last executing test programs:

1m11.360129781s ago: executing program 2 (id=3):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x800714, &(0x7f0000000000), 0xff, 0x4a7, &(0x7f0000000280)="$eJzs3M9rHFUcAPDv7OZHfyfWWm1tdbWKxR9Jk1btwYOKggcFQQ/1GJO01mwbaSLYEjQVqUcpeBePgn+BNy+iHkTwquBRCkWD0NRTZHZm2s1mkyZpkm2znw9s9r35se99Z+btvpmXmQDaViX9k0TsiIjfI6Iny85foJK9zc5MDV+fmRpOYm7urb+T2nLXZqaGi0WL9bbnmcOliNJnSbyYLCx34vyFsaFqdfRcnu+fPPNB/8T5C8+cPjN0avTU6NnB48ePHR14/rnBZ9ckzjSua/s/Hj+w77V3Lr8xfOLyuz99m1Zr78Fsfn0ct3S9SUBNVNKt9s9cTeO8x1dQ97vBzrp00tHCirAi5YhId1dnrf33RDlu7ryeePXTllYOWFfpb1P34rOn54BNLIlW1wBojeKHPj3/LV4b1PW4I1x9KaIrT8/OTA3P3oi/I0r59M51LL8SESem//sqfcVKr0MAAKxCrW/zdLP+Xyn21t6zsY5d+RhKb0TcExG7I+LeiNgTEfdF1Ja9PyIeyFae61lm+ZWG/ML+T+lK0zqvkbT/90Jd32+2Lv78rbec53bW4u9MTp6ujh7Jt8nh6OxO8wNLlPH9K799sdi8+v5f+krLL/qCeQWudDRcoBsZmhxaq41w9WLE/o5m8Sc3RgLSI2BfROxf2UfvKhKnn/zmwGIL3Tr+JazBONPc1xFPZPt/OhriLyRLj0/2b4nq6JH+4qhY6OdfL72ZJ7sa591W/Gsg3f/b5h//+ZyL+XvPv0k2XtsZ1erouYmVl3Hpj88XPadZ7fHflbxdG7P+5b1s2kdDk5PnBiK6ktdr+WJD16YP3ly3yBfLp/EfPtS8/e/O10njfzAi0oP4YEQ8FBEP53V/JCIejYhDS8T/48uPvb9E/Ekk0dL9P9L0++/G8d+b1I/XryJRHvvhu/zTtiyMv5i01P4/FtO179pM7fvvFpZbwdvcfAAAAHBXKEXEjkhKfVm6siNKpb6+7H/498S2UnV8YvKpk+Mfnh3J7hHojc5ScaWrp+566EAynX9ilh/MrxUX84/m142/LG+t5fuGx6sjLY4d2t32+e0/ivaf+qvc6toB6879WtC+Gtt/qUX1ADbecn7/nQvA5tSk/W9tRT2Ajef8H9pXs/b/SUNe/x82p4Xt/88mj6wDNiP9f2hf2j+0L+0f2tJy7+LviojuiFj1QwDmJYqbBVa6evFFdWFsy7Lv8L/zEpV1+eTiiRfrWfmtcXNKlO6IjbmBifJYd8tKT1vMxhba5GE1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAd6H/AwAA///g6dxC")
creat(&(0x7f0000000380)='./bus\x00', 0x0)
perf_event_open$cgroup(&(0x7f0000000300)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x2, @perf_config_ext={0x675, 0x2}, 0x100000, 0xedc, 0x6, 0x8, 0x8000000000009, 0xfffffff9, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x9)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
open(&(0x7f00000006c0)='./file2\x00', 0x105142, 0x120)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x10000002}, 0x18)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x24, r8, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x8, 0x2a, [@perr={0x84, 0xffffffffffffff21}]}]}, 0x24}}, 0x0)

1m10.936116783s ago: executing program 2 (id=8):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x80, &(0x7f0000000000)={0xa, 0x4e23, 0x40000004, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_procfs(0x0, &(0x7f0000000340)='net/rt_acct\x00')
readv(r1, &(0x7f00000014c0)=[{&(0x7f0000000000)=""/22, 0x16}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r3)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000047409062c00070073797374656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f740e9830000800020000000000080004000000000014000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000000a00), 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r6)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000080)=@sr0, 0x0, &(0x7f0000000200)='./file0\x00')
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="90000000", @ANYRES16=r8, @ANYBLOB="0100000000000002000005000000180001801400020073797a5f74756e000000000000000000080005000a0f00005c0003800400010054000380"], 0x90}}, 0x0)

1m9.589385696s ago: executing program 2 (id=26):
r0 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0xdcd1, 0x0, 0x3, 0x72})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r1, &(0x7f0000002980)=[{{0x0, 0x0, &(0x7f0000000240)}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000900)="61506eb07117164bdb4ee7ac0a137512738cac7ddf83039c6483d716bcafc5c4f7feff3c5f7c8d0001000000000000aaf2f9e2b9dc15752fdb623d0008f673f7a04836a22be782e61cc35bdea0abd69a4726afa107f95b8922be17921a894c90310251c043c6ffce40aa34acd2ddccc0255708feca96f2563c7318556f4ef40d02bb5cb18f7534dee1acbf6ca8c6813a813970d9db3f7f9d07ce2f92c89bb71ca9a23d3d8bf9bf8eae0b2f6e07f62b1f1b8d33281a2be387f769f93a5bc2443016", 0xc1}], 0x1}}], 0x2, 0x480e0)
sendto$inet(r1, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x1}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x20000000000002a5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
ioctl$MON_IOCT_RING_SIZE(r3, 0x9204, 0x6a1e)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
cachestat(r4, &(0x7f0000000500)={0xfffffffffffffffe, 0x6}, &(0x7f0000000540), 0x0)
shmctl$SHM_STAT(0x0, 0xd, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000428bd7000fddbdf2513000000050029000a00000006001a010300000006001000a81700000600b50068040000"], 0x34}, 0x1, 0x0, 0x0, 0x4040000}, 0x2845)

1m9.537248461s ago: executing program 32 (id=26):
r0 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0xdcd1, 0x0, 0x3, 0x72})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r1, &(0x7f0000002980)=[{{0x0, 0x0, &(0x7f0000000240)}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000900)="61506eb07117164bdb4ee7ac0a137512738cac7ddf83039c6483d716bcafc5c4f7feff3c5f7c8d0001000000000000aaf2f9e2b9dc15752fdb623d0008f673f7a04836a22be782e61cc35bdea0abd69a4726afa107f95b8922be17921a894c90310251c043c6ffce40aa34acd2ddccc0255708feca96f2563c7318556f4ef40d02bb5cb18f7534dee1acbf6ca8c6813a813970d9db3f7f9d07ce2f92c89bb71ca9a23d3d8bf9bf8eae0b2f6e07f62b1f1b8d33281a2be387f769f93a5bc2443016", 0xc1}], 0x1}}], 0x2, 0x480e0)
sendto$inet(r1, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x1}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x20000000000002a5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
ioctl$MON_IOCT_RING_SIZE(r3, 0x9204, 0x6a1e)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
cachestat(r4, &(0x7f0000000500)={0xfffffffffffffffe, 0x6}, &(0x7f0000000540), 0x0)
shmctl$SHM_STAT(0x0, 0xd, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000428bd7000fddbdf2513000000050029000a00000006001a010300000006001000a81700000600b50068040000"], 0x34}, 0x1, 0x0, 0x0, 0x4040000}, 0x2845)

3.302376765s ago: executing program 0 (id=922):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000002000000000000000017020000006c0000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ffffffc}, 0x94)
fsopen(&(0x7f0000000100)='cgroup2\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r1=>0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
io_setup(0x239f, &(0x7f0000000380)=<r4=>0x0)
r5 = eventfd2(0x5, 0x1)
io_submit(r4, 0x2, &(0x7f00000000c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x6, r5, 0x0, 0x0, 0x800002, 0x0, 0x0, r5}, &(0x7f0000000100)={0x0, 0x0, 0x8000000, 0x3, 0x0, r5, 0x0, 0x21, 0x0, 0x0, 0x3, r5}])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getsockopt$PNPIPE_IFINDEX(r3, 0x113, 0x2, &(0x7f00000002c0)=<r6=>0x0, &(0x7f00000003c0)=0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_tracing={0x1a, 0x1, &(0x7f0000000000)=@raw=[@exit], &(0x7f0000000240)='syzkaller\x00', 0x2, 0x0, &(0x7f0000000280), 0x1e00, 0x46, '\x00', r6, 0x0, r3, 0x8, &(0x7f0000000400)={0x0, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x17287, r2, 0x6, &(0x7f0000000440)=[r3], &(0x7f00000004c0)=[{0x3, 0x3, 0x4000009, 0xb}, {0x1, 0x5, 0x6, 0x7}, {0x2, 0x1, 0x4, 0xc}, {0x5, 0x1, 0xb, 0x7}, {0x1, 0x4, 0x7, 0x9}, {0x1, 0x2, 0x4, 0xc}], 0x10, 0x6}, 0x94)
sched_setscheduler(0x0, 0x2, 0x0)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r8=>0x0)
r9 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
flock(r9, 0x2)
open(&(0x7f0000000300)='.\x00', 0x102000, 0x0)
r10 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
flock(r10, 0x2)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r8, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
getsockopt$MRT(0xffffffffffffffff, 0x0, 0xd0, 0x0, 0x0)
io_setup(0x20, &(0x7f0000001140))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x200000000}, 0x18)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)
syz_emit_ethernet(0x56, &(0x7f0000000880)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000000000e020000a01601000040136e1c901ef74d257ee5bc62a9fe87bc32531d5e063491580000722684ed65b65004ba261ac8a29b6bf211063987158400000001000000130000000000f07f"], 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r1, 0x25, 0xa, @val=@netfilter={0x3, 0x0, 0xfffffffe}}, 0x20)

2.314781693s ago: executing program 4 (id=927):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000006040)=ANY=[@ANYBLOB="84010000", @ANYRES16, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088058010c8054000b80080009"], 0x184}}, 0x0)
sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000400)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000003c0)={&(0x7f0000000b00)={0x120, 0x0, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xf77e1e0}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0xbc, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa7}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1ec61442}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6f2a69e1}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x65cd77a}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x34750549}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3bb4fce6}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x83}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6271b96a}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x1c}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x553bc307}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6d9a28c0}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x8e77317}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6faf5af7}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x92}]}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x34}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2bc437b2}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6c4cf939}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x139b2d9d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x239ea6f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x30}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6c}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x7}, {0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}]}]}, 0x120}, 0x1, 0x0, 0x0, 0xb8f353b5faaac1fb}, 0x40000)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1200004, &(0x7f0000000100), 0x1, 0x599, &(0x7f0000000540)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r4)
r6 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPIOCSFLAGS(r6, 0x40047459, &(0x7f00000002c0)=0x8581008)
sendmsg$IEEE802154_ADD_IFACE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01022dbd7000ffdb652520e7000109001f0070687931000000000a0001007770616e33000000050020"], 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x70, r5, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x9}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0xa}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x3}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0xc}]}, 0x70}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x18)
r8 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
fallocate(r8, 0x0, 0x0, 0x1000f4)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x10)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d)
sendfile(r10, r9, 0x0, 0x7ffff000)
r11 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r11, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000009500)={0x0, 0x0, &(0x7f00000094c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="010029bd7000fbdbdf252b00000008000200", @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)

2.260117518s ago: executing program 0 (id=928):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010814)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
close(r0)

2.058659778s ago: executing program 4 (id=932):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x10001, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x2006}, 0x1c)
r1 = syz_usbip_server_init(0x3)
write$usbip_server(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x39)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000038c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000003900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES16=r2], 0xc4}}, 0x40)

1.992533034s ago: executing program 0 (id=933):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
bind$unix(r1, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
close_range(r0, 0xffffffffffffffff, 0x0)

1.900642503s ago: executing program 0 (id=934):
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001c00010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a808682b7fc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000023f0000000e0a010200000000000000000a0000000900010073797a310000000009000200"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1.722335321s ago: executing program 0 (id=936):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000002000000000000000017020000006c0000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ffffffc}, 0x94)
fsopen(&(0x7f0000000100)='cgroup2\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r1=>0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
io_setup(0x239f, &(0x7f0000000380)=<r4=>0x0)
r5 = eventfd2(0x5, 0x1)
io_submit(r4, 0x2, &(0x7f00000000c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x6, r5, 0x0, 0x0, 0x800002, 0x0, 0x0, r5}, &(0x7f0000000100)={0x0, 0x0, 0x8000000, 0x3, 0x0, r5, 0x0, 0x21, 0x0, 0x0, 0x3, r5}])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getsockopt$PNPIPE_IFINDEX(r3, 0x113, 0x2, &(0x7f00000002c0)=<r6=>0x0, &(0x7f00000003c0)=0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_tracing={0x1a, 0x1, &(0x7f0000000000)=@raw=[@exit], &(0x7f0000000240)='syzkaller\x00', 0x2, 0x0, &(0x7f0000000280), 0x1e00, 0x46, '\x00', r6, 0x0, r3, 0x8, &(0x7f0000000400)={0x0, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x17287, r2, 0x6, &(0x7f0000000440)=[r3], &(0x7f00000004c0)=[{0x3, 0x3, 0x4000009, 0xb}, {0x1, 0x5, 0x6, 0x7}, {0x2, 0x1, 0x4, 0xc}, {0x5, 0x1, 0xb, 0x7}, {0x1, 0x4, 0x7, 0x9}, {0x1, 0x2, 0x4, 0xc}], 0x10, 0x6}, 0x94)
sched_setscheduler(0x0, 0x2, 0x0)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r8=>0x0)
r9 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
flock(r9, 0x2)
open(&(0x7f0000000300)='.\x00', 0x102000, 0x0)
r10 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
flock(r10, 0x2)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r8, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
getsockopt$MRT(0xffffffffffffffff, 0x0, 0xd0, 0x0, 0x0)
io_setup(0x20, &(0x7f0000001140))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x200000000}, 0x18)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r1, 0x25, 0xa, @val=@netfilter={0x3, 0x0, 0xfffffffe}}, 0x20)

1.693393094s ago: executing program 3 (id=937):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x20000000000000b3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x20d00, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
acct(&(0x7f0000000040)='./file0\x00')

1.11851955s ago: executing program 3 (id=938):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x2000008, 0x0, {0x0, 0x0, 0x3f, r1, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)

1.065526146s ago: executing program 3 (id=939):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000280)={0xfffffffc, 0x0, {0x3, 0x0, 0x0, 0x0, 0x93a3}})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x14, &(0x7f0000000280)=ANY=[@ANYRESHEX=r0, @ANYRES16=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x8, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$kcm(0x10, 0x400000002, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x4, 0x0, r5, 0x0, 0x0, 0x1, 0x0, 0x1})
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x2, 0x0, 0x0)
r6 = io_uring_setup(0x54b8, &(0x7f0000000000)={0x0, 0x8eb2, 0x2, 0x2, 0xc0})
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r6, 0x12, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r6, 0x13, &(0x7f0000000400)=[0xe75c, 0x400008], 0x2)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000e00), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
r7 = creat(&(0x7f0000000000)='./file0\x00', 0x30)
connect$qrtr(r7, &(0x7f0000000080)={0x2a, 0x2, 0x4000}, 0xc)
socket(0x10, 0x3, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x6}, 0x1c)
connect$inet6(r8, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
sendto$inet6(r8, &(0x7f0000000000)="12", 0x1, 0x4040811, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r8, 0x6, 0x23, &(0x7f0000000340)={&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000400)=0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x8, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2, 0x0, 0x400007}, 0x18)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000040)={0x0, 0x1, 0xd0, 0x100000000})
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)

976.061224ms ago: executing program 1 (id=940):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)

954.341797ms ago: executing program 3 (id=941):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = io_uring_setup(0x1684, &(0x7f0000000ac0)={0x0, 0xdd95, 0x400, 0x0, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0xd0}}, './file1/file0\x00'})
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000400)={'sit0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000640)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000006800010000000000fbdbdf25020000000000000006000700040000000c000880050004000100000008000600f200000008000500", @ANYRES32=r6], 0x3c}, 0x1, 0x0, 0x0, 0x4402}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000001040)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001000)={&(0x7f0000001080)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002cbd7000ffdbdf25130000626f6e645f736c6176655f3000000000280001f6c590e72db5a2703f7161801400020064766d7270300000000000000000000008000100"/80, @ANYRES32=0x0, @ANYBLOB="08000300000000000c00018008000100", @ANYRES32=r6, @ANYBLOB], 0x60}}, 0x4000)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000340)=0x14)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000f40)={r2, 0x58, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f00000005c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB='~\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd7000fddbdf25010000003c00018008000600070000000800030000000000060005004e220000080006000100000008000300ffffffff08000300ac1e0101080003000a0101002c0001800800060010000000060001000700000008000700", @ANYRES32=r7, @ANYBLOB='\b\x00\a\x00', @ANYRES32=r8, @ANYBLOB="080003000a0101010800020000000000"], 0x84}, 0x1, 0x0, 0x0, 0x20008044}, 0x24040000)
fallocate(r2, 0x0, 0xbf5, 0x2000402)
r9 = socket(0x15, 0x5, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa20000020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r11 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$llc_int(r9, 0x10c, 0x9, &(0x7f0000000040)=0x3, 0x4)
setsockopt$SO_TIMESTAMPING(r11, 0x1, 0x41, &(0x7f00000000c0)=0x1831, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_access\x00', &(0x7f0000001440)=ANY=[@ANYBLOB="0200000001000000000000000400050000000000100000000000000020"], 0x24, 0x3)

907.463451ms ago: executing program 1 (id=943):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x20, 0x9400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x10001, 0x0, @perf_bp={0x0}, 0x100, 0xa88, 0x8406, 0x5, 0x101, 0x3c, 0xffff, 0x0, 0x0, 0x0, 0x46}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000002c0), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=@ipv6_newrule={0x2c, 0x20, 0x2d2c6d60ea1da725, 0x70bd29, 0x25dfdbfd, {0xa, 0x0, 0x0, 0xcd, 0xff, 0x0, 0x0, 0x1, 0x10002}, [@FIB_RULE_POLICY=@FRA_PRIORITY={0x8}, @FIB_RULE_POLICY=@FRA_FWMASK={0x8, 0x10, 0xb}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008081}, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x88)
sendmmsg$inet(r4, &(0x7f0000000b00)=[{{&(0x7f0000000100)={0x2, 0x4e20, @local}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000000)="c1", 0xfcf6}], 0x1}}], 0x1, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10)
connect$vsock_stream(r5, &(0x7f0000000600)={0x28, 0x0, 0x0, @local}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000009, 0x46031, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000004c0)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xff, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r6, &(0x7f0000000180), 0x40010)

842.960508ms ago: executing program 4 (id=944):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
bind$unix(r2, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
close_range(r1, 0xffffffffffffffff, 0x0)

773.273084ms ago: executing program 4 (id=947):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
gettid()
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r1}, 0x18)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r2, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)

745.204757ms ago: executing program 0 (id=948):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000040000000400000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r4, 0x0, 0x100}, 0x18)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffff9, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)

712.51929ms ago: executing program 5 (id=949):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x20000000000000b3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20d00, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
acct(0x0)

711.975501ms ago: executing program 1 (id=950):
move_pages(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000000), 0x0)

650.911016ms ago: executing program 1 (id=951):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c0002400000000000000001090001"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6(0xa, 0x2, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
fchmod(r2, 0x64)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000000)={0x6}, 0x1)
setsockopt$inet6_udp_int(r1, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
recvmmsg(r1, &(0x7f0000000240), 0x80000dd, 0x10003, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x1}}, './file0\x00'})
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r3, 0xf503, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x8000)

615.91333ms ago: executing program 1 (id=952):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x10001, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x2006}, 0x1c)
r1 = syz_usbip_server_init(0x3)
write$usbip_server(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x39)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000038c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000003900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES16=r2], 0xc4}}, 0x40)

615.16212ms ago: executing program 4 (id=953):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000000)={[{@barrier_val={'barrier', 0x3d, 0x2}}, {@discard}]}, 0x1, 0x59d, &(0x7f00000005c0)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk")

557.265366ms ago: executing program 5 (id=954):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000380)}, {&(0x7f0000000000)="45e0", 0x2}], 0x2}, 0x40)

355.757976ms ago: executing program 3 (id=955):
move_pages(0x0, 0x0, 0x0, &(0x7f0000001180), &(0x7f0000000000), 0x0)

346.309337ms ago: executing program 5 (id=956):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000340)={0x100, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty, 0x10000}}}, 0x108)

230.950078ms ago: executing program 5 (id=957):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
gettid()
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r1}, 0x18)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r2, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)

192.066912ms ago: executing program 5 (id=958):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000340)={0x100, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty, 0x10000}}}, 0x108)

137.681557ms ago: executing program 5 (id=959):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873"], &(0x7f0000000100)='GPL\x00'}, 0x94)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x0, 0x14, 0x2009, 0x2}, 0x8, 0x7, 0x200, 0x0, 0xce2, 0x0, 0x0})
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757813"], 0x65)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f08000000480100100000000019002b000a0001000500000000000072080003001f00000000", 0x39}], 0x1)
mbind(&(0x7f000025f000/0x2000)=nil, 0x2000, 0x2, 0x0, 0x8, 0x0)
r2 = socket$inet6_sctp(0xa, 0x4, 0x84)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000200)={0x2, 0x4e22, @remote}, 0x10)
acct(&(0x7f00000001c0)='./file0\x00')
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000000)={<r4=>0x0, 0xb, 0x0, 0xfffffffffffffff3, 0x10}, &(0x7f0000000040)=0x18)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'veth1\x00'})
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000100)={r4, @in6={{0xa, 0x4e20, 0xf57, @empty, 0x6}}}, &(0x7f00000001c0)=0x84)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

30.370007ms ago: executing program 1 (id=960):
r0 = socket(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x204080, &(0x7f00000004c0), 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
r3 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0xe0)
syz_genetlink_get_family_id$tipc(0x0, r3)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x2400)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r4, 0xc0105303, &(0x7f0000000100)={0xeb, 0x5, 0x3})
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x2f)
getdents(r3, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
r6 = io_uring_setup(0x7a5e, &(0x7f0000000000)={0x0, 0x18c6, 0x8, 0x2, 0x53, 0x0, r5})
syz_io_uring_setup(0x306a, &(0x7f0000000540)={0x0, 0x106d, 0x8000, 0x2, 0x20, 0x0, r6}, &(0x7f0000000240), &(0x7f0000000600))
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000180)={'ip_vti0\x00', &(0x7f00000003c0)={'erspan0\x00', 0x0, 0x80, 0x700, 0x8018, 0x0, {{0x12, 0x4, 0x1, 0x3, 0x48, 0x66, 0x0, 0x1, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x27, 0xf3, [@broadcast, @empty, @loopback, @multicast2, @dev={0xac, 0x14, 0x14, 0x38}, @rand_addr=0x64010101, @loopback, @local, @local]}, @noop, @timestamp_prespec={0x44, 0x4, 0x5, 0x3, 0x7}]}}}}})
unshare(0x4040600)
r7 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000200), 0x35c, 0x0)
pread64(r7, 0x0, 0xfffffffffffffd99, 0x400000000000000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="9feb010018000000000000002501000025010000070000000b0000000300000e0100000002000000cb730000390b00000200000006000000020000000400000000000000c0000000530d00000002000013000000000c0000004586000008000000040000005bffffff0500000009000000060000130200005d6de558f40423c200ffff00000f00000000000000000000000700000006000000370600000300000008000000100000000f00000001000000060000000800000006000000ff7f00000f00000000000007000000000000000000000003000000000500000004000000010001000300000004000004000000008e000000030000000900000004000000000000000500000006000000020000000e000000020000000300009f1b99296250a4f200760000000e0000000000000e05000000020000000700000000000009feffffff0000"], &(0x7f00000008c0)=""/4096, 0x147, 0x1000, 0x1, 0x5, 0x10000, @value=r1}, 0x28)
write(r0, &(0x7f00000000c0)="1c0000001a009b8a14e5f40700426e2400000000fe00000000000000", 0x1c)

20.861308ms ago: executing program 3 (id=961):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_open_dev$char_usb(0xc, 0xb4, 0x7fff)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r3=>r1, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='hrtimer_start\x00', r5}, 0x18)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r6}, 0x3d)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r9, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r10, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r8], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)
sendmsg$NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x40098)
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES64=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r11}, 0x10)
io_uring_enter(0xffffffffffffffff, 0x47f5, 0x2000000, 0x0, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000300240248ff050005001200", 0x2e}], 0x1}, 0x0)

0s ago: executing program 4 (id=962):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="c3aa004d2c01000071101a00000000009500"], &(0x7f0000000480)='GPL\x00', 0xe}, 0x94)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0xffffffff)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000240)={0x0, 0xffffffff, 0x1, 0x1, 0xd, 0xda86, 0xe, 0x5, {0x0, @in={{0x2, 0x4e20, @empty}}, 0xb0, 0x8, 0x9, 0x3, 0x1}}, &(0x7f0000000040)=0xb0)
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xb851}, 0x1c)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x54, 0x2, 0x1, 0x301, 0x0, 0x0, {0x1, 0x0, 0x4}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x2}, @CTA_STATUS={0xfffffffffffffd68, 0x3, 0x1, 0x0, 0x2400}, @CTA_FILTER={0x14, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x408}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x558}]}, @CTA_LABELS={0x4}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x4}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x2}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1000}]}, 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x800)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff00000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020200600f8ff00000000bf99006ceb00000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0x2, &(0x7f0000000340)=""/222, 0x0, 0xc}, 0x29)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076655468315f6d6163767461700000000900010073797a31000000002c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000140000001100"], 0xc8}}, 0x0)
r6 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700002004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000004000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r8}, 0x18)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r6)

kernel console output (not intermixed with test programs):

e+0x27/0x80
[   76.260810][ T5057]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   76.260834][ T5057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.260912][ T5057] RIP: 0033:0x7fce14adeec9
[   76.260930][ T5057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.260951][ T5057] RSP: 002b:00007fce13547038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.260973][ T5057] RAX: ffffffffffffffda RBX: 00007fce14d35fa0 RCX: 00007fce14adeec9
[   76.260988][ T5057] RDX: 0000000000000000 RSI: 0000200000006ac0 RDI: 0000000000000004
[   76.261001][ T5057] RBP: 00007fce13547090 R08: 0000000000000000 R09: 0000000000000000
[   76.261014][ T5057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.261087][ T5057] R13: 00007fce14d36038 R14: 00007fce14d35fa0 R15: 00007ffc3af24718
[   76.261108][ T5057]  </TASK>
[   76.650344][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.794846][ T5064] netlink: 28 bytes leftover after parsing attributes in process `syz.4.430'.
[   76.953588][ T5071] SELinux: failed to load policy
[   77.081173][ T5073] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[   77.087938][ T5073] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   77.095697][ T5073] vhci_hcd vhci_hcd.0: Device attached
[   77.099759][ T5077] FAULT_INJECTION: forcing a failure.
[   77.099759][ T5077] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   77.108783][ T5074] vhci_hcd: cannot find a urb of seqnum 7 max seqnum 0
[   77.114495][ T5077] CPU: 1 UID: 0 PID: 5077 Comm: syz.3.429 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   77.114620][ T5077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   77.114639][ T5077] Call Trace:
[   77.114657][ T5077]  <TASK>
[   77.114668][ T5077]  __dump_stack+0x1d/0x30
[   77.114700][ T5077]  dump_stack_lvl+0xe8/0x140
[   77.114789][ T5077]  dump_stack+0x15/0x1b
[   77.114813][ T5077]  should_fail_ex+0x265/0x280
[   77.114868][ T5077]  should_fail+0xb/0x20
[   77.114954][ T5077]  should_fail_usercopy+0x1a/0x20
[   77.114984][ T5077]  _copy_to_user+0x20/0xa0
[   77.115035][ T5077]  simple_read_from_buffer+0xb5/0x130
[   77.115069][ T5077]  proc_fail_nth_read+0x10e/0x150
[   77.115118][ T5077]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   77.115158][ T5077]  vfs_read+0x1a8/0x770
[   77.115190][ T5077]  ? __rcu_read_unlock+0x4f/0x70
[   77.115226][ T5077]  ? __fget_files+0x184/0x1c0
[   77.115309][ T5077]  ksys_read+0xda/0x1a0
[   77.115343][ T5077]  __x64_sys_read+0x40/0x50
[   77.115377][ T5077]  x64_sys_call+0x27c0/0x3000
[   77.115410][ T5077]  do_syscall_64+0xd2/0x200
[   77.115466][ T5077]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   77.115519][ T5077]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   77.115619][ T5077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.115658][ T5077] RIP: 0033:0x7faba66ad8dc
[   77.115739][ T5077] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   77.115765][ T5077] RSP: 002b:00007faba510f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   77.115870][ T5077] RAX: ffffffffffffffda RBX: 00007faba6905fa0 RCX: 00007faba66ad8dc
[   77.115888][ T5077] RDX: 000000000000000f RSI: 00007faba510f0a0 RDI: 0000000000000007
[   77.115906][ T5077] RBP: 00007faba510f090 R08: 0000000000000000 R09: 0000000000000000
[   77.115968][ T5077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.115987][ T5077] R13: 00007faba6906038 R14: 00007faba6905fa0 R15: 00007ffed315edf8
[   77.116014][ T5077]  </TASK>
[   77.116051][   T29] kauditd_printk_skb: 200 callbacks suppressed
[   77.116066][   T29] audit: type=1400 audit(1760326755.149:1505): avc:  denied  { getopt } for  pid=5076 comm="syz.3.429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   77.128695][ T3643] vhci_hcd: stop threads
[   77.328182][ T5081] loop3: detected capacity change from 0 to 1024
[   77.328493][ T3643] vhci_hcd: release socket
[   77.328505][ T3643] vhci_hcd: disconnect device
[   77.391283][ T5081] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.413932][ T5079] loop1: detected capacity change from 0 to 512
[   77.427739][ T5081] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[   77.449476][ T5079] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.428: bad orphan inode 11862016
[   77.452890][ T5081] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[   77.468396][ T5079] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   77.472496][ T5081] EXT4-fs (loop3): This should not happen!! Data will be lost
[   77.472496][ T5081] 
[   77.485445][ T5079] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.494712][ T5081] EXT4-fs (loop3): Total free blocks count 0
[   77.511257][ T5081] EXT4-fs (loop3): Free/Dirty block details
[   77.517312][ T5081] EXT4-fs (loop3): free_blocks=20480
[   77.522672][ T5081] EXT4-fs (loop3): dirty_blocks=96
[   77.527901][ T5081] EXT4-fs (loop3): Block reservation details
[   77.534003][ T5081] EXT4-fs (loop3): i_reserved_data_blocks=6
[   77.544955][ T5086] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   77.550324][ T5063] capability: warning: `syz.1.428' uses deprecated v2 capabilities in a way that may be insecure
[   77.583980][   T29] audit: type=1400 audit(1760326755.639:1506): avc:  denied  { read } for  pid=5080 comm="syz.3.434" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   77.630972][   T29] audit: type=1400 audit(1760326755.639:1507): avc:  denied  { open } for  pid=5080 comm="syz.3.434" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   77.657445][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   77.680670][ T3823] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   77.706802][ T5088] loop1: detected capacity change from 0 to 1024
[   77.732777][ T5088] EXT4-fs: Ignoring removed bh option
[   77.766376][ T5088] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.786982][ T5103] loop5: detected capacity change from 0 to 512
[   77.800567][ T5088] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.435: Allocating blocks 481-513 which overlap fs metadata
[   77.818330][ T5098] netlink: 12 bytes leftover after parsing attributes in process `syz.3.439'.
[   77.827549][   T29] audit: type=1400 audit(1760326755.859:1508): avc:  denied  { read } for  pid=5087 comm="syz.1.435" path="/79/file1/bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   77.858079][ T5088] EXT4-fs (loop1): Remounting filesystem read-only
[   77.868182][ T5103] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.891043][ T5103] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.910330][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.920465][ T5103] rdma_rxe: rxe_newlink: failed to add bond0
[   77.971554][ T3611] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.062815][ T5115] FAULT_INJECTION: forcing a failure.
[   78.062815][ T5115] name failslab, interval 1, probability 0, space 0, times 0
[   78.075637][ T5115] CPU: 0 UID: 0 PID: 5115 Comm: syz.0.446 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.075666][ T5115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   78.075678][ T5115] Call Trace:
[   78.075748][ T5115]  <TASK>
[   78.075765][ T5115]  __dump_stack+0x1d/0x30
[   78.075786][ T5115]  dump_stack_lvl+0xe8/0x140
[   78.075836][ T5115]  dump_stack+0x15/0x1b
[   78.075858][ T5115]  should_fail_ex+0x265/0x280
[   78.075903][ T5115]  should_failslab+0x8c/0xb0
[   78.075935][ T5115]  __kmalloc_noprof+0xa5/0x570
[   78.076021][ T5115]  ? nla_strdup+0x78/0xc0
[   78.076043][ T5115]  nla_strdup+0x78/0xc0
[   78.076064][ T5115]  nf_tables_newtable+0x3ba/0xea0
[   78.076111][ T5115]  nfnetlink_rcv+0xbc9/0x16c0
[   78.076139][ T5115]  ? kmem_cache_free+0xe4/0x3d0
[   78.076275][ T5115]  netlink_unicast+0x5c0/0x690
[   78.076311][ T5115]  netlink_sendmsg+0x58b/0x6b0
[   78.076373][ T5115]  ? __pfx_netlink_sendmsg+0x10/0x10
[   78.076439][ T5115]  __sock_sendmsg+0x145/0x180
[   78.076500][ T5115]  ____sys_sendmsg+0x31e/0x4e0
[   78.076544][ T5115]  ___sys_sendmsg+0x17b/0x1d0
[   78.076592][ T5115]  __x64_sys_sendmsg+0xd4/0x160
[   78.076634][ T5115]  x64_sys_call+0x191e/0x3000
[   78.076775][ T5115]  do_syscall_64+0xd2/0x200
[   78.076799][ T5115]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   78.076864][ T5115]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   78.076890][ T5115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.076918][ T5115] RIP: 0033:0x7f5a5066eec9
[   78.076938][ T5115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.076961][ T5115] RSP: 002b:00007f5a4f0cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.077011][ T5115] RAX: ffffffffffffffda RBX: 00007f5a508c5fa0 RCX: 00007f5a5066eec9
[   78.077023][ T5115] RDX: 0000000020050800 RSI: 00002000000000c0 RDI: 0000000000000003
[   78.077035][ T5115] RBP: 00007f5a4f0cf090 R08: 0000000000000000 R09: 0000000000000000
[   78.077047][ T5115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.077058][ T5115] R13: 00007f5a508c6038 R14: 00007f5a508c5fa0 R15: 00007ffcd7fedf08
[   78.077079][ T5115]  </TASK>
[   78.356774][ T5120] netlink: 256 bytes leftover after parsing attributes in process `syz.5.445'.
[   78.359080][   T29] audit: type=1400 audit(1760326756.379:1509): avc:  denied  { mount } for  pid=5111 comm="syz.3.443" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   78.365869][ T5120] netlink: 72 bytes leftover after parsing attributes in process `syz.5.445'.
[   78.397943][ T5118] netlink: 28 bytes leftover after parsing attributes in process `syz.1.442'.
[   78.417936][ T5122] SELinux: failed to load policy
[   78.437948][ T5124] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   78.449744][ T5124] tipc: Disabling bearer <eth:syzkaller0>
[   78.461492][ T5120] loop5: detected capacity change from 0 to 1024
[   78.482062][ T5120] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   78.508556][ T5120] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.555052][   T29] audit: type=1326 audit(1760326756.609:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5129 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   78.578493][   T29] audit: type=1326 audit(1760326756.609:1511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5129 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   78.601999][   T29] audit: type=1326 audit(1760326756.609:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5129 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   78.625430][   T29] audit: type=1326 audit(1760326756.609:1513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5129 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   78.648911][   T29] audit: type=1326 audit(1760326756.609:1514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5129 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   78.681163][ T3611] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   78.730165][ T5135] netlink: 4 bytes leftover after parsing attributes in process `syz.5.452'.
[   78.836784][ T5133] syzkaller0: entered promiscuous mode
[   78.842595][ T5133] syzkaller0: entered allmulticast mode
[   78.970560][ T5157] netlink: 28 bytes leftover after parsing attributes in process `syz.4.459'.
[   79.014775][ T5160] FAULT_INJECTION: forcing a failure.
[   79.014775][ T5160] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.027990][ T5160] CPU: 0 UID: 0 PID: 5160 Comm: syz.5.458 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.028048][ T5160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   79.028070][ T5160] Call Trace:
[   79.028077][ T5160]  <TASK>
[   79.028086][ T5160]  __dump_stack+0x1d/0x30
[   79.028113][ T5160]  dump_stack_lvl+0xe8/0x140
[   79.028139][ T5160]  dump_stack+0x15/0x1b
[   79.028160][ T5160]  should_fail_ex+0x265/0x280
[   79.028235][ T5160]  should_fail+0xb/0x20
[   79.028267][ T5160]  should_fail_usercopy+0x1a/0x20
[   79.028294][ T5160]  _copy_from_user+0x1c/0xb0
[   79.028443][ T5160]  ___sys_sendmsg+0xc1/0x1d0
[   79.028501][ T5160]  __x64_sys_sendmsg+0xd4/0x160
[   79.028546][ T5160]  x64_sys_call+0x191e/0x3000
[   79.028568][ T5160]  do_syscall_64+0xd2/0x200
[   79.028592][ T5160]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   79.028657][ T5160]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   79.028686][ T5160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.028781][ T5160] RIP: 0033:0x7fbf6beeeec9
[   79.028796][ T5160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.028814][ T5160] RSP: 002b:00007fbf6a936038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.028836][ T5160] RAX: ffffffffffffffda RBX: 00007fbf6c146090 RCX: 00007fbf6beeeec9
[   79.028853][ T5160] RDX: 0000000004000001 RSI: 0000200000000540 RDI: 0000000000000005
[   79.028880][ T5160] RBP: 00007fbf6a936090 R08: 0000000000000000 R09: 0000000000000000
[   79.028896][ T5160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.028913][ T5160] R13: 00007fbf6c146128 R14: 00007fbf6c146090 R15: 00007ffdebaa7bb8
[   79.028939][ T5160]  </TASK>
[   79.029748][  T373] Bluetooth: hci0: Frame reassembly failed (-84)
[   79.208894][ T5167] loop1: detected capacity change from 0 to 1024
[   79.215505][ T5162] loop4: detected capacity change from 0 to 8192
[   79.227414][ T5162] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   79.230568][ T5167] EXT4-fs: Ignoring removed nobh option
[   79.243568][ T5167] EXT4-fs: Ignoring removed bh option
[   79.256733][ T5167] EXT4-fs (loop1): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   79.257528][ T5169] netlink: 'syz.3.464': attribute type 10 has an invalid length.
[   79.274347][ T5169] netlink: 40 bytes leftover after parsing attributes in process `syz.3.464'.
[   79.283382][ T5169] bridge0: port 3(veth1_macvtap) entered blocking state
[   79.288145][ T5167] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.291067][ T5169] bridge0: port 3(veth1_macvtap) entered disabled state
[   79.311717][ T5169] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[   79.339026][ T5169] loop3: detected capacity change from 0 to 512
[   79.348407][ T5162] SELinux:  policydb version 0 does not match my version range 15-35
[   79.357255][ T5162] SELinux: failed to load policy
[   79.367818][ T5169] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.380922][ T5169] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.382074][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.422033][ T5176] netlink: 'syz.1.465': attribute type 10 has an invalid length.
[   79.429828][ T5176] netlink: 40 bytes leftover after parsing attributes in process `syz.1.465'.
[   79.439344][ T5176] bridge0: port 3(veth1_macvtap) entered blocking state
[   79.446379][ T5176] bridge0: port 3(veth1_macvtap) entered disabled state
[   79.455070][ T5176] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[   79.472862][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.497082][ T5178] FAULT_INJECTION: forcing a failure.
[   79.497082][ T5178] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.510420][ T5178] CPU: 0 UID: 0 PID: 5178 Comm: syz.3.466 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.510472][ T5178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   79.510561][ T5178] Call Trace:
[   79.510574][ T5178]  <TASK>
[   79.510584][ T5178]  __dump_stack+0x1d/0x30
[   79.510676][ T5178]  dump_stack_lvl+0xe8/0x140
[   79.510700][ T5178]  dump_stack+0x15/0x1b
[   79.510720][ T5178]  should_fail_ex+0x265/0x280
[   79.510768][ T5178]  should_fail+0xb/0x20
[   79.510835][ T5176] loop1: detected capacity change from 0 to 512
[   79.510847][ T5178]  should_fail_usercopy+0x1a/0x20
[   79.510875][ T5178]  _copy_from_user+0x1c/0xb0
[   79.510908][ T5178]  ___sys_sendmsg+0xc1/0x1d0
[   79.510977][ T5178]  __sys_sendmmsg+0x178/0x300
[   79.511106][ T5178]  __x64_sys_sendmmsg+0x57/0x70
[   79.511148][ T5178]  x64_sys_call+0x1c4a/0x3000
[   79.511180][ T5178]  do_syscall_64+0xd2/0x200
[   79.511215][ T5178]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   79.511329][ T5178]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   79.511361][ T5178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.511459][ T5178] RIP: 0033:0x7faba66aeec9
[   79.511482][ T5178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.511507][ T5178] RSP: 002b:00007faba510f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   79.511534][ T5178] RAX: ffffffffffffffda RBX: 00007faba6905fa0 RCX: 00007faba66aeec9
[   79.511552][ T5178] RDX: 0000000000000002 RSI: 0000200000000a40 RDI: 0000000000000003
[   79.511642][ T5178] RBP: 00007faba510f090 R08: 0000000000000000 R09: 0000000000000000
[   79.511660][ T5178] R10: 0000000020004874 R11: 0000000000000246 R12: 0000000000000001
[   79.511678][ T5178] R13: 00007faba6906038 R14: 00007faba6905fa0 R15: 00007ffed315edf8
[   79.511705][ T5178]  </TASK>
[   79.709206][ T5176] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.725409][ T5176] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.811540][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.853399][ T5191] FAULT_INJECTION: forcing a failure.
[   79.853399][ T5191] name failslab, interval 1, probability 0, space 0, times 0
[   79.866199][ T5191] CPU: 1 UID: 0 PID: 5191 Comm: syz.1.469 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.866235][ T5191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   79.866248][ T5191] Call Trace:
[   79.866254][ T5191]  <TASK>
[   79.866318][ T5191]  __dump_stack+0x1d/0x30
[   79.866345][ T5191]  dump_stack_lvl+0xe8/0x140
[   79.866433][ T5191]  dump_stack+0x15/0x1b
[   79.866519][ T5191]  should_fail_ex+0x265/0x280
[   79.866554][ T5191]  should_failslab+0x8c/0xb0
[   79.866588][ T5191]  kmem_cache_alloc_noprof+0x50/0x480
[   79.866623][ T5191]  ? getname_kernel+0x3c/0x1f0
[   79.866672][ T5191]  getname_kernel+0x3c/0x1f0
[   79.866773][ T5191]  kern_path+0x23/0x130
[   79.866881][ T5191]  do_move_mount_old+0x5d/0xd0
[   79.866909][ T5191]  path_mount+0x54a/0xb70
[   79.866936][ T5191]  ? user_path_at+0x109/0x130
[   79.866980][ T5191]  __se_sys_mount+0x28c/0x2e0
[   79.867069][ T5191]  ? fput+0x8f/0xc0
[   79.867163][ T5191]  __x64_sys_mount+0x67/0x80
[   79.867187][ T5191]  x64_sys_call+0x2b51/0x3000
[   79.867208][ T5191]  do_syscall_64+0xd2/0x200
[   79.867236][ T5191]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   79.867272][ T5191]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   79.867379][ T5191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.867452][ T5191] RIP: 0033:0x7fd4189feec9
[   79.867507][ T5191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.867525][ T5191] RSP: 002b:00007fd417467038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   79.867547][ T5191] RAX: ffffffffffffffda RBX: 00007fd418c55fa0 RCX: 00007fd4189feec9
[   79.867564][ T5191] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000200000000000
[   79.867635][ T5191] RBP: 00007fd417467090 R08: 0000000000000000 R09: 0000000000000000
[   79.867647][ T5191] R10: 000000000000a008 R11: 0000000000000246 R12: 0000000000000001
[   79.867663][ T5191] R13: 00007fd418c56038 R14: 00007fd418c55fa0 R15: 00007ffd8eaaaf38
[   79.867716][ T5191]  </TASK>
[   80.121141][ T5189] loop5: detected capacity change from 0 to 256
[   80.154433][ T5189] FAT-fs (loop5): codepage cp949 not found
[   80.200533][ T5201] loop4: detected capacity change from 0 to 1024
[   80.216569][ T5201] EXT4-fs: Ignoring removed nobh option
[   80.222249][ T5201] EXT4-fs: Ignoring removed bh option
[   80.294965][ T5201] EXT4-fs (loop4): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   80.407122][ T5201] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.440720][ T5206] loop5: detected capacity change from 0 to 512
[   80.506991][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.526733][ T5206] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.540343][ T5206] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.553572][ T5206] rdma_rxe: rxe_newlink: failed to add bond0
[   80.578125][ T3611] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.855078][ T5224] loop4: detected capacity change from 0 to 1024
[   80.904288][ T5224] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.480: Failed to acquire dquot type 0
[   80.951540][ T5224] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   81.040348][ T5224] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #13: comm syz.4.480: corrupted inode contents
[   81.052288][ T3689] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   81.058891][ T5224] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #13: comm syz.4.480: mark_inode_dirty error
[   81.080465][ T5224] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #13: comm syz.4.480: corrupted inode contents
[   81.095023][ T5224] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.480: mark_inode_dirty error
[   81.116437][ T5224] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #13: comm syz.4.480: corrupted inode contents
[   81.152284][ T5233] x_tables: duplicate underflow at hook 1
[   81.175792][ T5224] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem
[   81.195849][ T5224] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #13: comm syz.4.480: corrupted inode contents
[   81.240204][ T5224] EXT4-fs error (device loop4): ext4_truncate:4637: inode #13: comm syz.4.480: mark_inode_dirty error
[   81.255140][ T5224] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem
[   81.269955][ T5224] EXT4-fs (loop4): 1 truncate cleaned up
[   81.278280][ T5247] loop3: detected capacity change from 0 to 1024
[   81.285012][ T5224] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.312160][ T5247] EXT4-fs: Ignoring removed nobh option
[   81.317783][ T5247] EXT4-fs: Ignoring removed bh option
[   81.328356][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.348147][ T5247] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   81.391224][ T5247] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.459470][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.524618][ T5270] loop3: detected capacity change from 0 to 512
[   81.539754][ T5270] EXT4-fs: Ignoring removed oldalloc option
[   81.563011][ T5270] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   81.574808][ T5270] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.491: invalid indirect mapped block 4294967295 (level 0)
[   81.590111][ T5270] EXT4-fs (loop3): Remounting filesystem read-only
[   81.597325][ T5270] EXT4-fs (loop3): 1 orphan inode deleted
[   81.603135][ T5270] EXT4-fs (loop3): 1 truncate cleaned up
[   81.609402][ T5270] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.651115][ T5270] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   81.671183][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.687487][ T5280] loop4: detected capacity change from 0 to 512
[   81.703190][ T5280] EXT4-fs: Ignoring removed bh option
[   81.741035][ T5280] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   81.752690][ T5280] EXT4-fs (loop4): 1 truncate cleaned up
[   81.758978][ T5280] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.808639][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.950893][ T5294] loop1: detected capacity change from 0 to 1024
[   81.958038][ T5294] EXT4-fs: Ignoring removed nobh option
[   81.963760][ T5294] EXT4-fs: Ignoring removed bh option
[   81.989078][ T5294] EXT4-fs (loop1): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   82.044958][ T5294] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.086058][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.126066][ T5303] loop5: detected capacity change from 0 to 128
[   82.142199][ T5303] loop2: detected capacity change from 0 to 7
[   82.205901][ T5307] loop0: detected capacity change from 0 to 1024
[   82.257239][ T5307] __quota_error: 275 callbacks suppressed
[   82.257259][ T5307] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5
[   82.272156][ T5307] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[   82.281654][ T5307] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.506: Failed to acquire dquot type 0
[   82.316795][ T5307] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   82.339120][ T5307] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #13: comm syz.0.506: corrupted inode contents
[   82.352063][ T5310] netlink: 60 bytes leftover after parsing attributes in process `syz.1.504'.
[   82.361577][ T5310] IPVS: Unknown mcast interface: 
[   82.393109][ T5307] EXT4-fs error (device loop0): ext4_dirty_inode:6509: inode #13: comm syz.0.506: mark_inode_dirty error
[   82.405965][ T5307] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #13: comm syz.0.506: corrupted inode contents
[   82.418151][ T5307] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.506: mark_inode_dirty error
[   82.436397][ T5307] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #13: comm syz.0.506: corrupted inode contents
[   82.449351][ T5307] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem
[   82.471452][ T5307] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #13: comm syz.0.506: corrupted inode contents
[   82.483724][ T5326] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=5326 comm=syz.1.504
[   82.513918][ T5307] EXT4-fs error (device loop0): ext4_truncate:4637: inode #13: comm syz.0.506: mark_inode_dirty error
[   82.591153][ T5307] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem
[   82.602504][ T5329] FAULT_INJECTION: forcing a failure.
[   82.602504][ T5329] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   82.615908][ T5329] CPU: 1 UID: 0 PID: 5329 Comm: syz.5.510 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.615944][ T5329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   82.615988][ T5329] Call Trace:
[   82.615996][ T5329]  <TASK>
[   82.616003][ T5329]  __dump_stack+0x1d/0x30
[   82.616083][ T5329]  dump_stack_lvl+0xe8/0x140
[   82.616180][ T5329]  dump_stack+0x15/0x1b
[   82.616196][ T5329]  should_fail_ex+0x265/0x280
[   82.616231][ T5329]  should_fail_alloc_page+0xf2/0x100
[   82.616332][ T5329]  __alloc_frozen_pages_noprof+0xff/0x360
[   82.616378][ T5329]  alloc_pages_mpol+0xb3/0x260
[   82.616410][ T5329]  alloc_pages_noprof+0x90/0x130
[   82.616436][ T5329]  pgd_alloc+0x40/0x290
[   82.616468][ T5329]  mm_init+0x385/0x7f0
[   82.616497][ T5329]  ? kmem_cache_alloc_noprof+0x2b8/0x480
[   82.616543][ T5329]  copy_mm+0x101/0x370
[   82.616605][ T5329]  copy_process+0xd08/0x2000
[   82.616643][ T5329]  kernel_clone+0x16c/0x5c0
[   82.616755][ T5329]  __se_sys_clone3+0x1c2/0x200
[   82.616798][ T5329]  ? fpregs_restore_userregs+0xad/0x1d0
[   82.616861][ T5329]  __x64_sys_clone3+0x31/0x40
[   82.616891][ T5329]  x64_sys_call+0x1fc9/0x3000
[   82.616917][ T5329]  do_syscall_64+0xd2/0x200
[   82.616942][ T5329]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   82.617006][ T5329]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   82.617035][ T5329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.617057][ T5329] RIP: 0033:0x7fbf6beeeec9
[   82.617131][ T5329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.617155][ T5329] RSP: 002b:00007fbf6a914f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[   82.617179][ T5329] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fbf6beeeec9
[   82.617191][ T5329] RDX: 00007fbf6a914f20 RSI: 0000000000000058 RDI: 00007fbf6a914f20
[   82.617203][ T5329] RBP: 00007fbf6a915090 R08: 0000000000000000 R09: 0000000000000058
[   82.617274][ T5329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.617290][ T5329] R13: 00007fbf6c146218 R14: 00007fbf6c146180 R15: 00007ffdebaa7bb8
[   82.617338][ T5329]  </TASK>
[   82.859806][ T5307] EXT4-fs (loop0): 1 truncate cleaned up
[   82.889061][ T5307] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.013782][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.053100][ T5335] loop3: detected capacity change from 0 to 1024
[   83.072724][ T5340] FAULT_INJECTION: forcing a failure.
[   83.072724][ T5340] name failslab, interval 1, probability 0, space 0, times 0
[   83.085552][ T5340] CPU: 1 UID: 0 PID: 5340 Comm: syz.4.516 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   83.085660][ T5340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   83.085676][ T5340] Call Trace:
[   83.085683][ T5340]  <TASK>
[   83.085691][ T5340]  __dump_stack+0x1d/0x30
[   83.085720][ T5340]  dump_stack_lvl+0xe8/0x140
[   83.085743][ T5340]  dump_stack+0x15/0x1b
[   83.085759][ T5340]  should_fail_ex+0x265/0x280
[   83.085794][ T5340]  should_failslab+0x8c/0xb0
[   83.085887][ T5340]  __kmalloc_cache_node_noprof+0x54/0x4a0
[   83.085928][ T5340]  ? __get_vm_area_node+0x106/0x1d0
[   83.086019][ T5340]  __get_vm_area_node+0x106/0x1d0
[   83.086049][ T5340]  __vmalloc_node_range_noprof+0x28c/0xed0
[   83.086080][ T5340]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   83.086162][ T5340]  ? __rcu_read_unlock+0x4f/0x70
[   83.086201][ T5340]  ? cred_has_capability+0x210/0x280
[   83.086257][ T5340]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   83.086317][ T5340]  __vmalloc_noprof+0x83/0xc0
[   83.086349][ T5340]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   83.086445][ T5340]  bpf_prog_alloc_no_stats+0x47/0x3b0
[   83.086479][ T5340]  ? bpf_prog_alloc+0x2a/0x150
[   83.086511][ T5340]  bpf_prog_alloc+0x3c/0x150
[   83.086550][ T5340]  bpf_prog_load+0x506/0x1100
[   83.086586][ T5340]  ? security_bpf+0x2b/0x90
[   83.086620][ T5340]  __sys_bpf+0x469/0x7c0
[   83.086743][ T5340]  __x64_sys_bpf+0x41/0x50
[   83.086857][ T5340]  x64_sys_call+0x2aee/0x3000
[   83.086886][ T5340]  do_syscall_64+0xd2/0x200
[   83.086986][ T5340]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   83.087022][ T5340]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   83.087125][ T5340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.087154][ T5340] RIP: 0033:0x7fce14adeec9
[   83.087184][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.087207][ T5340] RSP: 002b:00007fce13547038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   83.087263][ T5340] RAX: ffffffffffffffda RBX: 00007fce14d35fa0 RCX: 00007fce14adeec9
[   83.087279][ T5340] RDX: 00000000000000a8 RSI: 0000200000000480 RDI: 0000000000000005
[   83.087293][ T5340] RBP: 00007fce13547090 R08: 0000000000000000 R09: 0000000000000000
[   83.087308][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.087343][ T5340] R13: 00007fce14d36038 R14: 00007fce14d35fa0 R15: 00007ffc3af24718
[   83.087361][ T5340]  </TASK>
[   83.087370][ T5340] syz.4.516: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null)
[   83.148143][ T5341] loop1: detected capacity change from 0 to 512
[   83.152267][ T5340] ,cpuset=/
[   83.160246][ T5341] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   83.163665][ T5340] ,mems_allowed=0
[   83.163688][ T5340] CPU: 1 UID: 0 PID: 5340 Comm: syz.4.516 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   83.163712][ T5340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   83.163752][ T5340] Call Trace:
[   83.163762][ T5340]  <TASK>
[   83.163773][ T5340]  __dump_stack+0x1d/0x30
[   83.163802][ T5340]  dump_stack_lvl+0xe8/0x140
[   83.163833][ T5340]  dump_stack+0x15/0x1b
[   83.163859][ T5340]  warn_alloc+0x12b/0x1a0
[   83.163910][ T5340]  __vmalloc_node_range_noprof+0x2b1/0xed0
[   83.164029][ T5340]  ? __rcu_read_unlock+0x4f/0x70
[   83.164069][ T5340]  ? cred_has_capability+0x210/0x280
[   83.164113][ T5340]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   83.164236][ T5340]  __vmalloc_noprof+0x83/0xc0
[   83.164279][ T5340]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   83.164325][ T5340]  bpf_prog_alloc_no_stats+0x47/0x3b0
[   83.164434][ T5340]  ? bpf_prog_alloc+0x2a/0x150
[   83.164479][ T5340]  bpf_prog_alloc+0x3c/0x150
[   83.164590][ T5340]  bpf_prog_load+0x506/0x1100
[   83.164629][ T5340]  ? security_bpf+0x2b/0x90
[   83.164679][ T5340]  __sys_bpf+0x469/0x7c0
[   83.164735][ T5340]  __x64_sys_bpf+0x41/0x50
[   83.164813][ T5340]  x64_sys_call+0x2aee/0x3000
[   83.164845][ T5340]  do_syscall_64+0xd2/0x200
[   83.164879][ T5340]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   83.164975][ T5340]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   83.165008][ T5340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.165069][ T5340] RIP: 0033:0x7fce14adeec9
[   83.165092][ T5340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.165186][ T5340] RSP: 002b:00007fce13547038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   83.165214][ T5340] RAX: ffffffffffffffda RBX: 00007fce14d35fa0 RCX: 00007fce14adeec9
[   83.165234][ T5340] RDX: 00000000000000a8 RSI: 0000200000000480 RDI: 0000000000000005
[   83.165253][ T5340] RBP: 00007fce13547090 R08: 0000000000000000 R09: 0000000000000000
[   83.165270][ T5340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.165331][ T5340] R13: 00007fce14d36038 R14: 00007fce14d35fa0 R15: 00007ffc3af24718
[   83.165358][ T5340]  </TASK>
[   83.165385][ T5340] Mem-Info:
[   83.283766][ T5341] EXT4-fs (loop1): 1 truncate cleaned up
[   83.290986][ T5340] active_anon:26926 inactive_anon:0 isolated_anon:0
[   83.290986][ T5340]  active_file:18649 inactive_file:2320 isolated_file:0
[   83.290986][ T5340]  unevictable:0 dirty:400 writeback:0
[   83.290986][ T5340]  slab_reclaimable:3352 slab_unreclaimable:16892
[   83.290986][ T5340]  mapped:40014 shmem:19584 pagetables:1287
[   83.290986][ T5340]  sec_pagetables:0 bounce:0
[   83.290986][ T5340]  kernel_misc_reclaimable:0
[   83.290986][ T5340]  free:1871712 free_pcp:4804 free_cma:0
[   83.321422][ T5341] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.323152][ T5340] Node 0 active_anon:107820kB inactive_anon:0kB active_file:74596kB inactive_file:9280kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:160056kB dirty:1600kB writeback:0kB shmem:78336kB kernel_stack:3584kB pagetables:5148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   83.340316][ T5335] EXT4-fs: Ignoring removed nobh option
[   83.346344][ T5340] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   83.349483][ T5335] EXT4-fs: Ignoring removed bh option
[   83.370372][ T5335] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   83.373045][ T5340] lowmem_reserve[]: 0 2883 7862 7862
[   83.373082][ T5340] Node 0 DMA32 free:2949056kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2952688kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB
[   83.411465][   T29] audit: type=1400 audit(1760326761.469:1788): avc:  denied  { view } for  pid=5338 comm="syz.1.517" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   83.412803][ T5340] lowmem_reserve[]:
[   83.480311][ T5344] ucma_write: process 315 (syz.0.518) changed security contexts after opening file descriptor, this is not allowed.
[   83.481060][ T5340]  0 0 4978 4978
[   83.481087][ T5340] Node 0 Normal free:4577336kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:42048kB inactive_anon:0kB active_file:74596kB inactive_file:9280kB unevictable:0kB writepending:1716kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:28260kB local_pcp:6208kB free_cma:0kB
[   83.827774][ T5340] lowmem_reserve[]: 0 0 0 0
[   83.832449][ T5340] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   83.845248][ T5340] Node 0 DMA32: 2*4kB (M) 3*8kB (M) 4*16kB (M) 1*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949056kB
[   83.861486][ T5340] Node 0 Normal: 1492*4kB (UM) 791*8kB (UM) 406*16kB (UM) 264*32kB (UME) 157*64kB (UM) 69*128kB (UME) 34*256kB (UM) 9*512kB (UME) 2*1024kB (ME) 3*2048kB (UM) 1101*4096kB (UM) = 4577320kB
[   83.880149][ T5340] Node 0 hugepages_total=4 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   83.889476][ T5340] 24139 total pagecache pages
[   83.894274][ T5340] 0 pages in swap cache
[   83.898447][ T5340] Free swap  = 124996kB
[   83.902675][ T5340] Total swap = 124996kB
[   83.906872][ T5340] 2097051 pages RAM
[   83.910707][ T5340] 0 pages HighMem/MovableOnly
[   83.915374][ T5340] 80479 pages reserved
[   83.969601][ T5352] loop4: detected capacity change from 0 to 512
[   83.990320][ T5358] netlink: 256 bytes leftover after parsing attributes in process `syz.1.519'.
[   83.999504][ T5358] netlink: 72 bytes leftover after parsing attributes in process `syz.1.519'.
[   84.010495][   T29] audit: type=1400 audit(1760326762.070:1789): avc:  denied  { ioctl } for  pid=5359 comm="syz.3.520" path="socket:[10730]" dev="sockfs" ino=10730 ioctlcmd=0x8955 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   84.036888][   T29] audit: type=1400 audit(1760326762.070:1790): avc:  denied  { ioctl } for  pid=5359 comm="syz.3.520" path="socket:[10731]" dev="sockfs" ino=10731 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   84.062704][   T29] audit: type=1400 audit(1760326762.070:1791): avc:  denied  { setopt } for  pid=5359 comm="syz.3.520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   84.082864][ T5352] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.123293][ T5358] loop1: detected capacity change from 0 to 1024
[   84.157577][   T29] audit: type=1400 audit(1760326762.210:1792): avc:  denied  { rename } for  pid=5351 comm="syz.4.521" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   84.183346][ T5352] netlink: 4 bytes leftover after parsing attributes in process `syz.4.521'.
[   84.195297][ T5358] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.248136][ T5377] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=5377 comm=syz.4.521
[   84.344121][   T29] audit: type=1326 audit(1760326762.280:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5353 comm="syz.1.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   84.367649][   T29] audit: type=1326 audit(1760326762.280:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5353 comm="syz.1.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   84.390998][   T29] audit: type=1326 audit(1760326762.280:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5353 comm="syz.1.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   84.469006][ T5391] netlink: 'syz.3.528': attribute type 10 has an invalid length.
[   84.476847][ T5391] netlink: 40 bytes leftover after parsing attributes in process `syz.3.528'.
[   84.485991][ T5391] bridge0: port 3(veth1_macvtap) entered blocking state
[   84.493131][ T5391] bridge0: port 3(veth1_macvtap) entered disabled state
[   84.542417][ T5391] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[   84.726318][ T5401] loop4: detected capacity change from 0 to 1024
[   84.733448][ T5402] loop3: detected capacity change from 0 to 512
[   84.742578][ T5401] EXT4-fs: Ignoring removed nobh option
[   84.748201][ T5401] EXT4-fs: Ignoring removed bh option
[   84.765937][ T5402] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.845386][ T5401] EXT4-fs (loop4): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   85.060854][ T5414] SELinux: failed to load policy
[   85.119671][ T5421] loop4: detected capacity change from 0 to 512
[   85.128724][ T5417] syz.3.532 uses obsolete (PF_INET,SOCK_PACKET)
[   85.154494][ T5421] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   85.182417][ T5421] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   85.204433][ T5428] netlink: 'syz.5.534': attribute type 21 has an invalid length.
[   85.264564][ T5421] EXT4-fs (loop4): 1 truncate cleaned up
[   85.387380][ T5452] netlink: 'syz.5.541': attribute type 10 has an invalid length.
[   85.395292][ T5452] netlink: 40 bytes leftover after parsing attributes in process `syz.5.541'.
[   85.429806][ T5455] loop0: detected capacity change from 0 to 1024
[   85.432434][ T5452] bridge0: port 3(veth1_macvtap) entered blocking state
[   85.443390][ T5452] bridge0: port 3(veth1_macvtap) entered disabled state
[   85.452138][ T5452] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[   85.456910][ T5464] SELinux: failed to load policy
[   85.481249][ T5455] EXT4-fs: Ignoring removed nobh option
[   85.486947][ T5455] EXT4-fs: Ignoring removed bh option
[   85.522020][ T5455] EXT4-fs (loop0): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   85.537233][ T5452] loop5: detected capacity change from 0 to 512
[   85.565527][ T5452] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.656896][ T5485] loop3: detected capacity change from 0 to 1024
[   85.679394][ T5488] loop0: detected capacity change from 0 to 1024
[   85.718560][ T5485] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.831475][ T5488] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.939979][ T5509] loop0: detected capacity change from 0 to 512
[   85.972556][ T5509] EXT4-fs (loop0): unsupported inode size: 0
[   85.978671][ T5509] EXT4-fs (loop0): blocksize: 1024
[   86.118956][ T5530] FAULT_INJECTION: forcing a failure.
[   86.118956][ T5530] name failslab, interval 1, probability 0, space 0, times 0
[   86.131745][ T5530] CPU: 0 UID: 0 PID: 5530 Comm: syz.1.555 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.131838][ T5530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   86.131855][ T5530] Call Trace:
[   86.131864][ T5530]  <TASK>
[   86.131873][ T5530]  __dump_stack+0x1d/0x30
[   86.131894][ T5530]  dump_stack_lvl+0xe8/0x140
[   86.131913][ T5530]  dump_stack+0x15/0x1b
[   86.131930][ T5530]  should_fail_ex+0x265/0x280
[   86.131977][ T5530]  ? sctp_association_new+0x71/0x1200
[   86.132013][ T5530]  should_failslab+0x8c/0xb0
[   86.132054][ T5530]  __kmalloc_cache_noprof+0x4c/0x4a0
[   86.132087][ T5530]  sctp_association_new+0x71/0x1200
[   86.132156][ T5530]  ? __ipv6_addr_type+0x1ed/0x210
[   86.132203][ T5530]  sctp_connect_new_asoc+0x1a8/0x3a0
[   86.132254][ T5530]  sctp_sendmsg+0xf10/0x18d0
[   86.132315][ T5530]  ? selinux_socket_sendmsg+0xa1/0x1b0
[   86.132342][ T5530]  ? __pfx_sctp_sendmsg+0x10/0x10
[   86.132408][ T5530]  inet_sendmsg+0xc5/0xd0
[   86.132449][ T5530]  __sock_sendmsg+0x102/0x180
[   86.132470][ T5530]  ____sys_sendmsg+0x31e/0x4e0
[   86.132522][ T5530]  ___sys_sendmsg+0x17b/0x1d0
[   86.132577][ T5530]  __x64_sys_sendmsg+0xd4/0x160
[   86.132615][ T5530]  x64_sys_call+0x191e/0x3000
[   86.132648][ T5530]  do_syscall_64+0xd2/0x200
[   86.132752][ T5530]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   86.132788][ T5530]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   86.132821][ T5530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.132850][ T5530] RIP: 0033:0x7fd4189feec9
[   86.132865][ T5530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.132925][ T5530] RSP: 002b:00007fd417467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.132950][ T5530] RAX: ffffffffffffffda RBX: 00007fd418c55fa0 RCX: 00007fd4189feec9
[   86.132965][ T5530] RDX: 0000000004000040 RSI: 0000200000001d80 RDI: 0000000000000004
[   86.133032][ T5530] RBP: 00007fd417467090 R08: 0000000000000000 R09: 0000000000000000
[   86.133057][ T5530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.133073][ T5530] R13: 00007fd418c56038 R14: 00007fd418c55fa0 R15: 00007ffd8eaaaf38
[   86.133098][ T5530]  </TASK>
[   86.134066][ T5529] SELinux: failed to load policy
[   86.381729][ T5536] loop1: detected capacity change from 0 to 512
[   86.432617][ T5539] loop0: detected capacity change from 0 to 1024
[   86.441277][ T5539] EXT4-fs: Ignoring removed nobh option
[   86.446967][ T5539] EXT4-fs: Ignoring removed bh option
[   86.507426][ T5536] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.520342][ T5539] EXT4-fs (loop0): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   86.533548][ T5536] syz2: rxe_newlink: already configured on bond0
[   86.648674][ T5556] FAULT_INJECTION: forcing a failure.
[   86.648674][ T5556] name failslab, interval 1, probability 0, space 0, times 0
[   86.661382][ T5556] CPU: 0 UID: 0 PID: 5556 Comm: syz.1.559 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.661475][ T5556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   86.661492][ T5556] Call Trace:
[   86.661500][ T5556]  <TASK>
[   86.661509][ T5556]  __dump_stack+0x1d/0x30
[   86.661536][ T5556]  dump_stack_lvl+0xe8/0x140
[   86.661562][ T5556]  dump_stack+0x15/0x1b
[   86.661580][ T5556]  should_fail_ex+0x265/0x280
[   86.661622][ T5556]  should_failslab+0x8c/0xb0
[   86.661657][ T5556]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   86.661695][ T5556]  ? dup_task_struct+0x70/0x6b0
[   86.661730][ T5556]  dup_task_struct+0x70/0x6b0
[   86.661831][ T5556]  ? _parse_integer+0x27/0x40
[   86.661902][ T5556]  copy_process+0x399/0x2000
[   86.661940][ T5556]  ? kstrtouint+0x76/0xc0
[   86.662086][ T5556]  ? kstrtouint_from_user+0x9f/0xf0
[   86.662204][ T5556]  ? __rcu_read_unlock+0x4f/0x70
[   86.662231][ T5556]  kernel_clone+0x16c/0x5c0
[   86.662265][ T5556]  ? vfs_write+0x7e8/0x960
[   86.662306][ T5556]  __x64_sys_clone+0xe6/0x120
[   86.662350][ T5556]  x64_sys_call+0x119c/0x3000
[   86.662398][ T5556]  do_syscall_64+0xd2/0x200
[   86.662449][ T5556]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   86.662485][ T5556]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   86.662513][ T5556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.662588][ T5556] RIP: 0033:0x7fd4189feec9
[   86.662606][ T5556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.662631][ T5556] RSP: 002b:00007fd417466fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   86.662656][ T5556] RAX: ffffffffffffffda RBX: 00007fd418c55fa0 RCX: 00007fd4189feec9
[   86.662673][ T5556] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400
[   86.662690][ T5556] RBP: 00007fd417467090 R08: 0000000000000000 R09: 0000000000000000
[   86.662771][ T5556] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   86.662787][ T5556] R13: 00007fd418c56038 R14: 00007fd418c55fa0 R15: 00007ffd8eaaaf38
[   86.662871][ T5556]  </TASK>
[   86.696150][ T5505] Set syz1 is full, maxelem 65536 reached
[   87.051470][ T5570] syzkaller0: entered promiscuous mode
[   87.057005][ T5570] syzkaller0: entered allmulticast mode
[   87.110466][ T5584] loop0: detected capacity change from 0 to 1024
[   87.119190][ T5581] loop5: detected capacity change from 0 to 512
[   87.143565][ T5584] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.564: Failed to acquire dquot type 0
[   87.171807][ T5584] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   87.186446][ T5584] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #13: comm syz.0.564: corrupted inode contents
[   87.194447][ T5581] EXT4-fs (loop5): 1 orphan inode deleted
[   87.204143][  T373] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 1
[   87.230904][ T5584] EXT4-fs error (device loop0): ext4_dirty_inode:6509: inode #13: comm syz.0.564: mark_inode_dirty error
[   87.244959][ T5581] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.261062][ T5584] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #13: comm syz.0.564: corrupted inode contents
[   87.296577][ T5584] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.564: mark_inode_dirty error
[   87.343291][ T5584] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #13: comm syz.0.564: corrupted inode contents
[   87.381348][ T5584] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem
[   87.390001][   T29] kauditd_printk_skb: 166 callbacks suppressed
[   87.390019][   T29] audit: type=1400 audit(1760326765.440:1959): avc:  denied  { cpu } for  pid=5604 comm="syz.5.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   87.396491][ T5584] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #13: comm syz.0.564: corrupted inode contents
[   87.470877][   T29] audit: type=1400 audit(1760326765.490:1960): avc:  denied  { execute } for  pid=5604 comm="syz.5.568" path="/115/blkio.bfq.idle_time" dev="tmpfs" ino=625 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   87.495962][ T5584] EXT4-fs error (device loop0): ext4_truncate:4637: inode #13: comm syz.0.564: mark_inode_dirty error
[   87.532211][ T5584] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem
[   87.554534][   T29] audit: type=1326 audit(1760326765.610:1961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   87.561933][ T5584] EXT4-fs (loop0): 1 truncate cleaned up
[   87.578083][   T29] audit: type=1326 audit(1760326765.610:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   87.607243][   T29] audit: type=1326 audit(1760326765.610:1963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   87.630725][   T29] audit: type=1326 audit(1760326765.610:1964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   87.654077][   T29] audit: type=1326 audit(1760326765.610:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   87.677461][   T29] audit: type=1326 audit(1760326765.610:1966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   87.700811][   T29] audit: type=1326 audit(1760326765.610:1967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   87.724229][   T29] audit: type=1326 audit(1760326765.610:1968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5619 comm="syz.1.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   87.760557][ T5620] loop1: detected capacity change from 0 to 512
[   87.767532][ T5620] EXT4-fs: Ignoring removed oldalloc option
[   87.774689][ T5620] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   87.792026][ T5620] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.572: invalid indirect mapped block 4294967295 (level 0)
[   87.809130][ T5620] EXT4-fs (loop1): Remounting filesystem read-only
[   87.815911][ T5620] EXT4-fs (loop1): 1 orphan inode deleted
[   87.821715][ T5620] EXT4-fs (loop1): 1 truncate cleaned up
[   87.831409][ T5630] loop3: detected capacity change from 0 to 512
[   87.845483][ T5620] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   87.879725][ T5630] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.574: bad orphan inode 11862016
[   87.891625][ T5630] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.947837][ T5630] FAULT_INJECTION: forcing a failure.
[   87.947837][ T5630] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.961183][ T5630] CPU: 0 UID: 0 PID: 5630 Comm: syz.3.574 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   87.961220][ T5630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   87.961236][ T5630] Call Trace:
[   87.961245][ T5630]  <TASK>
[   87.961308][ T5630]  __dump_stack+0x1d/0x30
[   87.961412][ T5630]  dump_stack_lvl+0xe8/0x140
[   87.961459][ T5630]  dump_stack+0x15/0x1b
[   87.961490][ T5630]  should_fail_ex+0x265/0x280
[   87.961534][ T5630]  should_fail+0xb/0x20
[   87.961637][ T5630]  should_fail_usercopy+0x1a/0x20
[   87.961665][ T5630]  _copy_from_user+0x1c/0xb0
[   87.961700][ T5630]  sock_do_ioctl+0xe6/0x220
[   87.961780][ T5630]  sock_ioctl+0x41b/0x610
[   87.961835][ T5630]  ? __pfx_sock_ioctl+0x10/0x10
[   87.961880][ T5630]  __se_sys_ioctl+0xce/0x140
[   87.961906][ T5630]  __x64_sys_ioctl+0x43/0x50
[   87.961932][ T5630]  x64_sys_call+0x1816/0x3000
[   87.962036][ T5630]  do_syscall_64+0xd2/0x200
[   87.962069][ T5630]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   87.962120][ T5630]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   87.962151][ T5630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.962180][ T5630] RIP: 0033:0x7faba66aeec9
[   87.962200][ T5630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.962225][ T5630] RSP: 002b:00007faba510f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   87.962252][ T5630] RAX: ffffffffffffffda RBX: 00007faba6905fa0 RCX: 00007faba66aeec9
[   87.962308][ T5630] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000000f
[   87.962325][ T5630] RBP: 00007faba510f090 R08: 0000000000000000 R09: 0000000000000000
[   87.962343][ T5630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.962371][ T5630] R13: 00007faba6906038 R14: 00007faba6905fa0 R15: 00007ffed315edf8
[   87.962398][ T5630]  </TASK>
[   88.300545][ T5690] FAULT_INJECTION: forcing a failure.
[   88.300545][ T5690] name failslab, interval 1, probability 0, space 0, times 0
[   88.313374][ T5690] CPU: 0 UID: 0 PID: 5690 Comm: syz.5.580 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   88.313409][ T5690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   88.313487][ T5690] Call Trace:
[   88.313496][ T5690]  <TASK>
[   88.313506][ T5690]  __dump_stack+0x1d/0x30
[   88.313600][ T5690]  dump_stack_lvl+0xe8/0x140
[   88.313698][ T5690]  dump_stack+0x15/0x1b
[   88.313718][ T5690]  should_fail_ex+0x265/0x280
[   88.313777][ T5690]  ? sctp_association_new+0x71/0x1200
[   88.313824][ T5690]  should_failslab+0x8c/0xb0
[   88.313858][ T5690]  __kmalloc_cache_noprof+0x4c/0x4a0
[   88.313920][ T5690]  sctp_association_new+0x71/0x1200
[   88.313958][ T5690]  ? __ipv6_addr_type+0x1ed/0x210
[   88.313988][ T5690]  sctp_connect_new_asoc+0x1a8/0x3a0
[   88.314038][ T5690]  sctp_sendmsg+0xf10/0x18d0
[   88.314080][ T5690]  ? selinux_socket_sendmsg+0xa1/0x1b0
[   88.314114][ T5690]  ? __pfx_sctp_sendmsg+0x10/0x10
[   88.314152][ T5690]  inet_sendmsg+0xc5/0xd0
[   88.314188][ T5690]  __sock_sendmsg+0x102/0x180
[   88.314253][ T5690]  ____sys_sendmsg+0x31e/0x4e0
[   88.314296][ T5690]  ___sys_sendmsg+0x17b/0x1d0
[   88.314359][ T5690]  __x64_sys_sendmsg+0xd4/0x160
[   88.314404][ T5690]  x64_sys_call+0x191e/0x3000
[   88.314503][ T5690]  do_syscall_64+0xd2/0x200
[   88.314532][ T5690]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   88.314569][ T5690]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   88.314644][ T5690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.314666][ T5690] RIP: 0033:0x7fbf6beeeec9
[   88.314681][ T5690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.314701][ T5690] RSP: 002b:00007fbf6a957038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   88.314833][ T5690] RAX: ffffffffffffffda RBX: 00007fbf6c145fa0 RCX: 00007fbf6beeeec9
[   88.314849][ T5690] RDX: 0000000020048843 RSI: 0000200000000800 RDI: 0000000000000003
[   88.314861][ T5690] RBP: 00007fbf6a957090 R08: 0000000000000000 R09: 0000000000000000
[   88.314874][ T5690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.314887][ T5690] R13: 00007fbf6c146038 R14: 00007fbf6c145fa0 R15: 00007ffdebaa7bb8
[   88.314908][ T5690]  </TASK>
[   88.315165][ T5691] loop4: detected capacity change from 0 to 512
[   88.543525][ T5707] netlink: 20 bytes leftover after parsing attributes in process `syz.5.586'.
[   88.580923][ T5691] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.592434][ T5691] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.818456][ T5725] loop0: detected capacity change from 0 to 512
[   88.918439][ T5732] macvlan1: entered promiscuous mode
[   88.927102][ T5725] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.938954][ T5732] ipvlan0: entered promiscuous mode
[   88.945111][ T5732] ipvlan0: left promiscuous mode
[   88.963148][ T5725] rdma_rxe: rxe_newlink: failed to add bond0
[   88.985679][ T5738] netlink: 8 bytes leftover after parsing attributes in process `syz.4.596'.
[   89.120393][ T5657] Set syz1 is full, maxelem 65536 reached
[   89.140375][ T5732] macvlan1: left promiscuous mode
[   89.420824][ T5754] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[   89.427384][ T5754] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   89.435132][ T5754] vhci_hcd vhci_hcd.0: Device attached
[   89.507207][ T5762] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   89.567563][ T5768] loop0: detected capacity change from 0 to 512
[   89.577355][ T5768] EXT4-fs: Ignoring removed bh option
[   89.589243][ T5768] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   89.599005][ T5768] EXT4-fs (loop0): 1 truncate cleaned up
[   89.607931][ T5711] Set syz1 is full, maxelem 65536 reached
[   89.615276][ T5756] vhci_hcd: connection closed
[   89.616341][  T266] vhci_hcd: stop threads
[   89.625373][  T266] vhci_hcd: release socket
[   89.629892][  T266] vhci_hcd: disconnect device
[   89.640787][ T3370] vhci_hcd: vhci_device speed not set
[   89.651831][ T5762] tipc: Disabling bearer <eth:syzkaller0>
[   89.682627][ T5772] loop5: detected capacity change from 0 to 512
[   89.691360][ T5772] EXT4-fs: Ignoring removed oldalloc option
[   89.702412][ T5772] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   89.715516][ T5774] netlink: 'syz.0.608': attribute type 2 has an invalid length.
[   89.723250][ T5774] netlink: 'syz.0.608': attribute type 2 has an invalid length.
[   89.730962][ T5774] netlink: 'syz.0.608': attribute type 1 has an invalid length.
[   89.738616][ T5774] netlink: 12 bytes leftover after parsing attributes in process `syz.0.608'.
[   89.765117][ T5772] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.609: invalid indirect mapped block 4294967295 (level 0)
[   89.789450][ T5772] EXT4-fs (loop5): Remounting filesystem read-only
[   89.796362][ T5772] EXT4-fs (loop5): 1 orphan inode deleted
[   89.802165][ T5772] EXT4-fs (loop5): 1 truncate cleaned up
[   89.899224][ T5790] netlink: 12 bytes leftover after parsing attributes in process `syz.3.615'.
[   89.960864][ T5796] loop5: detected capacity change from 0 to 512
[   89.968141][ T5796] EXT4-fs: Ignoring removed bh option
[   89.976939][ T5797] loop3: detected capacity change from 0 to 512
[   89.985035][ T5796] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[   90.007083][ T5796] EXT4-fs (loop5): 1 truncate cleaned up
[   90.028457][ T5797] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.043497][ T5797] rdma_rxe: rxe_newlink: failed to add bond0
[   90.178108][ T5811] netlink: 5 bytes leftover after parsing attributes in process `syz.3.622'.
[   90.187122][ T5811] 0ªî{X¹¦: renamed from gretap0 (while UP)
[   90.195395][ T5811] 0ªî{X¹¦: entered allmulticast mode
[   90.201693][ T5811] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   90.465876][ T5819] loop4: detected capacity change from 0 to 512
[   90.513414][ T5819] EXT4-fs: Ignoring removed oldalloc option
[   90.548271][ T5819] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   90.611252][ T5819] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.625: invalid indirect mapped block 4294967295 (level 0)
[   90.628575][ T5823] loop3: detected capacity change from 0 to 1024
[   90.644431][ T5823] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.627: Failed to acquire dquot type 0
[   90.664197][ T5819] EXT4-fs (loop4): Remounting filesystem read-only
[   90.670955][ T5819] EXT4-fs (loop4): 1 orphan inode deleted
[   90.676782][ T5819] EXT4-fs (loop4): 1 truncate cleaned up
[   90.683326][ T5823] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   90.698419][ T5823] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.627: corrupted inode contents
[   90.712518][ T5823] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #13: comm syz.3.627: mark_inode_dirty error
[   90.724492][ T5823] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.627: corrupted inode contents
[   90.737082][ T5823] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.627: mark_inode_dirty error
[   90.748548][ T5823] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.627: corrupted inode contents
[   90.763122][ T5823] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[   90.772066][ T5823] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.627: corrupted inode contents
[   90.784292][ T5823] EXT4-fs error (device loop3): ext4_truncate:4637: inode #13: comm syz.3.627: mark_inode_dirty error
[   90.785501][ T5827] loop4: detected capacity change from 0 to 1024
[   90.795990][ T5823] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[   90.811122][ T5823] EXT4-fs (loop3): 1 truncate cleaned up
[   90.834645][ T5827] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.893840][ T5833] loop3: detected capacity change from 0 to 512
[   90.902561][ T5833] EXT4-fs: Ignoring removed bh option
[   90.912562][ T5833] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   90.921867][ T5833] EXT4-fs (loop3): 1 truncate cleaned up
[   90.966685][ T5839] loop5: detected capacity change from 0 to 1024
[   90.996217][ T5841] loop4: detected capacity change from 0 to 1024
[   91.010920][ T5841] EXT4-fs: Ignoring removed oldalloc option
[   91.016909][ T5841] EXT4-fs: Ignoring removed bh option
[   91.037759][ T5847] ieee802154 phy0 wpan0: encryption failed: -22
[   91.074422][ T5853] loop0: detected capacity change from 0 to 512
[   91.082552][ T5853] EXT4-fs: Ignoring removed oldalloc option
[   91.153526][ T5839] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.153542][ T5853] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   91.198873][ T5862] loop3: detected capacity change from 0 to 1024
[   91.235987][ T5862] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.641: Failed to acquire dquot type 0
[   91.248160][ T5862] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   91.257949][ T5864] loop1: detected capacity change from 0 to 1024
[   91.263132][ T5862] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.641: corrupted inode contents
[   91.282517][ T5862] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #13: comm syz.3.641: mark_inode_dirty error
[   91.294515][ T5853] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.638: invalid indirect mapped block 4294967295 (level 0)
[   91.314892][ T5864] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.326921][ T5862] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.641: corrupted inode contents
[   91.333314][ T5853] EXT4-fs (loop0): Remounting filesystem read-only
[   91.338969][ T5862] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.641: mark_inode_dirty error
[   91.361158][ T5853] EXT4-fs (loop0): 1 orphan inode deleted
[   91.367058][ T5853] EXT4-fs (loop0): 1 truncate cleaned up
[   91.402208][ T5853] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   91.412570][ T5862] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.641: corrupted inode contents
[   91.436237][ T5862] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[   91.466014][ T5862] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.641: corrupted inode contents
[   91.515369][ T5862] EXT4-fs error (device loop3): ext4_truncate:4637: inode #13: comm syz.3.641: mark_inode_dirty error
[   91.590024][ T5879] netlink: 28 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[   91.598892][ T5879] netlink: 28 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[   91.611443][ T5879] syz_tun: entered promiscuous mode
[   91.617763][ T5879] syz_tun: left promiscuous mode
[   91.624201][ T5862] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[   91.637656][ T5862] EXT4-fs (loop3): 1 truncate cleaned up
[   92.022680][ T5898] loop3: detected capacity change from 0 to 512
[   92.064594][ T5900] loop1: detected capacity change from 0 to 1024
[   92.112291][ T5898] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.143023][ T5900] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.655: Failed to acquire dquot type 0
[   92.183348][ T5907] 9pnet_fd: Insufficient options for proto=fd
[   92.190487][ T5900] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   92.205454][ T5900] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #13: comm syz.1.655: corrupted inode contents
[   92.220625][ T5900] EXT4-fs error (device loop1): ext4_dirty_inode:6509: inode #13: comm syz.1.655: mark_inode_dirty error
[   92.232850][ T5900] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #13: comm syz.1.655: corrupted inode contents
[   92.250993][ T5900] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #13: comm syz.1.655: mark_inode_dirty error
[   92.280899][ T5900] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #13: comm syz.1.655: corrupted inode contents
[   92.293176][ T5900] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem
[   92.302293][ T5900] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #13: comm syz.1.655: corrupted inode contents
[   92.314675][ T5900] EXT4-fs error (device loop1): ext4_truncate:4637: inode #13: comm syz.1.655: mark_inode_dirty error
[   92.327222][ T5900] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem
[   92.340893][ T5900] EXT4-fs (loop1): 1 truncate cleaned up
[   92.504369][ T5921] loop4: detected capacity change from 0 to 1024
[   92.511786][ T5923] netlink: 12 bytes leftover after parsing attributes in process `syz.1.660'.
[   92.519231][ T5920] loop5: detected capacity change from 0 to 512
[   92.526050][ T5921] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   92.540178][ T5920] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   92.571026][ T5921] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   92.587555][ T5921] EXT4-fs (loop4): orphan cleanup on readonly fs
[   92.604571][ T5921] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz.4.664: Invalid inode table block 0 in block_group 0
[   92.613388][ T5932] loop1: detected capacity change from 0 to 1024
[   92.626682][ T5932] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   92.639119][ T5921] EXT4-fs (loop4): Remounting filesystem read-only
[   92.645746][ T5921] __quota_error: 493 callbacks suppressed
[   92.645767][ T5921] Quota error (device loop4): write_blk: dquota write failed
[   92.659036][ T5921] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   92.677237][ T5921] EXT4-fs (loop4): 1 truncate cleaned up
[   92.683570][ T5932] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   92.691747][ T5932] EXT4-fs (loop1): orphan cleanup on readonly fs
[   92.719883][ T5937] loop5: detected capacity change from 0 to 512
[   92.720841][ T5932] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz.1.666: Invalid inode table block 0 in block_group 0
[   92.731548][ T5937] EXT4-fs: Ignoring removed bh option
[   92.744642][ T5937] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[   92.754061][ T5932] EXT4-fs (loop1): Remounting filesystem read-only
[   92.760706][ T5932] Quota error (device loop1): write_blk: dquota write failed
[   92.768138][ T5932] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   92.778283][ T5932] EXT4-fs (loop1): 1 truncate cleaned up
[   92.785941][ T5932] FAULT_INJECTION: forcing a failure.
[   92.785941][ T5932] name failslab, interval 1, probability 0, space 0, times 0
[   92.798643][ T5932] CPU: 0 UID: 0 PID: 5932 Comm: syz.1.666 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   92.798677][ T5932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   92.798693][ T5932] Call Trace:
[   92.798708][ T5932]  <TASK>
[   92.798778][ T5932]  __dump_stack+0x1d/0x30
[   92.798878][ T5932]  dump_stack_lvl+0xe8/0x140
[   92.798887][ T5937] EXT4-fs (loop5): 1 truncate cleaned up
[   92.798905][ T5932]  dump_stack+0x15/0x1b
[   92.798928][ T5932]  should_fail_ex+0x265/0x280
[   92.798980][ T5932]  should_failslab+0x8c/0xb0
[   92.799060][ T5932]  kmem_cache_alloc_noprof+0x50/0x480
[   92.799100][ T5932]  ? getname_flags+0x80/0x3b0
[   92.799143][ T5932]  getname_flags+0x80/0x3b0
[   92.799234][ T5932]  do_sys_openat2+0x60/0x110
[   92.799285][ T5932]  __x64_sys_open+0xe6/0x110
[   92.799365][ T5932]  x64_sys_call+0x1457/0x3000
[   92.799398][ T5932]  do_syscall_64+0xd2/0x200
[   92.799446][ T5932]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   92.799485][ T5932]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   92.799518][ T5932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.799549][ T5932] RIP: 0033:0x7fd4189feec9
[   92.799572][ T5932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.799659][ T5932] RSP: 002b:00007fd417467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   92.799686][ T5932] RAX: ffffffffffffffda RBX: 00007fd418c55fa0 RCX: 00007fd4189feec9
[   92.799713][ T5932] RDX: 0000000000000000 RSI: 0000000000109042 RDI: 0000200000000380
[   92.799731][ T5932] RBP: 00007fd417467090 R08: 0000000000000000 R09: 0000000000000000
[   92.799748][ T5932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.799776][ T5932] R13: 00007fd418c56038 R14: 00007fd418c55fa0 R15: 00007ffd8eaaaf38
[   92.799806][ T5932]  </TASK>
[   93.070531][ T5952] vhci_hcd: default hub control req: 0510 v2938 i0001 l238
[   93.091294][ T5953] loop3: detected capacity change from 0 to 512
[   93.114120][ T5953] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.181021][ T5958] netlink: 12 bytes leftover after parsing attributes in process `syz.0.677'.
[   93.649188][ T5974] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   93.687071][ T5974] tipc: Disabling bearer <eth:syzkaller0>
[   93.698746][ T5980] vhci_hcd: invalid port number 96
[   93.703996][ T5980] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[   93.756498][   T29] audit: type=1400 audit(1760326771.810:2456): avc:  denied  { create } for  pid=5979 comm="syz.3.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   93.792048][ T5980] IPv6: NLM_F_CREATE should be specified when creating new route
[   93.853096][ T5988] loop0: detected capacity change from 0 to 1024
[   93.855526][ T5990] loop3: detected capacity change from 0 to 1024
[   93.860267][ T5988] EXT4-fs: Ignoring removed nobh option
[   93.871584][ T5988] EXT4-fs: Ignoring removed bh option
[   93.877608][ T5990] EXT4-fs: Ignoring removed nobh option
[   93.879896][   T29] audit: type=1400 audit(1760326771.810:2457): avc:  denied  { ioctl } for  pid=5979 comm="syz.3.682" path="socket:[12376]" dev="sockfs" ino=12376 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   93.883388][ T5990] EXT4-fs: Ignoring removed bh option
[   93.920826][ T5990] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   93.930898][ T5988] EXT4-fs (loop0): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   94.035368][ T5996] netlink: 12 bytes leftover after parsing attributes in process `syz.1.689'.
[   94.048136][ T5997] netlink: 19 bytes leftover after parsing attributes in process `syz.5.688'.
[   94.105956][ T6003] FAULT_INJECTION: forcing a failure.
[   94.105956][ T6003] name failslab, interval 1, probability 0, space 0, times 0
[   94.118659][ T6003] CPU: 0 UID: 0 PID: 6003 Comm: wÞ£ÿ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.118690][ T6003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   94.118742][ T6003] Call Trace:
[   94.118749][ T6003]  <TASK>
[   94.118756][ T6003]  __dump_stack+0x1d/0x30
[   94.118779][ T6003]  dump_stack_lvl+0xe8/0x140
[   94.118825][ T6003]  dump_stack+0x15/0x1b
[   94.118879][ T6003]  should_fail_ex+0x265/0x280
[   94.118914][ T6003]  should_failslab+0x8c/0xb0
[   94.119026][ T6003]  kmem_cache_alloc_noprof+0x50/0x480
[   94.119053][ T6003]  ? skb_clone+0x151/0x1f0
[   94.119115][ T6003]  skb_clone+0x151/0x1f0
[   94.119239][ T6003]  nfnetlink_rcv+0x2fc/0x16c0
[   94.119268][ T6003]  ? kmem_cache_free+0xe4/0x3d0
[   94.119348][ T6003]  ? __kfree_skb+0x109/0x150
[   94.119380][ T6003]  ? nlmon_xmit+0x4f/0x60
[   94.119412][ T6003]  ? nlmon_xmit+0x4f/0x60
[   94.119546][ T6003]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   94.119588][ T6003]  ? __dev_queue_xmit+0x1200/0x2000
[   94.119625][ T6003]  ? __dev_queue_xmit+0x182/0x2000
[   94.119793][ T6003]  ? ref_tracker_free+0x37d/0x3e0
[   94.119842][ T6003]  netlink_unicast+0x5c0/0x690
[   94.119878][ T6003]  netlink_sendmsg+0x58b/0x6b0
[   94.120032][ T6003]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.120117][ T6003]  __sock_sendmsg+0x145/0x180
[   94.120228][ T6003]  ____sys_sendmsg+0x31e/0x4e0
[   94.120271][ T6003]  ___sys_sendmsg+0x17b/0x1d0
[   94.120327][ T6003]  __x64_sys_sendmsg+0xd4/0x160
[   94.120397][ T6003]  x64_sys_call+0x191e/0x3000
[   94.120425][ T6003]  do_syscall_64+0xd2/0x200
[   94.120453][ T6003]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   94.120517][ T6003]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   94.120577][ T6003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.120605][ T6003] RIP: 0033:0x7f5a5066eec9
[   94.120625][ T6003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.120650][ T6003] RSP: 002b:00007f5a4f0cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.120669][ T6003] RAX: ffffffffffffffda RBX: 00007f5a508c5fa0 RCX: 00007f5a5066eec9
[   94.120681][ T6003] RDX: 0000000020008000 RSI: 0000200000000500 RDI: 0000000000000005
[   94.120768][ T6003] RBP: 00007f5a4f0cf090 R08: 0000000000000000 R09: 0000000000000000
[   94.120781][ T6003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.120793][ T6003] R13: 00007f5a508c6038 R14: 00007f5a508c5fa0 R15: 00007ffcd7fedf08
[   94.120812][ T6003]  </TASK>
[   94.392478][ T6005] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125
[   94.402932][ T6007] SELinux: failed to load policy
[   94.453743][ T6011] loop4: detected capacity change from 0 to 1024
[   94.482662][   T29] audit: type=1400 audit(1760326772.540:2458): avc:  denied  { mounton } for  pid=6009 comm="syz.4.696" path=2F3132302FE91F7189591E9233614B dev="tmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[   94.566619][   T29] audit: type=1400 audit(1760326772.570:2459): avc:  denied  { create } for  pid=6014 comm="syz.3.692" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   94.587396][   T29] audit: type=1400 audit(1760326772.570:2460): avc:  denied  { write } for  pid=6014 comm="syz.3.692" name="file0" dev="tmpfs" ino=797 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   94.609759][   T29] audit: type=1400 audit(1760326772.570:2461): avc:  denied  { open } for  pid=6014 comm="syz.3.692" path="/144/file0" dev="tmpfs" ino=797 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   94.624758][ T6025] loop0: detected capacity change from 0 to 1024
[   94.641724][ T6025] EXT4-fs: Ignoring removed nobh option
[   94.647500][ T6025] EXT4-fs: Ignoring removed bh option
[   94.658509][ T6025] EXT4-fs (loop0): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   94.714509][ T6033] loop3: detected capacity change from 0 to 1024
[   94.747569][ T6033] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.018038][ T6040] syzkaller0: entered promiscuous mode
[   95.023607][ T6040] syzkaller0: entered allmulticast mode
[   95.426233][ T6053] lo speed is unknown, defaulting to 1000
[   95.652750][ T6058] loop4: detected capacity change from 0 to 1024
[   95.713666][ T6058] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   95.724654][ T6058] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   95.797329][ T6061] netlink: 12 bytes leftover after parsing attributes in process `syz.3.712'.
[   95.859341][ T6058] JBD2: no valid journal superblock found
[   95.865154][ T6058] EXT4-fs (loop4): Could not load journal inode
[   95.978851][ T6058] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   96.076431][ T6069] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[   96.093787][ T6069] siw: device registration error -23
[   96.120465][ T6071] netlink: 232 bytes leftover after parsing attributes in process `syz.4.710'.
[   96.460872][ T6079] loop3: detected capacity change from 0 to 1024
[   96.474297][ T6079] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.718: Failed to acquire dquot type 0
[   96.501202][ T6079] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   96.524093][ T6079] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.718: corrupted inode contents
[   96.545781][ T6085] netlink: 60 bytes leftover after parsing attributes in process `syz.4.720'.
[   96.554737][ T6085] netlink: 60 bytes leftover after parsing attributes in process `syz.4.720'.
[   96.564115][ T6079] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #13: comm syz.3.718: mark_inode_dirty error
[   96.576016][ T6079] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.718: corrupted inode contents
[   96.596453][ T6087] netlink: 4 bytes leftover after parsing attributes in process `syz.4.720'.
[   96.605466][ T6085] netlink: 60 bytes leftover after parsing attributes in process `syz.4.720'.
[   96.614397][ T6085] netlink: 60 bytes leftover after parsing attributes in process `syz.4.720'.
[   96.625383][ T6079] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.718: mark_inode_dirty error
[   96.636823][ T6079] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.718: corrupted inode contents
[   96.649751][ T6079] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[   96.658898][ T6079] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.718: corrupted inode contents
[   96.672080][ T6087] Cannot find del_set index 0 as target
[   96.681642][ T6079] EXT4-fs error (device loop3): ext4_truncate:4637: inode #13: comm syz.3.718: mark_inode_dirty error
[   96.693085][ T6079] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[   96.755736][ T6085] netlink: 60 bytes leftover after parsing attributes in process `syz.4.720'.
[   96.756174][ T6079] EXT4-fs (loop3): 1 truncate cleaned up
[   96.764811][ T6085] netlink: 60 bytes leftover after parsing attributes in process `syz.4.720'.
[   96.907461][ T6097] loop4: detected capacity change from 0 to 512
[   96.926141][ T6097] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.943509][ T6099] SELinux: failed to load policy
[   97.249434][ T6112] loop4: detected capacity change from 0 to 512
[   97.256427][ T6112] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   97.290783][ T6112] EXT4-fs (loop4): 1 truncate cleaned up
[   97.454688][ T6129] loop1: detected capacity change from 0 to 512
[   97.485949][ T6129] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.535023][ T6129] syz2: rxe_newlink: already configured on bond0
[   97.579361][ T6138] netlink: 12 bytes leftover after parsing attributes in process `syz.4.740'.
[   97.619522][ T6140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   97.640998][ T6140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.671635][   T29] kauditd_printk_skb: 82 callbacks suppressed
[   97.671687][   T29] audit: type=1326 audit(1760327031.735:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6142 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   97.708859][ T6143] loop1: detected capacity change from 0 to 256
[   97.717033][ T6143] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   97.739611][ T6143] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   97.769631][   T29] audit: type=1326 audit(1760327031.765:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6142 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   97.793106][   T29] audit: type=1326 audit(1760327031.765:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6142 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   97.816506][   T29] audit: type=1326 audit(1760327031.765:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6142 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   97.840422][   T29] audit: type=1326 audit(1760327031.765:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6142 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   97.863772][   T29] audit: type=1326 audit(1760327031.765:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6142 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   97.887215][   T29] audit: type=1326 audit(1760327031.765:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6142 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   97.910815][   T29] audit: type=1326 audit(1760327031.765:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6142 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   97.934163][   T29] audit: type=1326 audit(1760327031.765:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6142 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   97.957649][   T29] audit: type=1326 audit(1760327031.765:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6142 comm="syz.1.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4189feec9 code=0x7ffc0000
[   98.148003][ T6157] loop5: detected capacity change from 0 to 1024
[   98.163074][ T6157] EXT4-fs: Ignoring removed nobh option
[   98.168713][ T6157] EXT4-fs: Ignoring removed bh option
[   98.192752][ T6157] EXT4-fs (loop5): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   98.399563][ T6169] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   98.425900][ T6169] tipc: Disabling bearer <eth:syzkaller0>
[   98.528919][ T6176] loop1: detected capacity change from 0 to 1024
[   98.591447][ T6176] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.754: Failed to acquire dquot type 0
[   98.734509][ T6176] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   98.760636][ T6176] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #13: comm syz.1.754: corrupted inode contents
[   98.802852][ T6176] EXT4-fs error (device loop1): ext4_dirty_inode:6509: inode #13: comm syz.1.754: mark_inode_dirty error
[   98.823939][ T6176] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #13: comm syz.1.754: corrupted inode contents
[   98.853614][ T6176] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #13: comm syz.1.754: mark_inode_dirty error
[   98.879368][ T6176] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #13: comm syz.1.754: corrupted inode contents
[   98.892237][ T6176] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem
[   98.912590][ T6198] loop5: detected capacity change from 0 to 512
[   98.927438][ T6198] EXT4-fs: Ignoring removed bh option
[   98.945280][ T6176] EXT4-fs error (device loop1): ext4_do_update_inode:5624: inode #13: comm syz.1.754: corrupted inode contents
[   98.958550][ T6198] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[   98.972521][ T6176] EXT4-fs error (device loop1): ext4_truncate:4637: inode #13: comm syz.1.754: mark_inode_dirty error
[   98.973115][ T6198] EXT4-fs (loop5): 1 truncate cleaned up
[   98.998381][ T6176] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem
[   99.081795][ T6176] EXT4-fs (loop1): 1 truncate cleaned up
[   99.093104][ T6204] loop3: detected capacity change from 0 to 512
[   99.116351][ T6195] syzkaller0: entered promiscuous mode
[   99.122167][ T6195] syzkaller0: entered allmulticast mode
[   99.128476][ T6204] EXT4-fs: Ignoring removed bh option
[   99.141676][ T6204] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   99.155391][ T6204] EXT4-fs (loop3): 1 truncate cleaned up
[   99.198638][ T6211] loop1: detected capacity change from 0 to 512
[   99.248935][ T6211] journal_path: Non-blockdev passed as './file2'
[   99.255428][ T6211] EXT4-fs: error: could not find journal device path
[   99.459218][ T6223] loop3: detected capacity change from 0 to 1024
[   99.469688][ T6223] EXT4-fs: Ignoring removed nobh option
[   99.475452][ T6223] EXT4-fs: Ignoring removed bh option
[   99.485108][ T6223] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   99.550796][ T6231] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   99.587639][ T6231] tipc: Disabling bearer <eth:syzkaller0>
[   99.704099][ T6239] loop4: detected capacity change from 0 to 512
[   99.721166][ T6239] EXT4-fs: Ignoring removed oldalloc option
[   99.741324][ T6239] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   99.763525][ T6239] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.781: invalid indirect mapped block 4294967295 (level 0)
[   99.777796][ T6239] EXT4-fs (loop4): Remounting filesystem read-only
[   99.784463][ T6239] EXT4-fs (loop4): 1 orphan inode deleted
[   99.790257][ T6239] EXT4-fs (loop4): 1 truncate cleaned up
[   99.796626][ T6239] EXT4-fs mount: 101 callbacks suppressed
[   99.796645][ T6239] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.819462][ T6239] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   99.849517][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.888568][ T6235] netlink: 'syz.3.779': attribute type 4 has an invalid length.
[  100.015940][ T6255] loop3: detected capacity change from 0 to 1024
[  100.033960][ T6255] EXT4-fs: Ignoring removed nobh option
[  100.039588][ T6255] EXT4-fs: Ignoring removed bh option
[  100.068269][ T6259] vhci_hcd: invalid port number 96
[  100.073476][ T6259] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  100.088398][ T6255] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  100.102143][ T6255] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.110446][ T6259] netlink: 'syz.5.786': attribute type 13 has an invalid length.
[  100.122589][ T6265] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  100.129119][ T6265] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  100.136803][ T6265] vhci_hcd vhci_hcd.0: Device attached
[  100.161738][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.216716][ T6268] vhci_hcd: connection closed
[  100.217308][ T4888] vhci_hcd: stop threads
[  100.227073][ T4888] vhci_hcd: release socket
[  100.231529][ T4888] vhci_hcd: disconnect device
[  100.366088][ T6259] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.373516][ T6259] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.420873][ T6259] tipc: Resetting bearer <eth:team0>
[  100.535556][ T6290] loop3: detected capacity change from 0 to 512
[  100.546113][ T6290] EXT4-fs: Ignoring removed oldalloc option
[  100.566584][ T6290] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  100.591962][ T6259] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.620338][ T6290] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.794: invalid indirect mapped block 4294967295 (level 0)
[  100.646338][ T6259] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.661004][ T6290] EXT4-fs (loop3): Remounting filesystem read-only
[  100.677315][ T6290] EXT4-fs (loop3): 1 orphan inode deleted
[  100.683539][ T6290] EXT4-fs (loop3): 1 truncate cleaned up
[  100.719949][ T6271] pimreg: entered allmulticast mode
[  100.737638][ T6276] pimreg: left allmulticast mode
[  100.794646][ T6290] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.819323][ T6303] loop4: detected capacity change from 0 to 512
[  100.836647][   T37] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.893860][  T266] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.948535][ T6309] loop5: detected capacity change from 0 to 1024
[  100.955229][  T266] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.957681][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.966018][ T6303] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.994905][  T266] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  101.002707][ T6312] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  101.019877][ T6303] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.034358][ T6312] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  101.044370][ T6309] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  101.065266][ T6309] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.134082][ T6308] lo speed is unknown, defaulting to 1000
[  101.143688][ T6303] rdma_rxe: rxe_newlink: failed to add bond0
[  101.163709][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.194758][ T3611] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  101.275411][ T6329] loop4: detected capacity change from 0 to 1024
[  101.321199][ T6329] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  101.374714][ T6329] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.423989][ T6331] loop5: detected capacity change from 0 to 512
[  101.437312][ T6331] EXT4-fs: Ignoring removed bh option
[  101.500750][ T6331] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  101.539069][ T6331] EXT4-fs (loop5): 1 truncate cleaned up
[  101.572249][ T6331] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.673103][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  101.853707][ T3611] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.101290][ T6347] loop5: detected capacity change from 0 to 512
[  102.127749][ T6347] EXT4-fs warning (device loop5): ext4_xattr_inode_get:560: inode #11: comm syz.5.809: EA inode hash validation failed
[  102.140490][ T6347] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.809: corrupted inode contents
[  102.163852][ T6347] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #15: comm syz.5.809: mark_inode_dirty error
[  102.205029][ T6353] syz2: rxe_newlink: already configured on bond0
[  102.214826][ T6347] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #15: comm syz.5.809: corrupted inode contents
[  102.254215][ T6347] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2996: inode #15: comm syz.5.809: mark_inode_dirty error
[  102.270054][ T6359] loop4: detected capacity change from 0 to 512
[  102.285120][ T6347] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2999: inode #15: comm syz.5.809: mark inode dirty (error -117)
[  102.292934][ T6359] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.317885][ T6359] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.328610][ T6347] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117)
[  102.345369][ T6347] EXT4-fs (loop5): 1 orphan inode deleted
[  102.360516][ T6347] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.436235][ T3611] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.476295][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.501252][ T6372] loop5: detected capacity change from 0 to 512
[  102.529148][ T6375] loop4: detected capacity change from 0 to 512
[  102.536199][ T6375] EXT4-fs: Ignoring removed bh option
[  102.545362][ T6372] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.561153][ T6375] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  102.585915][ T6375] EXT4-fs (loop4): 1 truncate cleaned up
[  102.597711][ T6375] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.616045][ T6372] ext4 filesystem being mounted at /157/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  102.690272][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.720079][ T6372] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.819: corrupted inode contents
[  102.790902][ T6372] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #2: comm syz.5.819: mark_inode_dirty error
[  102.833584][ T6372] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.819: corrupted inode contents
[  102.881793][ T6372] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.819: mark_inode_dirty error
[  102.922681][   T29] kauditd_printk_skb: 478 callbacks suppressed
[  102.922699][   T29] audit: type=1326 audit(1760327036.985:3028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.0.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5066eec9 code=0x7ffc0000
[  102.952397][ T6381] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.819: corrupted inode contents
[  102.967790][ T6381] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #2: comm syz.5.819: mark_inode_dirty error
[  102.971605][   T29] audit: type=1326 audit(1760327037.025:3029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.0.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a5066eec9 code=0x7ffc0000
[  103.004840][   T29] audit: type=1326 audit(1760327037.045:3030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.0.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5066eec9 code=0x7ffc0000
[  103.028361][   T29] audit: type=1326 audit(1760327037.045:3031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.0.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a5066eec9 code=0x7ffc0000
[  103.046782][ T6381] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.819: corrupted inode contents
[  103.051991][   T29] audit: type=1326 audit(1760327037.045:3032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.0.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5066eec9 code=0x7ffc0000
[  103.064123][ T6388] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.819: corrupted inode contents
[  103.086895][   T29] audit: type=1326 audit(1760327037.045:3033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.0.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5066eec9 code=0x7ffc0000
[  103.113625][ T6388] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #2: comm syz.5.819: mark_inode_dirty error
[  103.122080][   T29] audit: type=1326 audit(1760327037.045:3034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.0.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a5066eec9 code=0x7ffc0000
[  103.156565][   T29] audit: type=1326 audit(1760327037.045:3035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.0.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5066eec9 code=0x7ffc0000
[  103.179948][   T29] audit: type=1326 audit(1760327037.045:3036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.0.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5066eec9 code=0x7ffc0000
[  103.180508][ T6388] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #2: comm syz.5.819: corrupted inode contents
[  103.203637][   T29] audit: type=1326 audit(1760327037.045:3037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6399 comm="syz.0.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a5066eec9 code=0x7ffc0000
[  103.239507][ T6409] __nla_validate_parse: 10 callbacks suppressed
[  103.239527][ T6409] netlink: 12 bytes leftover after parsing attributes in process `syz.4.833'.
[  103.260713][ T6408] wg2: entered promiscuous mode
[  103.265631][ T6408] wg2: entered allmulticast mode
[  103.303405][ T6408] loop4: detected capacity change from 0 to 512
[  103.341098][ T6408] EXT4-fs (loop4): 1 orphan inode deleted
[  103.347318][ T6408] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.361906][  T373] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 1
[  103.374389][ T6408] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.498992][ T3611] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.509752][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.593288][ T6426] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  103.610706][ T6426] siw: device registration error -23
[  103.983899][ T6447] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  104.070016][ T6457] loop4: detected capacity change from 0 to 2048
[  104.131487][ T5365] Alternate GPT is invalid, using primary GPT.
[  104.137864][ T5365]  loop4: p1 p2 p3
[  104.192432][ T6457] Alternate GPT is invalid, using primary GPT.
[  104.198920][ T6457]  loop4: p1 p2 p3
[  104.329766][ T6471] loop3: detected capacity change from 0 to 1024
[  104.462081][ T6471] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.854: Failed to acquire dquot type 0
[  104.518671][ T6471] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  104.713764][ T3605] udevd[3605]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  104.734780][ T5366] udevd[5366]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  104.745091][ T5365] udevd[5365]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  104.755204][ T6471] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.854: corrupted inode contents
[  104.777508][ T6471] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #13: comm syz.3.854: mark_inode_dirty error
[  104.828632][ T6471] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.854: corrupted inode contents
[  104.848811][ T5366] udevd[5366]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  104.861373][ T3605] udevd[3605]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  104.876113][ T5365] udevd[5365]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  104.928833][ T6471] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.854: mark_inode_dirty error
[  104.940380][ T6471] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.854: corrupted inode contents
[  104.963881][ T6471] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[  105.042113][ T6471] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.854: corrupted inode contents
[  105.056685][ T6471] EXT4-fs error (device loop3): ext4_truncate:4637: inode #13: comm syz.3.854: mark_inode_dirty error
[  105.069547][ T6471] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[  105.081756][ T6471] EXT4-fs (loop3): 1 truncate cleaned up
[  105.090375][ T6471] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.127146][ T6487] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.859'.
[  105.136508][ T6487] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  105.144915][ T6487] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  105.202158][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.366653][ T6495] netlink: 4 bytes leftover after parsing attributes in process `syz.3.862'.
[  105.377333][ T6495] netlink: 5452 bytes leftover after parsing attributes in process `syz.3.862'.
[  105.404750][ T6506] netlink: 12 bytes leftover after parsing attributes in process `syz.5.868'.
[  105.513585][ T6518] loop5: detected capacity change from 0 to 1024
[  105.558864][ T6518] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.873: Failed to acquire dquot type 0
[  105.576001][ T6518] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  105.625452][ T6518] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #13: comm syz.5.873: corrupted inode contents
[  105.648632][ T6518] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #13: comm syz.5.873: mark_inode_dirty error
[  105.663936][ T6534] netlink: 19 bytes leftover after parsing attributes in process `syz.3.880'.
[  105.673880][ T6518] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #13: comm syz.5.873: corrupted inode contents
[  105.702932][ T6537] unsupported nla_type 52263
[  105.708919][ T6518] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.873: mark_inode_dirty error
[  105.721980][ T6518] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #13: comm syz.5.873: corrupted inode contents
[  105.734145][ T6518] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[  105.747420][ T6536] loop4: detected capacity change from 0 to 512
[  105.755115][ T6518] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #13: comm syz.5.873: corrupted inode contents
[  105.782460][ T6518] EXT4-fs error (device loop5): ext4_truncate:4637: inode #13: comm syz.5.873: mark_inode_dirty error
[  105.801953][ T6518] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[  105.812183][ T6536] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.841337][ T6518] EXT4-fs (loop5): 1 truncate cleaned up
[  105.842921][ T6536] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.847389][ T6518] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.906925][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.931426][ T3611] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.003916][ T6546] loop4: detected capacity change from 0 to 1024
[  106.033007][ T6546] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  106.056552][ T6546] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.107664][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  106.123751][ T6556] vhci_hcd: invalid port number 96
[  106.128943][ T6556] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  106.157043][ T6561] ieee802154 phy0 wpan0: encryption failed: -22
[  106.167498][ T6556] IPv6: NLM_F_CREATE should be specified when creating new route
[  106.220218][ T6567] loop5: detected capacity change from 0 to 1024
[  106.229596][ T6570] netlink: 16 bytes leftover after parsing attributes in process `syz.0.894'.
[  106.231749][ T6567] EXT4-fs: Ignoring removed orlov option
[  106.243550][ T6570] netlink: 24 bytes leftover after parsing attributes in process `syz.0.894'.
[  106.257171][ T6568] loop4: detected capacity change from 0 to 512
[  106.270144][ T6567] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  106.284516][ T6568] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.309124][ T6568] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.319963][ T6567] ext4 filesystem being mounted at /172/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.345461][ T6567] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.892: Freeing blocks not in datazone - block = 0, count = 16
[  106.380129][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.390021][  T266] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  106.407674][  T266] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  106.420043][  T266] EXT4-fs (loop5): This should not happen!! Data will be lost
[  106.420043][  T266] 
[  106.429776][  T266] EXT4-fs (loop5): Total free blocks count 0
[  106.435846][  T266] EXT4-fs (loop5): Free/Dirty block details
[  106.441812][  T266] EXT4-fs (loop5): free_blocks=4293918736
[  106.447619][  T266] EXT4-fs (loop5): dirty_blocks=16
[  106.452803][  T266] EXT4-fs (loop5): Block reservation details
[  106.458846][  T266] EXT4-fs (loop5): i_reserved_data_blocks=1
[  106.473638][ T3611] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  106.540115][ T6580] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  106.563279][ T6580] tipc: Disabling bearer <eth:syzkaller0>
[  106.699114][ T6594] netlink: 824 bytes leftover after parsing attributes in process `syz.5.902'.
[  106.719602][ T6601] FAULT_INJECTION: forcing a failure.
[  106.719602][ T6601] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.732733][ T6601] CPU: 0 UID: 0 PID: 6601 Comm: syz.4.906 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  106.732770][ T6601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  106.732788][ T6601] Call Trace:
[  106.732797][ T6601]  <TASK>
[  106.732807][ T6601]  __dump_stack+0x1d/0x30
[  106.732836][ T6601]  dump_stack_lvl+0xe8/0x140
[  106.732864][ T6601]  dump_stack+0x15/0x1b
[  106.732924][ T6601]  should_fail_ex+0x265/0x280
[  106.732972][ T6601]  should_fail+0xb/0x20
[  106.733008][ T6601]  should_fail_usercopy+0x1a/0x20
[  106.733132][ T6601]  _copy_to_user+0x20/0xa0
[  106.733165][ T6601]  simple_read_from_buffer+0xb5/0x130
[  106.733196][ T6601]  proc_fail_nth_read+0x10e/0x150
[  106.733277][ T6601]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  106.733315][ T6601]  vfs_read+0x1a8/0x770
[  106.733343][ T6601]  ? __rcu_read_unlock+0x4f/0x70
[  106.733370][ T6601]  ? __fget_files+0x184/0x1c0
[  106.733400][ T6601]  ksys_read+0xda/0x1a0
[  106.733429][ T6601]  __x64_sys_read+0x40/0x50
[  106.733460][ T6601]  x64_sys_call+0x27c0/0x3000
[  106.733501][ T6601]  do_syscall_64+0xd2/0x200
[  106.733558][ T6601]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  106.733586][ T6601]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  106.733609][ T6601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.733700][ T6601] RIP: 0033:0x7fce14add8dc
[  106.733717][ T6601] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  106.733739][ T6601] RSP: 002b:00007fce13547030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  106.733766][ T6601] RAX: ffffffffffffffda RBX: 00007fce14d35fa0 RCX: 00007fce14add8dc
[  106.733783][ T6601] RDX: 000000000000000f RSI: 00007fce135470a0 RDI: 0000000000000004
[  106.733809][ T6601] RBP: 00007fce13547090 R08: 0000000000000000 R09: 0000000000000000
[  106.733825][ T6601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.733838][ T6601] R13: 00007fce14d36038 R14: 00007fce14d35fa0 R15: 00007ffc3af24718
[  106.733938][ T6601]  </TASK>
[  106.957838][ T6594] bond1: option arp_interval: mode dependency failed, not supported in mode balance-alb(6)
[  106.969774][ T6594] bond1 (unregistering): Released all slaves
[  108.006956][   T29] kauditd_printk_skb: 547 callbacks suppressed
[  108.006979][   T29] audit: type=1326 audit(1760327041.755:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6644 comm="syz.5.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbf6beeeec9 code=0x7ffc0000
[  108.036587][   T29] audit: type=1326 audit(1760327042.065:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6644 comm="syz.5.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf6beeeec9 code=0x7ffc0000
[  108.141298][   T29] audit: type=1326 audit(1760327042.065:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6644 comm="syz.5.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf6beeeec9 code=0x7ffc0000
[  108.165044][   T29] audit: type=1326 audit(1760327042.125:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6644 comm="syz.5.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbf6beeeec9 code=0x7ffc0000
[  108.188384][   T29] audit: type=1326 audit(1760327042.125:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6644 comm="syz.5.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf6beeeec9 code=0x7ffc0000
[  108.211882][   T29] audit: type=1326 audit(1760327042.125:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6644 comm="syz.5.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf6beeeec9 code=0x7ffc0000
[  108.235344][   T29] audit: type=1326 audit(1760327042.125:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6644 comm="syz.5.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fbf6beeeec9 code=0x7ffc0000
[  108.259028][   T29] audit: type=1326 audit(1760327042.125:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6644 comm="syz.5.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf6beeeec9 code=0x7ffc0000
[  108.282671][   T29] audit: type=1326 audit(1760327042.125:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6644 comm="syz.5.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf6beeeec9 code=0x7ffc0000
[  108.306133][   T29] audit: type=1326 audit(1760327042.125:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6644 comm="syz.5.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbf6beed710 code=0x7ffc0000
[  108.391801][ T6652] netlink: 12 bytes leftover after parsing attributes in process `syz.5.926'.
[  108.401279][ T6654] loop4: detected capacity change from 0 to 1024
[  108.433498][ T6654] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  108.453468][ T6654] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.601578][ T6665] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  108.610698][ T6659] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  108.681596][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  108.699462][ T6667] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  108.706038][ T6667] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  108.713760][ T6667] vhci_hcd vhci_hcd.0: Device attached
[  108.762478][ T6671] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  108.769120][ T6671] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  108.776904][ T6671] vhci_hcd vhci_hcd.0: Device attached
[  108.794737][ T6668] vhci_hcd: connection closed
[  108.795319][   T37] vhci_hcd: stop threads
[  108.804339][   T37] vhci_hcd: release socket
[  108.808798][   T37] vhci_hcd: disconnect device
[  108.883691][ T6673] vhci_hcd: connection closed
[  108.883914][   T37] vhci_hcd: stop threads
[  108.892968][   T37] vhci_hcd: release socket
[  108.897401][   T37] vhci_hcd: disconnect device
[  108.915175][ T6677] netlink: 19 bytes leftover after parsing attributes in process `syz.0.934'.
[  108.949766][ T6681] loop3: detected capacity change from 0 to 512
[  108.957653][ T6681] EXT4-fs: Ignoring removed bh option
[  108.965169][ T6681] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  108.981539][ T6681] EXT4-fs (loop3): 1 truncate cleaned up
[  108.992500][ T6681] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.042018][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.856519][ T6697] loop3: detected capacity change from 0 to 512
[  109.911856][ T6704] xt_TCPMSS: Only works on TCP SYN packets
[  109.915155][ T6697] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.942641][ T6697] ext4 filesystem being mounted at /190/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  109.963339][ T6709] program syz.5.946 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  110.026542][ T6697] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #2: comm syz.3.941: corrupted inode contents
[  110.048535][ T6697] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #2: comm syz.3.941: mark_inode_dirty error
[  110.066106][ T6718] netlink: 32 bytes leftover after parsing attributes in process `syz.1.951'.
[  110.093038][ T6697] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #2: comm syz.3.941: corrupted inode contents
[  110.105643][ T6697] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.941: mark_inode_dirty error
[  110.176666][ T6724] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #2: comm syz.3.941: corrupted inode contents
[  110.188879][ T6725] loop4: detected capacity change from 0 to 1024
[  110.198170][ T6724] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #2: comm syz.3.941: mark_inode_dirty error
[  110.203955][ T6728] ieee802154 phy0 wpan0: encryption failed: -22
[  110.228784][ T6725] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.953: Failed to acquire dquot type 0
[  110.245043][ T6724] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #2: comm syz.3.941: corrupted inode contents
[  110.258124][ T6725] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  110.273775][ T6725] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #13: comm syz.4.953: corrupted inode contents
[  110.319663][ T6725] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #13: comm syz.4.953: mark_inode_dirty error
[  110.333198][ T6725] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #13: comm syz.4.953: corrupted inode contents
[  110.348743][ T6725] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.953: mark_inode_dirty error
[  110.360452][ T6725] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #13: comm syz.4.953: corrupted inode contents
[  110.391211][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.465346][ T6725] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem
[  110.502457][ T6725] EXT4-fs error (device loop4): ext4_do_update_inode:5624: inode #13: comm syz.4.953: corrupted inode contents
[  110.553846][ T6725] EXT4-fs error (device loop4): ext4_truncate:4637: inode #13: comm syz.4.953: mark_inode_dirty error
[  110.598730][ T6725] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem
[  110.631169][ T6725] EXT4-fs (loop4): 1 truncate cleaned up
[  110.638389][ T6741] SELinux: failed to load policy
[  110.648682][ T6725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.666185][ T6741] sit0: entered promiscuous mode
[  110.671315][ T6741] netlink: 'syz.5.959': attribute type 1 has an invalid length.
[  110.679023][ T6741] netlink: 1 bytes leftover after parsing attributes in process `syz.5.959'.
[  110.737157][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.763422][ T3310] ==================================================================
[  110.771635][ T3310] BUG: KCSAN: data-race in find_get_block_common / has_bh_in_lru
[  110.779384][ T3310] 
[  110.781716][ T3310] read-write to 0xffff888237c26fd0 of 8 bytes by task 6746 on cpu 0:
[  110.789788][ T3310]  find_get_block_common+0x4f0/0x960
[  110.795097][ T3310]  bdev_getblk+0x83/0x3b0
[  110.799444][ T3310]  __ext4_get_inode_loc+0x303/0x930
[  110.804654][ T3310]  ext4_reserve_inode_write+0xd7/0x250
[  110.810128][ T3310]  __ext4_mark_inode_dirty+0x8c/0x3f0
[  110.815522][ T3310]  ext4_dirty_inode+0x92/0xc0
[  110.820208][ T3310]  __mark_inode_dirty+0x162/0x750
[  110.825260][ T3310]  file_update_time+0x288/0x2b0
[  110.830131][ T3310]  ext4_page_mkwrite+0x18c/0xb90
[  110.835077][ T3310]  handle_mm_fault+0x15ce/0x2be0
[  110.840026][ T3310]  do_user_addr_fault+0x630/0x1080
[  110.845147][ T3310]  exc_page_fault+0x62/0xa0
[  110.849654][ T3310]  asm_exc_page_fault+0x26/0x30
[  110.854512][ T3310] 
[  110.856840][ T3310] read to 0xffff888237c26fd0 of 8 bytes by task 3310 on cpu 1:
[  110.864388][ T3310]  has_bh_in_lru+0x35/0x1f0
[  110.868904][ T3310]  smp_call_function_many_cond+0x2a9/0xc60
[  110.874727][ T3310]  on_each_cpu_cond_mask+0x3c/0x80
[  110.879849][ T3310]  invalidate_bh_lrus+0x2a/0x30
[  110.884712][ T3310]  blkdev_flush_mapping+0x9a/0x1a0
[  110.889836][ T3310]  bdev_release+0x2bf/0x3d0
[  110.894355][ T3310]  blkdev_release+0x15/0x20
[  110.898868][ T3310]  __fput+0x29b/0x650
[  110.902870][ T3310]  ____fput+0x1c/0x30
[  110.906869][ T3310]  task_work_run+0x131/0x1a0
[  110.911474][ T3310]  exit_to_user_mode_loop+0xed/0x110
[  110.916777][ T3310]  do_syscall_64+0x1d6/0x200
[  110.921382][ T3310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.927289][ T3310] 
[  110.929611][ T3310] value changed: 0x0000000000000000 -> 0xffff888106ddfbc8
[  110.936716][ T3310] 
[  110.939041][ T3310] Reported by Kernel Concurrency Sanitizer on:
[  110.945192][ T3310] CPU: 1 UID: 0 PID: 3310 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  110.955098][ T3310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  110.965164][ T3310] ==================================================================
[  110.980373][ T6741] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma?
[  111.073045][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[  111.089501][ T6747] $Hÿ: renamed from bond0 (while UP)
[  111.099502][ T6747] $Hÿ: entered promiscuous mode
[  111.105497][ T6747] bond_slave_0: entered promiscuous mode
[  111.111757][ T6747] bond_slave_1: entered promiscuous mode
[  113.120654][ T3823] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  113.120676][ T3689] Bluetooth: hci0: command 0x1003 tx timeout