.12765'.
[ 1196.656098][T10787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[ 1196.707376][T12162] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1196.732059][T12162] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1196.752929][T12162] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1196.753240][T12158] ==================================================================
[ 1196.771456][T12158] BUG: KCSAN: data-race in data_alloc / prb_reserve
[ 1196.778122][T12158] 
[ 1196.780534][T12158] write to 0xffffffff868889d8 of 8 bytes by task 12162 on cpu 1:
[ 1196.788375][T12158]  data_alloc+0x31c/0x390
[ 1196.792762][T12158]  prb_reserve+0x8d7/0xad0
[ 1196.797218][T12158]  vprintk_store+0x53c/0x830
[ 1196.801857][T12158]  vprintk_emit+0x15a/0x5c0
[ 1196.806408][T12158]  vprintk_default+0x26/0x30
[ 1196.811058][T12158]  vprintk+0x1d/0x30
[ 1196.814995][T12158]  _printk+0x79/0xa0
[ 1196.818947][T12158]  mnt_warn_timestamp_expiry+0x1c3/0x200
[ 1196.824617][T12158]  do_new_mount+0x31b/0x6a0
[ 1196.829139][T12158]  path_mount+0x4ab/0xb80
[ 1196.833591][T12158]  __se_sys_mount+0x28c/0x2e0
[ 1196.838287][T12158]  __x64_sys_mount+0x67/0x80
[ 1196.842908][T12158]  x64_sys_call+0x2cca/0x3000
[ 1196.847617][T12158]  do_syscall_64+0xca/0x2b0
[ 1196.852166][T12158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.858102][T12158] 
[ 1196.860536][T12158] read to 0xffffffff868889d8 of 8 bytes by task 12158 on cpu 0:
[ 1196.868185][T12158]  prb_reserve+0x207/0xad0
[ 1196.872638][T12158]  vprintk_store+0x53c/0x830
[ 1196.877441][T12158]  vprintk_emit+0x15a/0x5c0
[ 1196.882156][T12158]  vprintk_default+0x26/0x30
[ 1196.886779][T12158]  vprintk+0x1d/0x30
[ 1196.890699][T12158]  _printk+0x79/0xa0
[ 1196.894617][T12158]  __ext4_msg+0x135/0x1a0
[ 1196.898966][T12158]  ext4_check_opt_consistency+0xb05/0xb10
[ 1196.904706][T12158]  ext4_fill_super+0x1b06/0x37a0
[ 1196.909662][T12158]  get_tree_bdev_flags+0x291/0x300
[ 1196.914791][T12158]  get_tree_bdev+0x1f/0x30
[ 1196.919229][T12158]  ext4_get_tree+0x1c/0x30
[ 1196.923766][T12158]  vfs_get_tree+0x57/0x1d0
[ 1196.928208][T12158]  do_new_mount+0x24d/0x6a0
[ 1196.932733][T12158]  path_mount+0x4ab/0xb80
[ 1196.937105][T12158]  __se_sys_mount+0x28c/0x2e0
[ 1196.941876][T12158]  __x64_sys_mount+0x67/0x80
[ 1196.946569][T12158]  x64_sys_call+0x2cca/0x3000
[ 1196.951299][T12158]  do_syscall_64+0xca/0x2b0
[ 1196.955849][T12158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.961866][T12158] 
[ 1196.964309][T12158] value changed: 0x0000000000186d30 -> 0x0000000000232d70
[ 1196.971455][T12158] 
[ 1196.973809][T12158] Reported by Kernel Concurrency Sanitizer on:
[ 1196.979977][T12158] CPU: 0 UID: 0 PID: 12158 Comm: syz.5.12767 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1196.992086][T12158] Tainted: [W]=WARN
[ 1196.995922][T12158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1197.006233][T12158] ==================================================================
[ 1196.752937][T12158] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1197.017965][T10987] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1197.024110][T25442] Bluetooth: hci0: command 0x1003 tx timeout
[ 1197.031612][ T9763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1197.048157][T10787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1197.058842][T12158] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1197.071704][T12158] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1197.093554][T12158] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #18: comm syz.5.12767: corrupted inode contents
[ 1197.106140][T12158] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #18: comm syz.5.12767: mark_inode_dirty error
[ 1197.118460][T12158] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #18: comm syz.5.12767: corrupted inode contents
[ 1197.131187][T12158] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3000: inode #18: comm syz.5.12767: mark_inode_dirty error
[ 1197.143723][T12158] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3003: inode #18: comm syz.5.12767: mark inode dirty (error -117)
[ 1197.156729][T12158] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -117)
[ 1197.212327][T10084] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1197.310964][T10566] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.