last executing test programs:

3.172710345s ago: executing program 0 (id=553):
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000d81abc16f60ed2f8dabfbd000000040000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000100b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x4b)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
socket$kcm(0x2, 0xa, 0x73)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
socket$kcm(0x2, 0xa, 0x73)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b708000000000000048af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2458a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ACTIVE_SLAVE={0x8}]}}}]}, 0x3c}}, 0x40)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={@map=0x1, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6e}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r8 = inotify_init1(0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000982aaf657025b20000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='kmem_cache_free\x00', r10, 0x0, 0x8001}, 0x18)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x2, 0x0, 0x0, 0x4, 0x0)
inotify_add_watch(r8, &(0x7f00000000c0)='.\x00', 0xa4000061)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

2.544736647s ago: executing program 0 (id=559):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = socket(0x10, 0x3, 0x9)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x7fffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r3, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000240)='kfree\x00', r5}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="a903030000000000000032000000b6004001", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x4004050)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r8, &(0x7f0000000100)={0x0, 0x20, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="40000000210a010900000000000000000a0000010900020073797a31000000000900010073797a31"], 0x40}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

1.538701717s ago: executing program 0 (id=578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000640)=r1}, 0x20)
setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000080)=0x6, 0x4)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000180)={'syztnl1\x00', &(0x7f00000000c0)={'syztnl2\x00', <r2=>0x0, 0x2f, 0x2, 0x10, 0x401, 0x9c250038a7761b8f, @empty, @private1, 0x80, 0xff07, 0x8, 0x7}})
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000003c0)={r2, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, 0x10)
openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f00000011c0), 0x1, 0x0)
socket(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r5], 0x2c}}, 0x0) (fail_nth: 1)

1.168484684s ago: executing program 0 (id=580):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000000)={<r1=>0x0, 0x7}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000080)={<r2=>r1, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x27}}}, 0x7, 0x3}, &(0x7f0000000140)=0x90)
mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000180)={r1, @in6={{0xa, 0x4e22, 0x7121, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x40}}}, 0x84)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000240)={0xfff1, 0x800, 0x5bbb, 0x4}, 0x8)
r3 = epoll_create1(0x80000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0x1, <r4=>0xffffffffffffffff}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000480)={@empty, <r5=>0x0}, &(0x7f00000004c0)=0x14)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000500)={0x6, <r6=>0x0}, 0x8)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x80000001, '\x00', 0x0, r3, 0x5, 0x4}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={0x1, <r8=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0x15, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, [@printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @generic={0x81, 0x2, 0x0, 0x5, 0xfff80000}, @ldst={0x1, 0x0, 0x2, 0x8, 0x9, 0x10, 0xfffffffffffffffc}, @ldst={0x2, 0x0, 0x2, 0xb, 0xb, 0xffffffffffffff9f, 0xfffffffffffffffc}, @jmp={0x5, 0x1, 0xb, 0x8, 0x6, 0xffffffffffffffff}]}, &(0x7f0000000400)='syzkaller\x00', 0x1, 0x27, &(0x7f0000000440)=""/39, 0x41100, 0x0, '\x00', r5, @xdp=0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r6, 0xffffffffffffffff, 0x0, &(0x7f0000000600)=[r7, r8, 0xffffffffffffffff], &(0x7f0000000640), 0x10, 0x6}, 0x94)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000740)={<r9=>r2, 0x8, 0x10}, &(0x7f0000000780)=0xc)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000007c0)={r9, 0xce38}, 0x8)
lremovexattr(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)=@random={'btrfs.', '^}+[:+\x00'})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000880)={0x0, ""/256, 0x0, 0x0, <r10=>0x0})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r7, 0xc0c89425, &(0x7f0000000a80)={"2f027d1277962ad7daaca8a3831e0c65", 0x0, <r11=>0x0, {0x80000001, 0x7}, {0x1, 0x4}, 0x3, [0x7, 0x1, 0x1, 0x1, 0x2, 0xfffffffffffffff8, 0x1, 0xcc, 0x4, 0x9, 0x1ff, 0x2, 0x5, 0x7, 0x4, 0x3]})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000b80)={"8122b19512e4031843c1c513d95fbee6", r10, r11, {0xa454, 0x7}, {0x9, 0x4}, 0xb, [0x755d, 0x3, 0xfffffffffffffffd, 0x9, 0x8, 0xc, 0x6, 0x203, 0x401, 0xfffffffffffffffa, 0x5, 0x1, 0x2, 0x8000, 0x180000, 0x3]})
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000c80)=0x4000000, 0xb, 0x5)
remap_file_pages(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x5, 0x4, 0x20)
r12 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r12, &(0x7f0000000ec0)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000e80)={&(0x7f0000000d00)=@flushpolicy={0x158, 0x1d, 0x1, 0x70bd25, 0x25dfdbfd, "", [@offload={0xc, 0x1c, {r5}}, @algo_auth_trunc={0x13a, 0x14, {{'sha1-avx2\x00'}, 0x770, 0x40, "c4e75129003bb1adc73a8511a99c45a1b8111d7c34c670db2448edb71c5a4a7fcaf0fcfc0eb351d03110078fb352dae37bb86e6a397bff2e473cd66843057de9a2f8daddc668493a5b43dca4fce44790a72162fb9c87edd7f58a9c4c09364f8a2f82397ef8ee3b53a2382d7a88217df68641bc56457d852bd004449dcd6268dbee0ccf39308bc9c09bdeba6579837e0522e4247089054cc34f0ebf5e72bee6795b451909a26a3fddc3e02e336ee5b05c6e7447d8ea86e5b289b7841b8dabbda38a691cc90f6d74fd6a920f2632f36cb06694d6485fecb6ce0902b365a2a7634964513df3e37c67faae582659518a"}}]}, 0x158}, 0x1, 0x0, 0x0, 0x81}, 0x20048854)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000f00)={r9, @in={{0x2, 0x4e24, @broadcast}}}, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000fc0)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f0000001000)=0x14)
r13 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r13, &(0x7f00000010c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001080), 0x2, 0x1}}, 0x20)
r14 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000001100), 0x2, 0x0)
splice(r14, &(0x7f0000001140)=0x9, r0, &(0x7f0000001180)=0x63, 0x1, 0xb)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)

1.139162187s ago: executing program 4 (id=581):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_io_uring_setup(0x6362, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(r1, 0x79b6, 0xf24, 0x22, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r4}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

1.091199322s ago: executing program 4 (id=583):
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x20000, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
timerfd_create(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETS2(r1, 0x402c542b, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d6163286165"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)

1.046447296s ago: executing program 0 (id=584):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10)
readahead(0xffffffffffffffff, 0xfffffffffffffffa, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r1}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076655468315f6d6163767461700000000900010073797a31000000002c000000050a01020000000000000000010020000c00024000000000000000010900010073797a310000000014"], 0xc8}}, 0x0)

1.045417476s ago: executing program 1 (id=586):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7081600000000007b8af8ff00000000bfa200000000000007020000f834e4aaadb075c5280000002d0100000000000085000000010000009576dbe5e90253a1e5456b6c3bc9ccb36bff0a25fcbbcca13df1486a2cb228cfd00a333fed0364ffabb44bc26b7881e2eab51182b0f54d69433b4111acaab040d27aa526e8375f5e3109c12a4a51856b60d201cd7063e89d73df6f2e503bfcad00cb0d0c703fe4b5b0095ab4a83d8acc78cad7b8f72e3a2081ef82ce9a0b0a28263c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'dvmrp0\x00'})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'wg1\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x2000001, {0x0, 0x0, 0x0, r5, {0x7, 0xa}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)

988.742632ms ago: executing program 0 (id=587):
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYRES64], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x84, 0x5, 0x0, 0x0, 0x0, 0x0, 0x123c6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x7}, 0x204, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mq_unlink(0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r0=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000009180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)

987.755202ms ago: executing program 2 (id=588):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb904021d0800fe007c05e8fe55a115000200fe80000000000000080005007a010401a80016002000034004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5", 0x6c}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000002cd581aa2f7700000ef998da0a1d2503a1614fae23cde347a2dc4d930b4e2168d0233a69d3538c56cbd099ac27c2afd0f5b99a5fa9df454b69e83e548e88b76ade1afbb6160dc4895f75b8272a1bbd1d214c7eb47142a13d57a783ba2b78bb11b795914bd6358c9ec1760aba42c91b11e3052912ffe03e75f356ea9632715308ac073faea90e30ddebd68247e0d2ac1466a26a8f5670c2ed5fd3bbfa23c5e2ce8eb5992cdb1d6337d1ce6295242749ef428015f4b0d3f4eb7814c4b673e6b0a9d5a95465cb6e777197a2f60172fcba458d07873b1f146f620c5f6a44b841bd6ef53e5353896b61", @ANYRESDEC, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffff1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x17d})
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={0xffffffffffffffff, &(0x7f0000000100)="84aef1e85b57b35d0f80609e0fc0c8aa9cfe250d", &(0x7f0000000340)=""/252}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES32, @ANYRESDEC], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b000000000000000000000006c40400000000007de2e9210f44820121005bfbccf66384a9d87f2684ef4f8c4e4cbba600a78ec31f1a3919cc55b05972ce87ae9a87152f60a6808e4d8878535b073c4ecd7fb303d55154ca12c71be8c1323a3faf5c55d5190fae63bb77ff867e40742812339b9f8f6a74c8193b9f938afb5b36b7c2f8d7fd7c651ab53164426638e9b8528788b6740b0b3428", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0100"/28], 0x50)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
rmdir(&(0x7f0000000c80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)

984.980482ms ago: executing program 4 (id=589):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x109040, 0x10)
renameat(r0, &(0x7f0000000200)='./file0\x00', r0, &(0x7f0000000340)='./file0/file0\x00')
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r4 = fcntl$dupfd(r3, 0x0, r3)
write$sndseq(r4, &(0x7f0000000040)=[{0x4, 0x7, 0x0, 0x0, @tick=0xf64b, {0x0, 0xb8}, {0x5, 0x6}, @control={0x2, 0x7f, 0x2}}, {0x0, 0x3, 0x0, 0x4, @time={0x83, 0xa77f}, {0x2, 0x4}, {0x0, 0x2}, @control={0x8, 0x4, 0x4c8}}], 0x38)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x18, 0x3a, 0xff, @empty, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @empty, [{0x0, 0x0, 'Qh'}]}}}}}}, 0x0)
ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f00000000c0)=0x7)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000180)={&(0x7f0000001480)=""/133, 0x85})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001380)=@newqdisc={0xec, 0x24, 0x1, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}, [@TCA_STAB={0x30, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x6, 0x9000, 0x7f, 0x2, 0x7, 0x400, 0x6}}, {0x10, 0x2, [0x3, 0xe3e, 0x80, 0x1ff, 0x8, 0x1]}}]}, @TCA_STAB={0x54, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x55, 0x97, 0x446c, 0x0, 0x1, 0x200, 0xa22, 0x6}}, {0x10, 0x2, [0x200, 0xfffc, 0x9a4, 0xe5e, 0x4, 0x7472]}}, {{0x1c, 0x1, {0x5b, 0x6, 0xe, 0xfb, 0x2, 0x10, 0x7, 0x1}}, {0x6, 0x2, [0x1fe1]}}]}, @TCA_RATE={0x6, 0x5, {0x6, 0x47}}, @qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x8, '\x00', 0x51d3, 0x5, 0xf83, 0x6}}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}, @TCA_RATE={0x6, 0x5, {0x6}}, @TCA_RATE={0x6, 0x5, {0x10, 0xe5}}]}, 0xec}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

912.536139ms ago: executing program 2 (id=590):
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[], 0x48)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
timerfd_create(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETS2(r1, 0x402c542b, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='kfree\x00', r2, 0x0, 0x8}, 0x18)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21c91c, &(0x7f0000000900)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@grpquota}, {@mblk_io_submit}, {@jqfmt_vfsold}, {@nodelalloc}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@grpjquota, 0x32}]}, 0x1e, 0x4ea, &(0x7f00000009c0)="$eJzs3VFrW9cdAPD/la3MSZzZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYR9gMMY22NOe9jLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHip1GllLr94MjnXt0r/7nXKGje+49XAXQt05HxJmIeFitVs9FxEijPNNIsVVPtfUe3L89W0tJVKvXPkoiknpZbbXxbe95tLHZUET8/jcRf0qejlve2FyaKRYLa43lfGV5NV/e2Dy/uDyzUFgorExNTV6avjx9cXqiI+0cjogrv3rvn3/736+vvPaTm29f/2D8z0mjPOJxOzqt3vRsui+aBiNibT+C9chg2kIAAL4Jmsf5P4yIczESA+nRHAAAAHCQVH8+HF8kEVUAAADgwMqkc2CTTK4xD2A4Mplcrj6H97txJFMslSs/ni+tr8zV58qORjYzv1gsTDTmCo9GNqktT6b5x8sXdixPRcTxiPjHyOF0OTdbKs71+uQHAAAA9ImjO8b/n47Ux//bfN6zygEAAACdM9rrCgAAAAD7zvgfAAAADj7jfwAAADjQfnv1ai1Vm/9/PXdjY32pdOP8XKG8lFten83NltZWcwul0kJ6z77l3d6vWCqt/jRW1m/lK4VyJV/e2Ly+XFpfqVxffOIvsAEAAIAuOv6Du28lEbH1s8NpqjnU60oBXTH4PCu/u3/1ALpvoNcVAHrmuX7/gQMl2+sKAD2X7PJ628k7r3e+LgAAwP4Y+17r6/8Du54b2Mp0qYrAPnH+D/qX6//Qv1z/h/6VjYEwkIf+ttstQIfajRX2fP2/Wn3uSgEAAB01nKYkk4tIzwMMRyaTy0UcS8cE2WR+sViYiIhvR8SbI9lv1ZYn0y2TXecMAwAAAAAAAAAAAAAAAAAAAAAAAAB11WoSVQAAAOBAi8i8n6R3848YGzk7vPP8wKHks5H0OSJu/ufav27NVCprk7Xyjx+VV/7dKL/QizMYAAAAwE7NcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTg/u3ZZupm3A9/GRGjreIPxlD6PBTZiDjySRKD27ZLImKgA/G37kTEiVbxk1q1YrRRi1bxD/c4/tEOxId+drfW//yi1fcvE6fT59bfv0tpD/Xi2vd/mUf930CL+LWyY3uMcfLeK/m28e9EnBxs3f804ydt+p8ze4z/xz9sbrZ7rfrfiLGWvz/JE7HyleXVfHlj8/zi8sxCYaGwMjU1eWn68vTF6Yn8/GKx0HhsGePv33/14bPaf6RN/NFd2n92j+3/8t6t+9+pZ7OPNk8exx8/0/rzP9Emfqbx+f+oka+9PtbMb9Xz2536/xunntX+uTbt3+3zH99j+8/97q/v7HFVAKALyhubSzPFYmGtrzMvtDdqh0UvRStezkxtv379zYf2tYZ/2V6SdObrUDsyfzn2/ItletotAQAA++DpMTAAAAAAAAAAAAAAAAAAAADQbd24nVh2R8yt9LETd88HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOicrwIAAP///B/QPg==")

893.919221ms ago: executing program 3 (id=591):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x75, &(0x7f0000000300)={&(0x7f0000000340)=@newlink={0x3c, 0x10, 0xffffff1f, 0x3, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_UDP_ZERO_CSUM6_TX={0x5, 0x9, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

861.686795ms ago: executing program 4 (id=592):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x109040, 0x10)
renameat(r0, &(0x7f0000000200)='./file0\x00', r0, &(0x7f0000000340)='./file0/file0\x00')
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = fcntl$dupfd(r2, 0x0, r2)
write$sndseq(r3, &(0x7f0000000040)=[{0x4, 0x7, 0x0, 0x0, @tick=0xf64b, {0x0, 0xb8}, {0x5, 0x6}, @control={0x2, 0x7f, 0x2}}, {0x0, 0x3, 0x0, 0x4, @time={0x83, 0xa77f}, {0x2, 0x4}, {0x0, 0x2}, @control={0x8, 0x4, 0x4c8}}], 0x38)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x18, 0x3a, 0xff, @empty, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @empty, [{0x0, 0x0, 'Qh'}]}}}}}}, 0x0)
ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f00000000c0)=0x7)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001380)=@newqdisc={0xec, 0x24, 0x1, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}, [@TCA_STAB={0x30, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x6, 0x9000, 0x7f, 0x2, 0x7, 0x400, 0x6}}, {0x10, 0x2, [0x3, 0xe3e, 0x80, 0x1ff, 0x8, 0x1]}}]}, @TCA_STAB={0x54, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x55, 0x97, 0x446c, 0x0, 0x1, 0x200, 0xa22, 0x6}}, {0x10, 0x2, [0x200, 0xfffc, 0x9a4, 0xe5e, 0x4, 0x7472]}}, {{0x1c, 0x1, {0x5b, 0x6, 0xe, 0xfb, 0x2, 0x10, 0x7, 0x1}}, {0x6, 0x2, [0x1fe1]}}]}, @TCA_RATE={0x6, 0x5, {0x6, 0x47}}, @qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x8, '\x00', 0x51d3, 0x5, 0xf83, 0x6}}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}, @TCA_RATE={0x6, 0x5, {0x6}}, @TCA_RATE={0x6, 0x5, {0x10, 0xe5}}]}, 0xec}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

851.468715ms ago: executing program 1 (id=593):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x109040, 0x10)
renameat(r0, &(0x7f0000000200)='./file0\x00', r0, &(0x7f0000000340)='./file0/file0\x00')
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8458, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r4 = fcntl$dupfd(r3, 0x0, r3)
write$sndseq(r4, &(0x7f0000000040)=[{0x4, 0x7, 0x0, 0x0, @tick=0xf64b, {0x0, 0xb8}, {0x5, 0x6}, @control={0x2, 0x7f, 0x2}}, {0x0, 0x3, 0x0, 0x4, @time={0x83, 0xa77f}, {0x2, 0x4}, {0x0, 0x2}, @control={0x8, 0x4, 0x4c8}}], 0x38)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x18, 0x3a, 0xff, @empty, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @empty, [{0x0, 0x0, 'Qh'}]}}}}}}, 0x0)
ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f00000000c0)=0x7)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000180)={&(0x7f0000001480)=""/133, 0x85})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001380)=@newqdisc={0xec, 0x24, 0x1, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}, [@TCA_STAB={0x30, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x6, 0x9000, 0x7f, 0x2, 0x7, 0x400, 0x6}}, {0x10, 0x2, [0x3, 0xe3e, 0x80, 0x1ff, 0x8, 0x1]}}]}, @TCA_STAB={0x54, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x55, 0x97, 0x446c, 0x0, 0x1, 0x200, 0xa22, 0x6}}, {0x10, 0x2, [0x200, 0xfffc, 0x9a4, 0xe5e, 0x4, 0x7472]}}, {{0x1c, 0x1, {0x5b, 0x6, 0xe, 0xfb, 0x2, 0x10, 0x7, 0x1}}, {0x6, 0x2, [0x1fe1]}}]}, @TCA_RATE={0x6, 0x5, {0x6, 0x47}}, @qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x8, '\x00', 0x51d3, 0x5, 0xf83, 0x6}}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}, @TCA_RATE={0x6, 0x5, {0x6}}, @TCA_RATE={0x6, 0x5, {0x10, 0xe5}}]}, 0xec}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

786.994472ms ago: executing program 3 (id=594):
r0 = socket$kcm(0x11, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x80000, {0x0, 0x0, 0x0, r5, {}, {0xffe6, 0xb}, {0xfff2, 0x7}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4048080)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x4, r5, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_setup(0x5229, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x2014, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000200), 0x2}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000540)={0x1, &(0x7f0000000300)=[{0x200000000006, 0x3, 0x2, 0x7ffc0002}]})
alarm(0x9)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1b, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x200, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8003}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x800000000006}, 0x18)
r7 = syz_open_procfs(0x0, &(0x7f0000000080)='net\x00')
getdents64(r7, &(0x7f0000003080)=""/4096, 0x1000)

731.394477ms ago: executing program 2 (id=595):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffe3e)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000180)=0x14)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x8, 0x6, &(0x7f0000000080)=@raw=[@jmp={0x5, 0x1, 0xa, 0x7, 0xb, 0x40, 0xfffffffffffffffc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @cb_func={0x18, 0x7, 0x4, 0x0, 0xfffffffffffffff8}, @map_fd={0x18, 0x2, 0x1, 0x0, r0}], &(0x7f0000000100)='GPL\x00', 0x1, 0xf7, &(0x7f0000000240)=""/247, 0x41000, 0x2, '\x00', r2, @fallback=0x13, r3, 0x8, &(0x7f0000000380)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000003c0)={0x2, 0x9, 0x2, 0xffffffff}, 0x10, 0x0, r1, 0x3, 0x0, &(0x7f0000000400)=[{0x4, 0x5, 0x2}, {0x4, 0x3, 0xf, 0x9}, {0x3, 0x3, 0x0, 0x2}], 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
pread64(r5, 0x0, 0x0, 0xbb65)

727.413498ms ago: executing program 1 (id=596):
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000001c0)='./file0\x00', 0x800000, &(0x7f0000000b40)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303136323134372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c696f636861727365743d6d61637475726b6973682c6e6f6e756d7461696c3d302c696f636861727365743d6b6f69382d72752c756e695f786c6174653d302c696f636861727365743d757466382c6572726f72733d636f6e74696e75652c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c7379735f696d6d757461626c652c757466383d302c002e39a45aa9edcfe08671a816cb673d99851079b41e699eacf742"], 0x1, 0x373, &(0x7f00000006c0)="$eJzs3U9rXFUUAPDTsfmr6WQhgop4qRvdDEn8Ag3SghhQYkeqC+HVTHTINBPmDZEpot259XMUl+4E8QtkoXt37rJx2UXpk8yfJpOOKSVOHtXfD8I9yT0nc+883uNuHufw1g93drbz2nbWjcq1FJWIqDyIWO5HA5eGY6Ufz8ZJ9+Kd6q0/3vj4088+WN/YuL6Z0o31m++upZSuvPnL19/8ePXX7ouf/HTl57k4WP788K+1Pw9eOXj18NHNr5p5auZpt91NWbrdbnez261G2mrmO7WUPmo1sryRmrt5ozM2v91q7+31Ura7tbS412nkecp2e2mn0Uvddup2ein7MmvuplqtlpYWg6ep39/czNYH8fwZedcuakFMQaeznh3dw3NPzNTvl7IgAKBU5z3/z/6r5/+ZcP6/SCfP//xXHZ3/Z4f37zjnfwAAAAAAAAAAAAAAeB48KIpqURTV0ViMXhIe/l7y8piyJ67/qZ+y18d0nXhxbz6i9f1+fb8+GAfz69vRjFY0YiWq8fDosTAyiG+8v3F9JfUtx9Kd7/r1V3+LqL8wXr8a1VieXL86qE+P6+NonInFk/VrUY2XJ9evTayfjbffOlFfi2r8/kW0oxVb/cfbcf23qym99+HGqfq5fh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/w+1NPJ6DPre79cjFmJ/2L+/dpywPN4ff1D/uL/+SlTj4eT+/CsT+/Nfjtcul7t3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjJe3d3slar0bmoYNTzv/+X2VHwz1WXBun3Tk0txHjy3NP+zzmDyjNVLQw3OWHqUVEU01rq/MVeyvMEMxFxRk4x/ALP/1kvRcQZOXMRMf0tV8r/wp85KONpBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOU6bvpd9koAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoU967u5O1Wo3OFIOy9wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA8+TsAAP//S+oM3w==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x44, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
wait4(0x0, 0x0, 0x1000000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=@newsa={0xfc, 0x16, 0x633, 0x0, 0x80000000, {{@in=@loopback, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in=@remote, 0x4d2, 0x32}, @in6=@loopback, {}, {0x5, 0x3, 0x0, 0x5}, {0x4}, 0x2, 0x2, 0xa, 0x4, 0x18}, [@mark={0xc, 0x15, {0x35075c, 0x1}}]}, 0xfc}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c00028005001d00000000000500010004000000050015"], 0x4c}}, 0x0)

667.982854ms ago: executing program 2 (id=597):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x7fc, @dev={0xfe, 0x80, '\x00', 0x10}, 0xb}, 0x1c)
shutdown(r0, 0x2)
setreuid(0xee01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
getpid()
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
munlockall()
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESDEC=r2, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000002c0)=0x1)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0x2)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
r4 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
dup2(r4, r4)
inotify_add_watch(r4, &(0x7f0000000040)='./file0\x00', 0x4000000)

638.973907ms ago: executing program 3 (id=598):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000001280)=[{&(0x7f0000001180)="83", 0x1}], 0x1, 0x0)
vmsplice(r3, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
sendmsg$nl_generic(r3, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000a00)=ANY=[@ANYBLOB="80010000200020002cbd7000fcdbdf250e00000008000400e000000271cd0b51b276f68efce80dc84643d7c317d82d4a9b4a3cb71d943edcb732c496aeb98c1923a88036bf0c61621d1d231e117ff9e3716f7f1eec7b6f1b088189e8c0752da89c28b43df7d65327d0cbb53ce7396934a13c659a0f17661483cf49a6ce051ecafb7823b2b9828431b80e1e6e8e57e30fac9574df375bb174afb386a9c641ff101a0070e2de8a45f89d12d44dabce7a30d35ef45504a31fdb48a15d69dbc44d57f36342578bef898f24c9dceedaa388166ea3ac7b8fe680c907cafa986ea01728a29f496a350a2192fea5a4304a2c35a530050e649d007343ac6e93473ce9a657d2ff71bbffa7dc5717bf74db247ea99c342893e3bec7460ae6b43dc52d660c5bcaadbe7169889e3cc7849dad40c91349402ac0be61cbd888eb0b2ba5909f12bcb7475c0883ae22652599ab7eed357f75ce45993e3bbe543cf981b8d90f94c59cf56c0d04db38ae58f97c6e10347e2e5c2fbe2cc49332ae91128dd689aaea00003e5df532ff24dc62532a84e98a14a47f860b863febb7d62eb2df33c27487638a"], 0x180}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='iso9660\x00', 0x2014800, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x9, 0x4, 0x7ffc0005}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'dummy0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r8, @ANYBLOB="140002"], 0x48}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r9}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r10}, 0x10)
close(r4)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
ioctl$TCFLSH(r1, 0x540b, 0x2)

636.787816ms ago: executing program 4 (id=599):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x0, &(0x7f0000000400)})
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0)
sendmsg$nl_route(r0, 0x0, 0x4000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="0800080002030900680000800900456f00b000660000401190780a010102ac1414aa4f204e22009c90780100f60000000000a2ebe12891c1452f6709e280a31fbc77210c4c89a397b2ca7c4748c861a5fe0a0bdb818907cc4bc44a7c69eefe40ac3dfbfdde44260826b581daf0b555c27c220ba6be5d9764c6a749626863b64d0e363269c9c681ed12abdfd1ebcf40671a864c59a7b4c7c2ecd30784ba9d6e133f098178227c9b25cb720145594c4ebb7120f2671739c3bdb7abeac56425"], 0xbe)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = epoll_create(0x9)
r7 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000240)={0xa0000000})
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r7, &(0x7f0000000280)={0x2000000})

570.666853ms ago: executing program 1 (id=600):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x18)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a000100"], 0x118}}, 0x0)

492.451801ms ago: executing program 1 (id=601):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb904021d0800fe007c05e8fe55a115000200fe80000000000000080005007a010401a80016002000034004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5", 0x6c}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000002cd581aa2f7700000ef998da0a1d2503a1614fae23cde347a2dc4d930b4e2168d0233a69d3538c56cbd099ac27c2afd0f5b99a5fa9df454b69e83e548e88b76ade1afbb6160dc4895f75b8272a1bbd1d214c7eb47142a13d57a783ba2b78bb11b795914bd6358c9ec1760aba42c91b11e3052912ffe03e75f356ea9632715308ac073faea90e30ddebd68247e0d2ac1466a26a8f5670c2ed5fd3bbfa23c5e2ce8eb5992cdb1d6337d1ce6295242749ef428015f4b0d3f4eb7814c4b673e6b0a9d5a95465cb6e777197a2f60172fcba458d07873b1f146f620c5f6a44b841bd6ef53e5353896b61", @ANYRESDEC, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffff1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x17d})
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={0xffffffffffffffff, &(0x7f0000000100)="84aef1e85b57b35d0f80609e0fc0c8aa9cfe250d", &(0x7f0000000340)=""/252}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES32, @ANYRESDEC], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b000000000000000000000006c40400000000007de2e9210f44820121005bfbccf66384a9d87f2684ef4f8c4e4cbba600a78ec31f1a3919cc55b05972ce87ae9a87152f60a6808e4d8878535b073c4ecd7fb303d55154ca12c71be8c1323a3faf5c55d5190fae63bb77ff867e40742812339b9f8f6a74c8193b9f938afb5b36b7c2f8d7fd7c651ab53164426638e9b8528788b6740b0b3428", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0100"/28], 0x50)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
rmdir(&(0x7f0000000c80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)

459.116024ms ago: executing program 1 (id=602):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mq_unlink(0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xa, 0xc, &(0x7f0000000640)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000940)='kvm_set_irq\x00', r1}, 0x18)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r3, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000300)=[{&(0x7f0000002640)=""/102389, 0x18ff5}], 0x1, 0x1903d}}], 0x48}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x70, 0x0, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x4}, @ETHTOOL_A_CHANNELS_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x4}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x4}, @ETHTOOL_A_CHANNELS_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x8000}, 0xc004)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000300)=0xa091, 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000580)=[{{&(0x7f0000000500)=@nfc_llcp, 0x80, &(0x7f0000000440)=[{&(0x7f0000000700)=""/76, 0x4c}, {&(0x7f00000008c0)=""/89, 0x59}, {&(0x7f000001b640)=""/4096, 0x1000}, {0x0}], 0x4, &(0x7f0000001940)=""/111, 0x6f}, 0x75}], 0x1, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r8)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4000054)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r9, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

331.032187ms ago: executing program 3 (id=603):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7081600000000007b8af8ff00000000bfa200000000000007020000f834e4aaadb075c5280000002d0100000000000085000000010000009576dbe5e90253a1e5456b6c3bc9ccb36bff0a25fcbbcca13df1486a2cb228cfd00a333fed0364ffabb44bc26b7881e2eab51182b0f54d69433b4111acaab040d27aa526e8375f5e3109c12a4a51856b60d201cd7063e89d73df6f2e503bfcad00cb0d0c703fe4b5b0095ab4a83d8acc78cad7b8f72e3a2081ef82ce9a0b0a28263c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'dvmrp0\x00'})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'wg1\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x2000001, {0x0, 0x0, 0x0, r5, {0x7, 0xa}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)

314.455368ms ago: executing program 4 (id=604):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_usb_disconnect(r1)
syz_usb_connect$hid(0x4, 0x36, &(0x7f0000001440)=ANY=[], 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendto$inet(r2, &(0x7f0000000040)="01c54f9f5fdeea81b41d9eb1a0cbdeaa89a8217cdbd6df044d3f6d53d0dd4988ae1f4f5b5110c82ca3b6c5b561c6758a2cccaf201d7ea0e86885ca9869b0887770f68fb2d7f01189c74c30093c9e5640317a097fa0139da6c3fb64420057c5dab736b4aa3925e3c3694b458c8b474f", 0x6f, 0x20040004, &(0x7f0000000180)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000004", @ANYRES32=r3, @ANYBLOB="0000000000000000b702"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff})
read(r5, &(0x7f0000000300)=""/244, 0xf4)
syz_usb_connect$hid(0x5, 0x3f, &(0x7f0000000280)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x20, 0x1a34, 0xf705, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x8, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0x7, 0x2, 0x3, 0x1, 0x0, 0x1, {0x9, 0x21, 0x7, 0x6, 0x1, {0x22, 0x6d1}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x7, 0x5}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x7, 0x6, 0x3}}]}}}]}}]}}, &(0x7f0000000ac0)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x201, 0xd2, 0xe, 0x5, 0x20, 0x27}, 0x69, &(0x7f0000000400)={0x5, 0xf, 0x69, 0x2, [@ptm_cap={0x3}, @generic={0x61, 0x10, 0x8, "17cb060b693898c1530b3cce781feadea322b6e4700411b84913b3300effb355f6381e751e63251b0a5fbf1489dc2830267763b3f96dfa15a948f06d34a01201dc263158cf2fa0d468fb4a77b88f65508120b68af3945c524f3541c74f3a"}]}, 0x6, [{0x6c, &(0x7f0000000480)=@string={0x6c, 0x3, "841b111b331bc7a5438c7f2d28b9ab1eefb3f49392d59ca87f618d11f235a8fc00a278597bbccb7bd93b4cfd49477aaa9d2cf3fbd8eddc124c83198a6d95072142fbb63b9f326d502a0018caac2cc96cbb8216e7c07147e824529c22e9d4c1e449a85b5de61a500b0841"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4}}, {0xb0, &(0x7f0000000540)=@string={0xb0, 0x3, "af1d8200881a44b765899ef530a89f5e8e1a1cdb2c8b67f9b371ab2b3ea9ec55f3e09a2224453a75ef95633004fc549efdded1c4844672968878cbe8a5bc0a03776bddb35e4a54f6c9e2f061243840e25b40f733038b60107c819aefe32b80299ba6362c6f34a65ac9188efd2d4c631e838c1a3f80200b91238aa47362610bcdf7149a7654f658a203f7451b1bccf4ec222d076cf671885f573d3ed97c49106360eb2a5949d5cbf07e28855c3cfa"}}, {0x4, &(0x7f0000000640)=@lang_id={0x4, 0x3, 0x447}}, {0xa6, &(0x7f0000000a00)=@string={0xa6, 0x3, "ece611438e294823caa55ab6a711381a4d6d071628ac0c63cf4c541f9f762f1deebe214a200d567198bd314422553ddb6825d45294e851911423017b75c78559a1be7cf7b21275ded164a0398fdefea0b5f890f9d55f84512e247f37bc3fbdc50fb0f2a363ec3b181c27d2eedcc970a697daa129c04a10ae602ae2ae4090d055017f3f650bb34d22d3ffea1874dc3153baf9da4da8d5613e1daf7b11d895643245dc628b"}}, {0x45, &(0x7f0000000800)=ANY=[]}]})
bind$can_raw(0xffffffffffffffff, &(0x7f0000000600), 0x10)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0006}]})
close_range(r6, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, &(0x7f0000000040), &(0x7f0000000140)}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)

251.678755ms ago: executing program 3 (id=605):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x4, '\x00', 0x0, r2, 0x0, 0x5, 0x5}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x22, 0x3, 0x80fe)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e7578"], 0x65)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet6_opts(r3, 0x29, 0x39, &(0x7f0000000180)=@fragment={0x0, 0x0, 0xed, 0x1, 0x0, 0x12, 0x66}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r6}, 0x18)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x48)
sendmsg$nl_route_sched(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r8, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r8, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x600}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x19, &(0x7f00000000c0)=0x3, 0x4)
sendto(r8, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)

217.856118ms ago: executing program 2 (id=606):
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[], 0x48)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
timerfd_create(0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETS2(r1, 0x402c542b, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='kfree\x00', r2, 0x0, 0x8}, 0x18)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21c91c, &(0x7f0000000900)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@grpquota}, {@mblk_io_submit}, {@jqfmt_vfsold}, {@nodelalloc}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@grpjquota, 0x32}]}, 0x1e, 0x4ea, &(0x7f00000009c0)="$eJzs3VFrW9cdAPD/la3MSZzZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYR9gMMY22NOe9jLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHip1GllLr94MjnXt0r/7nXKGje+49XAXQt05HxJmIeFitVs9FxEijPNNIsVVPtfUe3L89W0tJVKvXPkoiknpZbbXxbe95tLHZUET8/jcRf0qejlve2FyaKRYLa43lfGV5NV/e2Dy/uDyzUFgorExNTV6avjx9cXqiI+0cjogrv3rvn3/736+vvPaTm29f/2D8z0mjPOJxOzqt3vRsui+aBiNibT+C9chg2kIAAL4Jmsf5P4yIczESA+nRHAAAAHCQVH8+HF8kEVUAAADgwMqkc2CTTK4xD2A4Mplcrj6H97txJFMslSs/ni+tr8zV58qORjYzv1gsTDTmCo9GNqktT6b5x8sXdixPRcTxiPjHyOF0OTdbKs71+uQHAAAA9ImjO8b/n47Ux//bfN6zygEAAACdM9rrCgAAAAD7zvgfAAAADj7jfwAAADjQfnv1ai1Vm/9/PXdjY32pdOP8XKG8lFten83NltZWcwul0kJ6z77l3d6vWCqt/jRW1m/lK4VyJV/e2Ly+XFpfqVxffOIvsAEAAIAuOv6Du28lEbH1s8NpqjnU60oBXTH4PCu/u3/1ALpvoNcVAHrmuX7/gQMl2+sKAD2X7PJ628k7r3e+LgAAwP4Y+17r6/8Du54b2Mp0qYrAPnH+D/qX6//Qv1z/h/6VjYEwkIf+ttstQIfajRX2fP2/Wn3uSgEAAB01nKYkk4tIzwMMRyaTy0UcS8cE2WR+sViYiIhvR8SbI9lv1ZYn0y2TXecMAwAAAAAAAAAAAAAAAAAAAAAAAAB11WoSVQAAAOBAi8i8n6R3848YGzk7vPP8wKHks5H0OSJu/ufav27NVCprk7Xyjx+VV/7dKL/QizMYAAAAwE7NcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTg/u3ZZupm3A9/GRGjreIPxlD6PBTZiDjySRKD27ZLImKgA/G37kTEiVbxk1q1YrRRi1bxD/c4/tEOxId+drfW//yi1fcvE6fT59bfv0tpD/Xi2vd/mUf930CL+LWyY3uMcfLeK/m28e9EnBxs3f804ydt+p8ze4z/xz9sbrZ7rfrfiLGWvz/JE7HyleXVfHlj8/zi8sxCYaGwMjU1eWn68vTF6Yn8/GKx0HhsGePv33/14bPaf6RN/NFd2n92j+3/8t6t+9+pZ7OPNk8exx8/0/rzP9Emfqbx+f+oka+9PtbMb9Xz2536/xunntX+uTbt3+3zH99j+8/97q/v7HFVAKALyhubSzPFYmGtrzMvtDdqh0UvRStezkxtv379zYf2tYZ/2V6SdObrUDsyfzn2/ItletotAQAA++DpMTAAAAAAAAAAAAAAAAAAAADQbd24nVh2R8yt9LETd88HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOicrwIAAP///B/QPg==")

100.11032ms ago: executing program 2 (id=607):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000640), 0x501)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000100)=""/34, &(0x7f0000000140)=0x22)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x46a, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vprE2t9aa0aLUJQTJq0ag9eFAURRUEP9RiTbQndNtJEsbXYVMSTIAU9i0fRv8CbCKKeBK+ePEmhaC9tPUVmdibdbLOJNZtMzH4+MDvPs/PszvPdZ16efZ7dALrWUPaQRPw/In6NiIFGdmmBocbq+tXzkzeunp9MYmHhtT+SvNy1q+cny6Ll63YWmeE0Iv0wKXay1OzZcycn6vXamSI/OnfqrdHZs+cef+fUxInaidrp8aNHjxwee+rJ8Sc6EmcW17X9788c2PfCG5denjx26c0fv06jEXe0xNEpQ1ngfy7kWrc90umdVWxXUzrprbAi3JaeiMiaqy8//weiJ2423kA8/0GllQPWVXZv2tZ+8/wCsIUlUXUNgGqUN/rs+2+5bFDXY1O48kzjC1AW9/ViaWzpjbQo09fy/baThiLi2Pxfn2dLrNM4BABAs48nP3spW79346sXs77HwOKWNO7O17/lj7uLOZTBiLgjIvZExJ0RsTci7orIy94TEfeusT639n/Sy2t8yxVl/b+ni7mtpf2/svcXgz1Fblcef19yfLpeO1R8JsPRty3Lj62wj2+f++WTdtua+3/Zku2/7AsW9bjc2zJANzUxN5F3SjvgysWI/b3LxZ8szgQkEbEvIvbf3lvvLhPTj355oF2h1eNfQQfmmRa+yMKbz+Kfj5b4S0nz/OT0LfOTo9ujXjs0Wh4Vt/rp549ebbf/NcXfAVdqjXVT+7cWGUya52tnO7v/f3n8p/3J64155sK7E3NzZ8Yi+pP8chb9zc+Pt5Qbv1k+O/6HDy5//u8pXpPFf19EZAfx/RHxQEQ8WNT9oYh4OCIOrhDjD8+uHn+kFbX/xYipZa9/i8d/S/vffqLn5PfftNv/P2v/I3lquHgmv/6tYrnqZJeL1gqu5bMDAACA/4rGb+CTdGQxnaYjI43f8O+N/6X1mdm5x47PvH16qvFb+cHoS8uRroFiPLQ+Xa+NJfPFOzbGR8eLseJyvPRwMW78ac+OPD8yOVOfqjh26HY725z/md97qq4dsM52LPvseP+GVwSoQOs8ero0e+GVcDGArcr/taF7rXL+pxtVD2Djuf9D91ru/L/QkjcXAFuT+z90L+c/dKn0u6prAFTI/R+60lr+17+Oie2boxrVJDZro+SJiDKRbor6SKxTouorEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8HQAA//+lc+Z2")

0s ago: executing program 3 (id=608):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nombcache}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000080)=ANY=[], 0xfe37, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x60, 0x0, 0x0, 0x1000000}, {}, {0x3}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000100)='./file2\x00')

kernel console output (not intermixed with test programs):

UOTA feature is enabled
[   39.248020][ T3739] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   39.287215][ T3739] EXT4-fs (loop0): failed to initialize system zone (-117)
[   39.294755][ T3739] EXT4-fs (loop0): mount failed
[   39.416306][ T3748] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=3748 comm=syz.0.89
[   39.529789][ T3758] netlink: 'syz.2.93': attribute type 2 has an invalid length.
[   39.537504][ T3758] netlink: 'syz.2.93': attribute type 3 has an invalid length.
[   39.549159][ T3760] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.558028][ T3760] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.651889][ T3770] FAULT_INJECTION: forcing a failure.
[   39.651889][ T3770] name failslab, interval 1, probability 0, space 0, times 0
[   39.664894][ T3770] CPU: 1 UID: 0 PID: 3770 Comm: syz.3.97 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   39.664936][ T3770] Tainted: [W]=WARN
[   39.664943][ T3770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   39.665024][ T3770] Call Trace:
[   39.665032][ T3770]  <TASK>
[   39.665067][ T3770]  __dump_stack+0x1d/0x30
[   39.665089][ T3770]  dump_stack_lvl+0xe8/0x140
[   39.665115][ T3770]  dump_stack+0x15/0x1b
[   39.665138][ T3770]  should_fail_ex+0x265/0x280
[   39.665244][ T3770]  should_failslab+0x8c/0xb0
[   39.665291][ T3770]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   39.665333][ T3770]  ? snd_timer_instance_new+0x4a/0x160
[   39.665434][ T3770]  kstrdup+0x3e/0xd0
[   39.665467][ T3770]  snd_timer_instance_new+0x4a/0x160
[   39.665509][ T3770]  snd_seq_timer_open+0x12b/0x360
[   39.665539][ T3770]  ? snd_timer_instance_free+0x5f/0x70
[   39.665626][ T3770]  ? kfree+0xdb/0x400
[   39.665662][ T3770]  snd_seq_queue_timer_open+0xaf/0x140
[   39.665769][ T3770]  snd_seq_ioctl_set_queue_timer+0x148/0x1b0
[   39.665813][ T3770]  snd_seq_ioctl+0x174/0x300
[   39.665931][ T3770]  ? __pfx_snd_seq_ioctl+0x10/0x10
[   39.665971][ T3770]  __se_sys_ioctl+0xcb/0x140
[   39.666086][ T3770]  __x64_sys_ioctl+0x43/0x50
[   39.666131][ T3770]  x64_sys_call+0x1816/0x3000
[   39.666232][ T3770]  do_syscall_64+0xd2/0x200
[   39.666270][ T3770]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   39.666306][ T3770]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   39.666333][ T3770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.666426][ T3770] RIP: 0033:0x7fd48a4deec9
[   39.666497][ T3770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.666520][ T3770] RSP: 002b:00007fd488f47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   39.666556][ T3770] RAX: ffffffffffffffda RBX: 00007fd48a735fa0 RCX: 00007fd48a4deec9
[   39.666573][ T3770] RDX: 0000200000000400 RSI: 0000000040605346 RDI: 0000000000000006
[   39.666595][ T3770] RBP: 00007fd488f47090 R08: 0000000000000000 R09: 0000000000000000
[   39.666611][ T3770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.666626][ T3770] R13: 00007fd48a736038 R14: 00007fd48a735fa0 R15: 00007fff22a43e18
[   39.666701][ T3770]  </TASK>
[   39.950263][ T3776] loop4: detected capacity change from 0 to 512
[   39.959715][ T3776] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.98: error while reading EA inode 32 err=-116
[   39.972681][ T3776] EXT4-fs (loop4): Remounting filesystem read-only
[   39.979531][ T3776] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   39.990290][ T3776] EXT4-fs (loop4): 1 orphan inode deleted
[   39.997586][ T3776] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.561049][ T3822] loop2: detected capacity change from 0 to 128
[   40.586056][ T3822] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   40.598903][ T3822] ext4 filesystem being mounted at /25/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   40.652210][ T3313] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   40.693021][ T3825] loop2: detected capacity change from 0 to 2048
[   40.715836][ T3827] syzkaller1: entered promiscuous mode
[   40.721568][ T3827] syzkaller1: entered allmulticast mode
[   40.739290][ T3825]  loop2: p1 p2 p3
[   40.793052][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.827806][ T3831] loop4: detected capacity change from 0 to 1024
[   40.834706][ T3831] EXT4-fs: inline encryption not supported
[   40.840734][ T3831] EXT4-fs: Ignoring removed i_version option
[   40.868542][ T3831] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.900223][ T3833] loop3: detected capacity change from 0 to 2048
[   40.916716][ T3831] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   40.945621][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.984893][ T3833]  loop3: unable to read partition table
[   40.994932][ T3833] loop3: partition table beyond EOD, truncated
[   41.001189][ T3833] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[   41.074164][ T3850] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   41.082917][ T3850] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   41.096688][ T3001]  loop3: unable to read partition table
[   41.102506][ T3001] loop3: partition table beyond EOD, truncated
[   41.171937][ T3854] syz.3.121 (3854) used greatest stack depth: 10512 bytes left
[   41.288342][ T3859] loop3: detected capacity change from 0 to 512
[   41.308545][ T3859] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.123: error while reading EA inode 32 err=-116
[   41.321869][ T3859] EXT4-fs (loop3): Remounting filesystem read-only
[   41.328646][ T3859] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   41.339577][ T3864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   41.360782][ T3859] EXT4-fs (loop3): 1 orphan inode deleted
[   41.367216][ T3859] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.380333][ T3864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   41.630748][ T3902] syz.2.129 uses obsolete (PF_INET,SOCK_PACKET)
[   41.680169][ T3906] loop2: detected capacity change from 0 to 2048
[   41.752222][ T3899] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   41.756492][ T3906]  loop2: unable to read partition table
[   41.769149][ T3906] loop2: partition table beyond EOD, truncated
[   41.775414][ T3906] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[   41.822943][ T3001]  loop2: unable to read partition table
[   41.828750][ T3001] loop2: partition table beyond EOD, truncated
[   41.960478][ T3920] syzkaller1: entered promiscuous mode
[   41.966409][ T3920] syzkaller1: entered allmulticast mode
[   42.084917][ T3927] netlink: 'syz.4.135': attribute type 5 has an invalid length.
[   42.114089][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.199045][ T3936] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   42.218407][ T3937] loop1: detected capacity change from 0 to 1024
[   42.235978][ T3937] EXT4-fs: inline encryption not supported
[   42.241893][ T3937] EXT4-fs: Ignoring removed i_version option
[   42.249696][ T3936] netlink: 'syz.2.139': attribute type 10 has an invalid length.
[   42.268657][ T3936] syz_tun: entered promiscuous mode
[   42.278471][ T3936] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   42.288427][ T3937] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.316452][ T3937] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   42.398528][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.425292][ T3943] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   42.439418][ T3952] loop2: detected capacity change from 0 to 512
[   42.458784][ T3952] EXT4-fs: Ignoring removed mblk_io_submit option
[   42.485115][ T3952] EXT4-fs: Ignoring removed nomblk_io_submit option
[   42.498826][ T3959] loop1: detected capacity change from 0 to 1024
[   42.526498][ T3952] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   42.535039][ T3952] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   42.609049][ T3959] EXT4-fs: inline encryption not supported
[   42.615072][ T3959] EXT4-fs: Ignoring removed i_version option
[   42.636427][ T3952] EXT4-fs (loop2): failed to initialize system zone (-117)
[   42.655526][ T3959] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.661898][ T3952] EXT4-fs (loop2): mount failed
[   42.822821][ T3959] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   42.973037][ T3976] xfrm0: entered promiscuous mode
[   42.978242][ T3976] xfrm0: entered allmulticast mode
[   43.144783][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.213474][ T3985] loop4: detected capacity change from 0 to 512
[   43.226298][ T3985] EXT4-fs: Ignoring removed nomblk_io_submit option
[   43.228221][ T3988] netlink: 'syz.0.155': attribute type 10 has an invalid length.
[   43.244455][   T29] kauditd_printk_skb: 715 callbacks suppressed
[   43.244549][   T29] audit: type=1326 audit(1759999537.731:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3984 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   43.257394][ T3985] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   43.282990][ T3985] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[   43.291195][ T3988] syz_tun: entered promiscuous mode
[   43.291278][ T3985] EXT4-fs (loop4): orphan cleanup on readonly fs
[   43.303376][ T3985] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[   43.319247][ T3985] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   43.334051][ T3985] EXT4-fs (loop4): Cannot turn on quotas: error -22
[   43.340815][   T29] audit: type=1326 audit(1759999537.771:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3984 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   43.364446][   T29] audit: type=1326 audit(1759999537.781:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3984 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffbf84def03 code=0x7ffc0000
[   43.387841][   T29] audit: type=1326 audit(1759999537.781:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3984 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffbf84def03 code=0x7ffc0000
[   43.411607][   T29] audit: type=1326 audit(1759999537.781:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3984 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   43.422266][    T9] kernel write not supported for file /snd/seq (pid: 9 comm: kworker/0:0)
[   43.435459][   T29] audit: type=1326 audit(1759999537.781:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3984 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   43.467777][   T29] audit: type=1326 audit(1759999537.781:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3984 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   43.491253][   T29] audit: type=1326 audit(1759999537.781:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3984 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   43.514838][   T29] audit: type=1326 audit(1759999537.781:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3984 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   43.540347][ T3985] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.156: bg 0: block 40: padding at end of block bitmap is not set
[   43.556425][ T3988] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   43.566520][ T3985] EXT4-fs (loop4): Remounting filesystem read-only
[   43.573841][ T3985] EXT4-fs (loop4): 1 truncate cleaned up
[   43.604299][ T3985] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   43.628744][ T3985] EXT4-fs (loop4): shut down requested (2)
[   43.634962][ T3985] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[   43.648250][ T3985] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[   43.672824][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.700103][ T4002] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   43.727228][ T4010] __nla_validate_parse: 12 callbacks suppressed
[   43.727246][ T4010] netlink: 8 bytes leftover after parsing attributes in process `syz.2.160'.
[   43.759037][ T4013] syzkaller1: entered promiscuous mode
[   43.764943][ T4013] syzkaller1: entered allmulticast mode
[   43.785202][ T4010] netlink: 20 bytes leftover after parsing attributes in process `syz.2.160'.
[   43.929675][ T4029] netlink: 16 bytes leftover after parsing attributes in process `syz.3.169'.
[   43.950722][ T4029] loop3: detected capacity change from 0 to 512
[   43.957530][ T4029] EXT4-fs: Ignoring removed mblk_io_submit option
[   43.964154][ T4029] EXT4-fs: Ignoring removed nomblk_io_submit option
[   43.996961][ T4029] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   44.005703][ T4029] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   44.008200][ T4025] loop4: detected capacity change from 0 to 512
[   44.054073][ T4025] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.167: error while reading EA inode 32 err=-116
[   44.076319][ T4025] EXT4-fs (loop4): Remounting filesystem read-only
[   44.086086][ T4025] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   44.107422][ T4025] EXT4-fs (loop4): 1 orphan inode deleted
[   44.113473][ T4029] EXT4-fs (loop3): failed to initialize system zone (-117)
[   44.121618][ T4025] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.134607][ T4029] EXT4-fs (loop3): mount failed
[   44.315317][ T4039] loop3: detected capacity change from 0 to 1024
[   44.336774][ T4039] EXT4-fs: inline encryption not supported
[   44.342751][ T4039] EXT4-fs: Ignoring removed i_version option
[   44.358397][ T4039] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.375714][ T4041] netlink: 16 bytes leftover after parsing attributes in process `syz.1.172'.
[   44.391547][ T4039] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   44.422573][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.480394][ T4045] FAULT_INJECTION: forcing a failure.
[   44.480394][ T4045] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   44.493904][ T4045] CPU: 0 UID: 0 PID: 4045 Comm: syz.3.173 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   44.493943][ T4045] Tainted: [W]=WARN
[   44.493950][ T4045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   44.493965][ T4045] Call Trace:
[   44.493973][ T4045]  <TASK>
[   44.493983][ T4045]  __dump_stack+0x1d/0x30
[   44.494054][ T4045]  dump_stack_lvl+0xe8/0x140
[   44.494124][ T4045]  dump_stack+0x15/0x1b
[   44.494219][ T4045]  should_fail_ex+0x265/0x280
[   44.494265][ T4045]  should_fail+0xb/0x20
[   44.494306][ T4045]  should_fail_usercopy+0x1a/0x20
[   44.494369][ T4045]  strncpy_from_user+0x25/0x230
[   44.494411][ T4045]  ? kmem_cache_alloc_noprof+0x242/0x480
[   44.494513][ T4045]  ? getname_flags+0x80/0x3b0
[   44.494547][ T4045]  getname_flags+0xae/0x3b0
[   44.494584][ T4045]  user_path_at+0x28/0x130
[   44.494704][ T4045]  do_faccessat+0x380/0x800
[   44.494732][ T4045]  __x64_sys_faccessat+0x41/0x50
[   44.494761][ T4045]  x64_sys_call+0x950/0x3000
[   44.494919][ T4045]  do_syscall_64+0xd2/0x200
[   44.494951][ T4045]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   44.494988][ T4045]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   44.495015][ T4045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.495056][ T4045] RIP: 0033:0x7fd48a4deec9
[   44.495075][ T4045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.495099][ T4045] RSP: 002b:00007fd488f47038 EFLAGS: 00000246 ORIG_RAX: 000000000000010d
[   44.495124][ T4045] RAX: ffffffffffffffda RBX: 00007fd48a735fa0 RCX: 00007fd48a4deec9
[   44.495141][ T4045] RDX: 0000000000000005 RSI: 0000200000000000 RDI: 0000000000000006
[   44.495157][ T4045] RBP: 00007fd488f47090 R08: 0000000000000000 R09: 0000000000000000
[   44.495173][ T4045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.495189][ T4045] R13: 00007fd48a736038 R14: 00007fd48a735fa0 R15: 00007fff22a43e18
[   44.495272][ T4045]  </TASK>
[   44.720356][ T4050] netlink: 4 bytes leftover after parsing attributes in process `syz.2.175'.
[   44.742169][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.794926][ T4064] syzkaller1: entered promiscuous mode
[   44.799899][ T4061] netlink: 20 bytes leftover after parsing attributes in process `syz.3.180'.
[   44.800837][ T4064] syzkaller1: entered allmulticast mode
[   44.850150][ T4066] loop1: detected capacity change from 0 to 512
[   44.895232][ T4066] syz.1.181 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   44.980480][ T4081] netlink: 8 bytes leftover after parsing attributes in process `syz.3.185'.
[   44.992220][ T4081] netlink: 20 bytes leftover after parsing attributes in process `syz.3.185'.
[   45.047441][ T4084] loop2: detected capacity change from 0 to 512
[   45.059688][ T4084] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.188: error while reading EA inode 32 err=-116
[   45.072521][ T4084] EXT4-fs (loop2): Remounting filesystem read-only
[   45.109771][ T4088] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   45.119556][ T4088] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   45.127440][ T4084] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   45.137936][ T4084] EXT4-fs (loop2): 1 orphan inode deleted
[   45.144085][ T4084] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.174568][ T4091] netlink: 16 bytes leftover after parsing attributes in process `syz.1.190'.
[   45.186967][ T4091] loop1: detected capacity change from 0 to 512
[   45.196386][ T4091] EXT4-fs: Ignoring removed mblk_io_submit option
[   45.202900][ T4091] EXT4-fs: Ignoring removed nomblk_io_submit option
[   45.224423][ T4091] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   45.228146][ T4092] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4092 comm=syz.4.191
[   45.233073][ T4091] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   45.270717][ T4091] EXT4-fs (loop1): failed to initialize system zone (-117)
[   45.280862][ T4091] EXT4-fs (loop1): mount failed
[   45.343545][ T4098] netlink: 4 bytes leftover after parsing attributes in process `syz.4.192'.
[   45.415048][ T4108] netlink: 'syz.1.195': attribute type 2 has an invalid length.
[   45.417156][ T4107] netlink: 'syz.4.194': attribute type 2 has an invalid length.
[   45.423112][ T4108] netlink: 'syz.1.195': attribute type 3 has an invalid length.
[   45.430770][ T4107] netlink: 'syz.4.194': attribute type 3 has an invalid length.
[   45.715694][ T4114] syzkaller1: entered promiscuous mode
[   45.722277][ T4114] syzkaller1: entered allmulticast mode
[   45.888545][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.070338][ T4132] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.150181][ T4132] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.188221][ T4147] loop1: detected capacity change from 0 to 1024
[   46.195030][ T4147] EXT4-fs: inline encryption not supported
[   46.201271][ T4146] loop2: detected capacity change from 0 to 512
[   46.217006][ T4146] EXT4-fs: Ignoring removed mblk_io_submit option
[   46.226828][ T4147] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.240443][ T4132] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.262641][ T4147] FAULT_INJECTION: forcing a failure.
[   46.262641][ T4147] name failslab, interval 1, probability 0, space 0, times 0
[   46.275613][ T4147] CPU: 1 UID: 0 PID: 4147 Comm: syz.1.207 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   46.275648][ T4147] Tainted: [W]=WARN
[   46.275654][ T4147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   46.275694][ T4147] Call Trace:
[   46.275703][ T4147]  <TASK>
[   46.275713][ T4147]  __dump_stack+0x1d/0x30
[   46.275754][ T4147]  dump_stack_lvl+0xe8/0x140
[   46.275796][ T4147]  dump_stack+0x15/0x1b
[   46.275817][ T4147]  should_fail_ex+0x265/0x280
[   46.275929][ T4147]  should_failslab+0x8c/0xb0
[   46.275966][ T4147]  __kmalloc_noprof+0xa5/0x570
[   46.276043][ T4147]  ? ext4_ext_precache+0xa1/0x380
[   46.276090][ T4147]  ext4_ext_precache+0xa1/0x380
[   46.276178][ T4147]  ext4_get_es_cache+0x163/0x4c0
[   46.276258][ T4147]  ? avc_has_extended_perms+0x73d/0x940
[   46.276291][ T4147]  ? should_fail_ex+0xdb/0x280
[   46.276403][ T4147]  ext4_ioctl+0x158c/0x2d60
[   46.276441][ T4147]  ? file_ioctl+0x146/0x530
[   46.276469][ T4147]  ? do_vfs_ioctl+0x7ca/0xe10
[   46.276493][ T4147]  ? selinux_file_ioctl+0x308/0x3a0
[   46.276531][ T4147]  ? __fget_files+0x184/0x1c0
[   46.276586][ T4147]  ? __pfx_ext4_ioctl+0x10/0x10
[   46.276665][ T4147]  __se_sys_ioctl+0xcb/0x140
[   46.276702][ T4147]  __x64_sys_ioctl+0x43/0x50
[   46.276772][ T4147]  x64_sys_call+0x1816/0x3000
[   46.276795][ T4147]  do_syscall_64+0xd2/0x200
[   46.276849][ T4147]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   46.276876][ T4147]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   46.276951][ T4147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.276980][ T4147] RIP: 0033:0x7f6a1b72eec9
[   46.277002][ T4147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.277025][ T4147] RSP: 002b:00007f6a1a197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   46.277102][ T4147] RAX: ffffffffffffffda RBX: 00007f6a1b985fa0 RCX: 00007f6a1b72eec9
[   46.277118][ T4147] RDX: 0000200000000440 RSI: 00000000c020662a RDI: 0000000000000006
[   46.277132][ T4147] RBP: 00007f6a1a197090 R08: 0000000000000000 R09: 0000000000000000
[   46.277144][ T4147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.277157][ T4147] R13: 00007f6a1b986038 R14: 00007f6a1b985fa0 R15: 00007ffff61d8ca8
[   46.277182][ T4147]  </TASK>
[   46.506978][ T4146] EXT4-fs: Ignoring removed nomblk_io_submit option
[   46.517336][ T4146] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   46.525804][ T4146] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   46.540112][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.555610][ T4146] EXT4-fs (loop2): failed to initialize system zone (-117)
[   46.566968][ T4132] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.578894][ T4146] EXT4-fs (loop2): mount failed
[   46.637213][   T31] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.665998][   T31] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.680028][   T52] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.692905][   T52] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.749894][ T4165] loop1: detected capacity change from 0 to 1024
[   46.761975][ T4165] EXT4-fs: inline encryption not supported
[   46.768024][ T4165] EXT4-fs: Ignoring removed i_version option
[   46.783246][ T4161] loop2: detected capacity change from 0 to 512
[   46.803654][ T4161] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.212: error while reading EA inode 32 err=-116
[   46.827495][ T4165] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.872263][ T4165] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   46.893199][ T4161] EXT4-fs (loop2): Remounting filesystem read-only
[   46.903444][ T4161] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   46.921257][ T4161] EXT4-fs (loop2): 1 orphan inode deleted
[   46.936563][ T4161] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.961055][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.194761][ T4186] netlink: 'syz.3.220': attribute type 5 has an invalid length.
[   47.368176][ T4193] loop3: detected capacity change from 0 to 512
[   47.374963][ T4193] EXT4-fs: Ignoring removed mblk_io_submit option
[   47.381802][ T4193] EXT4-fs: Ignoring removed nomblk_io_submit option
[   47.391568][ T4193] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   47.400239][ T4193] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   47.419268][ T4193] EXT4-fs (loop3): failed to initialize system zone (-117)
[   47.426789][ T4193] EXT4-fs (loop3): mount failed
[   47.519067][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.641555][ T4213] netlink: 'syz.2.230': attribute type 2 has an invalid length.
[   47.649372][ T4213] netlink: 'syz.2.230': attribute type 3 has an invalid length.
[   47.852362][   T44] Bluetooth: hci1: sending frame failed (-49)
[   47.858625][ T4182] Bluetooth: hci1: Opcode 0x1003 failed: -49
[   47.865688][ T4232] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   47.875059][ T4232] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   47.989224][ T4235] loop3: detected capacity change from 0 to 512
[   48.009190][ T4235] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.238: error while reading EA inode 32 err=-116
[   48.036142][ T4235] EXT4-fs (loop3): Remounting filesystem read-only
[   48.056694][ T4235] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   48.067057][ T4235] EXT4-fs (loop3): 1 orphan inode deleted
[   48.073154][ T4235] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.092960][ T4240] loop2: detected capacity change from 0 to 512
[   48.099803][ T4240] EXT4-fs: inline encryption not supported
[   48.106461][ T4240] EXT4-fs: Ignoring removed nobh option
[   48.119947][ T4240] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   48.131613][ T4240] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   48.141884][ T4240] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.240: Corrupt directory, running e2fsck is recommended
[   48.157958][ T4240] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   48.167943][ T4240] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.240: corrupted in-inode xattr: invalid ea_ino
[   48.182210][ T4240] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.240: couldn't read orphan inode 15 (err -117)
[   48.194740][ T4240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.219961][ T4240] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   48.231725][ T4240] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   48.241936][ T4240] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.240: Corrupt directory, running e2fsck is recommended
[   48.267125][ T4240] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   48.280006][ T4240] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   48.290372][ T4240] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.240: Corrupt directory, running e2fsck is recommended
[   48.313961][ T4240] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   48.317084][ T4254] FAULT_INJECTION: forcing a failure.
[   48.317084][ T4254] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.325629][ T4240] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   48.338762][ T4254] CPU: 0 UID: 0 PID: 4254 Comm: syz.0.241 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   48.338804][ T4254] Tainted: [W]=WARN
[   48.338814][ T4254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   48.338870][ T4254] Call Trace:
[   48.338923][ T4254]  <TASK>
[   48.338934][ T4254]  __dump_stack+0x1d/0x30
[   48.338966][ T4254]  dump_stack_lvl+0xe8/0x140
[   48.338994][ T4254]  dump_stack+0x15/0x1b
[   48.339016][ T4254]  should_fail_ex+0x265/0x280
[   48.339064][ T4254]  should_fail+0xb/0x20
[   48.339136][ T4254]  should_fail_usercopy+0x1a/0x20
[   48.339165][ T4254]  _copy_from_user+0x1c/0xb0
[   48.339199][ T4254]  ___sys_sendmsg+0xc1/0x1d0
[   48.339261][ T4254]  __x64_sys_sendmsg+0xd4/0x160
[   48.339382][ T4254]  x64_sys_call+0x191e/0x3000
[   48.339456][ T4254]  do_syscall_64+0xd2/0x200
[   48.339490][ T4254]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   48.339529][ T4254]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   48.339560][ T4254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.339660][ T4254] RIP: 0033:0x7f52e392eec9
[   48.339771][ T4254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.339795][ T4254] RSP: 002b:00007f52e2397038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.339822][ T4254] RAX: ffffffffffffffda RBX: 00007f52e3b85fa0 RCX: 00007f52e392eec9
[   48.339840][ T4254] RDX: 0000000000000106 RSI: 0000200000000140 RDI: 0000000000000004
[   48.339858][ T4254] RBP: 00007f52e2397090 R08: 0000000000000000 R09: 0000000000000000
[   48.339875][ T4254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.339892][ T4254] R13: 00007f52e3b86038 R14: 00007f52e3b85fa0 R15: 00007fff76fe6c28
[   48.339920][ T4254]  </TASK>
[   48.410857][ T4260] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   48.412676][ T4240] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.240: Corrupt directory, running e2fsck is recommended
[   48.587477][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.686433][ T4273] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   48.727267][ T4287] loop0: detected capacity change from 0 to 1024
[   48.737619][ T4287] EXT4-fs: inline encryption not supported
[   48.740319][ T4277] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   48.743552][ T4287] EXT4-fs: Ignoring removed i_version option
[   48.758077][ T4287] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.782976][ T4287] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   48.783280][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.822712][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.856576][ T4292] loop4: detected capacity change from 0 to 1024
[   48.863974][ T4292] EXT4-fs: inline encryption not supported
[   48.874698][ T4295] loop0: detected capacity change from 0 to 512
[   48.896495][ T4292] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.911501][ T4293] loop3: detected capacity change from 0 to 2048
[   48.930328][ T4299] __nla_validate_parse: 16 callbacks suppressed
[   48.930366][ T4299] netlink: 20 bytes leftover after parsing attributes in process `syz.0.250'.
[   48.956314][   T29] kauditd_printk_skb: 473 callbacks suppressed
[   48.956331][   T29] audit: type=1400 audit(1759999543.411:1859): avc:  denied  { bind } for  pid=4291 comm="syz.4.249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   48.982033][   T29] audit: type=1400 audit(1759999543.411:1860): avc:  denied  { connect } for  pid=4291 comm="syz.4.249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   49.025855][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.044229][ T3291]  loop3: unable to read partition table
[   49.056006][ T3549] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   49.073615][ T3291] loop3: partition table beyond EOD, truncated
[   49.087503][ T4303] FAULT_INJECTION: forcing a failure.
[   49.087503][ T4303] name failslab, interval 1, probability 0, space 0, times 0
[   49.100297][ T4303] CPU: 1 UID: 0 PID: 4303 Comm: syz.4.251 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   49.100402][ T4303] Tainted: [W]=WARN
[   49.100472][ T4303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   49.100489][ T4303] Call Trace:
[   49.100496][ T4303]  <TASK>
[   49.100504][ T4303]  __dump_stack+0x1d/0x30
[   49.100527][ T4303]  dump_stack_lvl+0xe8/0x140
[   49.100559][ T4303]  dump_stack+0x15/0x1b
[   49.100576][ T4303]  should_fail_ex+0x265/0x280
[   49.100624][ T4303]  should_failslab+0x8c/0xb0
[   49.100659][ T4303]  __kmalloc_noprof+0xa5/0x570
[   49.100762][ T4303]  ? unregister_netdevice_many_notify+0x4c9/0x15d0
[   49.100795][ T4303]  ? unlist_netdevice+0x2cc/0x320
[   49.100825][ T4303]  unregister_netdevice_many_notify+0x4c9/0x15d0
[   49.100873][ T4303]  ? __rcu_read_unlock+0x4f/0x70
[   49.100978][ T4303]  unregister_netdevice_queue+0x1f5/0x220
[   49.101066][ T4303]  unregister_netdev+0xb3/0xe0
[   49.101172][ T4303]  slip_close+0xe4/0x100
[   49.101206][ T4303]  ? __pfx_slip_close+0x10/0x10
[   49.101234][ T4303]  tty_ldisc_close+0x74/0xa0
[   49.101254][ T4303]  tty_set_ldisc+0x1b9/0x380
[   49.101296][ T4303]  tiocsetd+0x51/0x60
[   49.101389][ T4303]  tty_ioctl+0xa79/0xb80
[   49.101491][ T4303]  ? __pfx_tty_ioctl+0x10/0x10
[   49.101525][ T4303]  __se_sys_ioctl+0xcb/0x140
[   49.101578][ T4303]  __x64_sys_ioctl+0x43/0x50
[   49.101658][ T4303]  x64_sys_call+0x1816/0x3000
[   49.101742][ T4303]  do_syscall_64+0xd2/0x200
[   49.101773][ T4303]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   49.101863][ T4303]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   49.101889][ T4303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.101969][ T4303] RIP: 0033:0x7f1981a3eec9
[   49.101984][ T4303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.102001][ T4303] RSP: 002b:00007f19804a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   49.102059][ T4303] RAX: ffffffffffffffda RBX: 00007f1981c95fa0 RCX: 00007f1981a3eec9
[   49.102075][ T4303] RDX: 0000200000000100 RSI: 0000000000005423 RDI: 0000000000000005
[   49.102087][ T4303] RBP: 00007f19804a7090 R08: 0000000000000000 R09: 0000000000000000
[   49.102098][ T4303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.102110][ T4303] R13: 00007f1981c96038 R14: 00007f1981c95fa0 R15: 00007ffd84a924a8
[   49.102130][ T4303]  </TASK>
[   49.149974][ T4293]  loop3: unable to read partition table
[   49.152152][ T4305] netlink: 16 bytes leftover after parsing attributes in process `syz.1.253'.
[   49.155168][ T4293] loop3: partition table beyond EOD, 
[   49.176302][ T4305] loop1: detected capacity change from 0 to 512
[   49.181122][ T4293] truncated
[   49.181136][ T4293] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[   49.388306][ T4305] EXT4-fs: Ignoring removed mblk_io_submit option
[   49.394898][ T4305] EXT4-fs: Ignoring removed nomblk_io_submit option
[   49.402067][ T4305] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   49.410839][ T4305] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   49.427274][ T4305] EXT4-fs (loop1): failed to initialize system zone (-117)
[   49.434563][ T4305] EXT4-fs (loop1): mount failed
[   49.445303][ T3001]  loop3: unable to read partition table
[   49.451815][ T3001] loop3: partition table beyond EOD, truncated
[   49.518951][ T4321] netlink: 'syz.4.256': attribute type 2 has an invalid length.
[   49.526754][ T4321] netlink: 'syz.4.256': attribute type 3 has an invalid length.
[   49.534536][ T4321] netlink: 132 bytes leftover after parsing attributes in process `syz.4.256'.
[   49.558129][   T29] audit: type=1326 audit(1759999544.051:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4315 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1981a3eec9 code=0x7ffc0000
[   49.582970][   T29] audit: type=1326 audit(1759999544.051:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4315 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1981a3eec9 code=0x7ffc0000
[   49.606863][   T29] audit: type=1326 audit(1759999544.051:1863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4315 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1981a3eec9 code=0x7ffc0000
[   49.630734][   T29] audit: type=1326 audit(1759999544.051:1864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4315 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1981a3eec9 code=0x7ffc0000
[   49.636486][ T4324] loop1: detected capacity change from 0 to 512
[   49.654722][   T29] audit: type=1326 audit(1759999544.051:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4315 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1981a3eec9 code=0x7ffc0000
[   49.684643][   T29] audit: type=1326 audit(1759999544.051:1866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4315 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1981a3eec9 code=0x7ffc0000
[   49.687796][ T4317] loop2: detected capacity change from 0 to 512
[   49.708376][   T29] audit: type=1326 audit(1759999544.051:1867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4315 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1981a40de7 code=0x7ffc0000
[   49.738641][   T29] audit: type=1326 audit(1759999544.051:1868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4315 comm="syz.4.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1981a3eec9 code=0x7ffc0000
[   49.780243][ T4328] netlink: 20 bytes leftover after parsing attributes in process `syz.3.262'.
[   49.790596][ T4329] netlink: 'syz.4.261': attribute type 5 has an invalid length.
[   49.798622][ T4329] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.261'.
[   49.819383][ T4317] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.258: error while reading EA inode 32 err=-116
[   49.832302][ T4317] EXT4-fs (loop2): Remounting filesystem read-only
[   49.839272][ T4317] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   49.873389][ T4317] EXT4-fs (loop2): 1 orphan inode deleted
[   49.882887][ T4333] loop3: detected capacity change from 0 to 512
[   49.891694][ T4317] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.904070][ T4333] EXT4-fs: inline encryption not supported
[   49.904226][ T4333] EXT4-fs: Ignoring removed nobh option
[   49.924953][ T4333] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   49.936537][ T4333] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   49.946688][ T4333] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.264: Corrupt directory, running e2fsck is recommended
[   49.962058][ T4333] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   49.970486][ T4333] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.264: corrupted in-inode xattr: invalid ea_ino
[   49.988211][ T4333] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.264: couldn't read orphan inode 15 (err -117)
[   50.009166][ T4333] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.035782][ T4344] netlink: 16 bytes leftover after parsing attributes in process `syz.0.268'.
[   50.042291][ T4333] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   50.054840][ T4344] loop0: detected capacity change from 0 to 512
[   50.056250][ T4333] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   50.065626][ T4344] EXT4-fs: Ignoring removed mblk_io_submit option
[   50.072823][ T4333] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.264: Corrupt directory, running e2fsck is recommended
[   50.092644][ T4344] EXT4-fs: Ignoring removed nomblk_io_submit option
[   50.097369][ T4347] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   50.110888][ T4347] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   50.121089][ T4347] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.264: Corrupt directory, running e2fsck is recommended
[   50.137961][ T4344] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   50.146498][ T4344] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   50.151100][ T4333] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   50.167160][ T4333] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   50.177355][ T4333] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.264: Corrupt directory, running e2fsck is recommended
[   50.185998][ T4346] netlink: 4 bytes leftover after parsing attributes in process `syz.4.269'.
[   50.190582][ T4347] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   50.213411][ T4344] EXT4-fs (loop0): failed to initialize system zone (-117)
[   50.213638][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.220952][ T4344] EXT4-fs (loop0): mount failed
[   50.284673][ T4359] netlink: 132 bytes leftover after parsing attributes in process `syz.0.272'.
[   50.309729][ T4360] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   50.318854][ T4360] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   50.338996][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.340120][ T4361] netlink: 8 bytes leftover after parsing attributes in process `syz.3.270'.
[   50.384401][ T4361] netlink: 20 bytes leftover after parsing attributes in process `syz.3.270'.
[   50.884606][ T4366] loop4: detected capacity change from 0 to 512
[   51.168186][ T4375] validate_nla: 2 callbacks suppressed
[   51.168205][ T4375] netlink: 'syz.3.277': attribute type 5 has an invalid length.
[   51.170784][ T4377] netlink: 'syz.0.278': attribute type 5 has an invalid length.
[   51.325279][ T4388] loop0: detected capacity change from 0 to 512
[   51.332858][ T4388] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.359230][ T4388] EXT4-fs: Ignoring removed nomblk_io_submit option
[   51.421523][ T4388] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   51.430231][ T4388] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   51.470832][ T4388] EXT4-fs (loop0): failed to initialize system zone (-117)
[   51.486096][ T4388] EXT4-fs (loop0): mount failed
[   51.591777][ T4400] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.605616][ T4400] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.810782][ T4423] loop2: detected capacity change from 0 to 512
[   51.936162][ T4182] Bluetooth: hci0: command 0x1003 tx timeout
[   51.942301][ T3549] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   52.038574][ T4445] netlink: 'syz.2.291': attribute type 5 has an invalid length.
[   52.212533][ T4452] loop0: detected capacity change from 0 to 512
[   52.257447][ T4452] EXT4-fs: Ignoring removed mblk_io_submit option
[   52.275381][ T4452] EXT4-fs: Ignoring removed nomblk_io_submit option
[   52.295994][ T4452] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   52.304688][ T4452] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   52.339278][ T4452] EXT4-fs (loop0): failed to initialize system zone (-117)
[   52.352119][ T4452] EXT4-fs (loop0): mount failed
[   52.437650][ T4466] loop3: detected capacity change from 0 to 512
[   52.862045][ T4477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   52.881443][ T4477] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   52.907843][ T4481] netlink: 'syz.1.304': attribute type 5 has an invalid length.
[   53.063612][ T4483] syzkaller1: entered promiscuous mode
[   53.072654][ T4483] syzkaller1: entered allmulticast mode
[   53.139760][ T4485] loop2: detected capacity change from 0 to 512
[   53.147077][ T4485] EXT4-fs: Ignoring removed mblk_io_submit option
[   53.153879][ T4485] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.163470][ T4485] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   53.172315][ T4485] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   53.187088][ T4485] EXT4-fs (loop2): failed to initialize system zone (-117)
[   53.194511][ T4485] EXT4-fs (loop2): mount failed
[   53.253663][ T4491] loop2: detected capacity change from 0 to 2048
[   53.272047][ T4493] loop1: detected capacity change from 0 to 2048
[   53.323304][ T3500]  loop2: unable to read partition table
[   53.329251][ T3500] loop2: partition table beyond EOD, truncated
[   53.357187][ T3291]  loop1: unable to read partition table
[   53.363910][ T3291] loop1: partition table beyond EOD, truncated
[   53.370467][ T4495] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   53.370467][ T4495]    program syz.3.310 not setting count and/or reply_len properly
[   53.384426][ T4491]  loop2: unable to read partition table
[   53.390664][ T4495] netlink: 'syz.3.310': attribute type 30 has an invalid length.
[   53.406111][ T4491] loop2: partition table beyond EOD, truncated
[   53.412330][ T4491] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[   53.434318][ T4497] loop4: detected capacity change from 0 to 1024
[   53.442907][ T4497] EXT4-fs: inline encryption not supported
[   53.448941][ T4497] EXT4-fs: Ignoring removed i_version option
[   53.459290][ T4493]  loop1: unable to read partition table
[   53.465176][ T4493] loop1: partition table beyond EOD, truncated
[   53.471537][ T4493] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[   53.486211][ T4497] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.513582][ T3001]  loop2: unable to read partition table
[   53.519608][ T3001] loop2: partition table beyond EOD, truncated
[   53.535678][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.613338][ T3001]  loop1: unable to read partition table
[   53.619413][ T3001] loop1: partition table beyond EOD, truncated
[   53.659650][ T4515] loop2: detected capacity change from 0 to 512
[   53.732354][ T4515] EXT4-fs: inline encryption not supported
[   53.741862][ T4515] EXT4-fs: Ignoring removed nobh option
[   53.753401][ T4524] loop3: detected capacity change from 0 to 512
[   53.780448][ T4515] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   53.792593][ T4515] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   53.800591][ T4524] EXT4-fs: Ignoring removed mblk_io_submit option
[   53.803118][ T4515] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.317: Corrupt directory, running e2fsck is recommended
[   53.809826][ T4524] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.832317][ T4525] syzkaller1: entered promiscuous mode
[   53.838439][ T4525] syzkaller1: entered allmulticast mode
[   53.851194][ T4524] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   53.859764][ T4524] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   53.875686][ T4515] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   53.886965][ T4515] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.317: corrupted in-inode xattr: invalid ea_ino
[   53.901455][ T4515] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.317: couldn't read orphan inode 15 (err -117)
[   53.916588][ T4524] EXT4-fs (loop3): failed to initialize system zone (-117)
[   53.917332][ T4515] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.924170][ T4524] EXT4-fs (loop3): mount failed
[   53.966705][ T4515] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   53.978406][ T4515] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   53.989051][ T4515] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.317: Corrupt directory, running e2fsck is recommended
[   54.004408][ T4515] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   54.016085][ T4515] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   54.026286][ T4515] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.317: Corrupt directory, running e2fsck is recommended
[   54.041504][ T4515] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   54.053296][ T4515] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   54.063520][ T4515] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.317: Corrupt directory, running e2fsck is recommended
[   54.090997][ T4540] loop4: detected capacity change from 0 to 1024
[   54.097698][ T4537] loop3: detected capacity change from 0 to 2048
[   54.099219][ T4540] EXT4-fs: inline encryption not supported
[   54.106268][ T4515] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   54.110081][ T4540] EXT4-fs: Ignoring removed i_version option
[   54.137694][ T4540] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.151033][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.151286][ T4545] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   54.177317][   T29] kauditd_printk_skb: 494 callbacks suppressed
[   54.177334][   T29] audit: type=1400 audit(1759999548.671:2363): avc:  denied  { connect } for  pid=4536 comm="syz.3.322" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   54.188110][ T4545] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   54.213733][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.273348][ T4553] netlink: 'syz.2.327': attribute type 2 has an invalid length.
[   54.281312][ T4553] netlink: 'syz.2.327': attribute type 3 has an invalid length.
[   54.289042][ T4553] __nla_validate_parse: 15 callbacks suppressed
[   54.289060][ T4553] netlink: 132 bytes leftover after parsing attributes in process `syz.2.327'.
[   54.311302][   T29] audit: type=1326 audit(1759999548.801:2364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4552 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   54.345129][   T29] audit: type=1326 audit(1759999548.801:2365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4552 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   54.368524][   T29] audit: type=1326 audit(1759999548.801:2366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4552 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   54.392901][   T29] audit: type=1326 audit(1759999548.801:2367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4552 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   54.416661][   T29] audit: type=1326 audit(1759999548.801:2368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4552 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   54.440422][   T29] audit: type=1326 audit(1759999548.801:2369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4552 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffbf84e0de7 code=0x7ffc0000
[   54.463689][   T29] audit: type=1326 audit(1759999548.801:2370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4552 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   54.487200][   T29] audit: type=1326 audit(1759999548.801:2371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4552 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   54.496019][ T4182] Bluetooth: hci0: command 0x1003 tx timeout
[   54.510693][   T29] audit: type=1326 audit(1759999548.801:2372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4552 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbf84deec9 code=0x7ffc0000
[   54.543364][ T4556] loop2: detected capacity change from 0 to 512
[   54.550183][ T3549] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   54.605116][ T4558] loop2: detected capacity change from 0 to 2048
[   54.673106][ T4560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.330'.
[   54.742148][ T4558]  loop2: unable to read partition table
[   54.758204][ T4558] loop2: partition table beyond EOD, truncated
[   54.764553][ T4558] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[   54.830671][ T4581] netlink: 16 bytes leftover after parsing attributes in process `syz.3.332'.
[   54.844177][ T4581] loop3: detected capacity change from 0 to 512
[   54.863481][ T4581] EXT4-fs: Ignoring removed mblk_io_submit option
[   54.880946][ T4581] EXT4-fs: Ignoring removed nomblk_io_submit option
[   54.892939][ T4581] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   54.901756][ T4581] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   54.972752][ T3001]  loop2: unable to read partition table
[   54.986499][ T3001] loop2: partition table beyond EOD, truncated
[   54.994255][ T4590] netlink: 8 bytes leftover after parsing attributes in process `syz.0.334'.
[   55.006596][ T4581] EXT4-fs (loop3): failed to initialize system zone (-117)
[   55.016020][ T4581] EXT4-fs (loop3): mount failed
[   55.041201][ T4592] syzkaller1: entered promiscuous mode
[   55.046801][ T4592] syzkaller1: entered allmulticast mode
[   55.116773][ T4605] netlink: 20 bytes leftover after parsing attributes in process `syz.0.334'.
[   55.164135][ T4610] loop3: detected capacity change from 0 to 2048
[   55.305669][ T4610]  loop3: unable to read partition table
[   55.331015][ T4621] netlink: 4 bytes leftover after parsing attributes in process `syz.2.340'.
[   55.346022][ T4610] loop3: partition table beyond EOD, truncated
[   55.352284][ T4610] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[   55.440489][ T3001]  loop3: unable to read partition table
[   55.446282][ T3001] loop3: partition table beyond EOD, truncated
[   55.519666][ T4639] loop1: detected capacity change from 0 to 2048
[   55.576787][ T4646] loop3: detected capacity change from 0 to 2048
[   55.600326][ T4646] msdos: Bad value for 'time_offset'
[   55.765020][ T4652] loop0: detected capacity change from 0 to 512
[   55.796785][ T4656] netlink: 16 bytes leftover after parsing attributes in process `syz.2.350'.
[   55.823448][ T4656] loop2: detected capacity change from 0 to 512
[   55.835329][ T4656] EXT4-fs: Ignoring removed mblk_io_submit option
[   55.842335][ T4656] EXT4-fs: Ignoring removed nomblk_io_submit option
[   55.856206][ T4656] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   55.864896][ T4656] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   55.881209][ T4654] netlink: 4 bytes leftover after parsing attributes in process `syz.3.351'.
[   55.891596][ T4656] EXT4-fs (loop2): failed to initialize system zone (-117)
[   55.891672][ T4656] EXT4-fs (loop2): mount failed
[   55.975673][ T4670] loop2: detected capacity change from 0 to 512
[   55.990599][ T4670] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.364: error while reading EA inode 32 err=-116
[   56.003177][ T4670] EXT4-fs (loop2): Remounting filesystem read-only
[   56.010265][ T4670] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   56.022951][ T4670] EXT4-fs (loop2): 1 orphan inode deleted
[   56.029457][ T4670] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.089869][ T4680] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.104015][ T4680] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.138490][ T4685] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.147252][ T4683] loop1: detected capacity change from 0 to 8192
[   56.147800][ T4685] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.168940][ T4683] macvtap1: entered promiscuous mode
[   56.174288][ T4683] macvtap1: entered allmulticast mode
[   56.181594][ T4683] dummy0: entered promiscuous mode
[   56.187053][ T4683] dummy0: entered allmulticast mode
[   56.193414][ T4683] team0: Device macvtap1 failed to register rx_handler
[   56.200852][ T4683] dummy0: left allmulticast mode
[   56.206129][ T4683] dummy0: left promiscuous mode
[   56.305388][ T4689] netlink: 464 bytes leftover after parsing attributes in process `syz.1.361'.
[   56.471306][ T4692] netlink: 8 bytes leftover after parsing attributes in process `syz.1.362'.
[   56.637265][ T4694] loop0: detected capacity change from 0 to 512
[   56.708970][ T4698] netlink: 'syz.4.366': attribute type 5 has an invalid length.
[   56.725845][ T4699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.735045][ T4699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.782087][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.888738][ T4710] loop2: detected capacity change from 0 to 512
[   56.938015][ T4710] EXT4-fs: Ignoring removed mblk_io_submit option
[   56.951526][ T4715] netlink: 'syz.3.371': attribute type 5 has an invalid length.
[   56.961215][ T4710] EXT4-fs: Ignoring removed nomblk_io_submit option
[   56.982906][ T4710] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   56.991544][ T4710] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   57.007092][ T4710] EXT4-fs (loop2): failed to initialize system zone (-117)
[   57.014397][ T4710] EXT4-fs (loop2): mount failed
[   57.161180][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[   57.169231][ T4732] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   57.169231][ T4732]    program syz.4.377 not setting count and/or reply_len properly
[   57.188562][ T4732] netlink: 'syz.4.377': attribute type 30 has an invalid length.
[   57.285061][ T4737] loop0: detected capacity change from 0 to 512
[   57.297955][ T4737] EXT4-fs: inline encryption not supported
[   57.313346][ T4737] EXT4-fs: Ignoring removed nobh option
[   57.330985][ T4737] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   57.342670][ T4737] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   57.352950][ T4737] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.379: Corrupt directory, running e2fsck is recommended
[   57.359876][ T4739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.378614][ T4739] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.388441][ T4737] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   57.396953][ T4737] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.379: corrupted in-inode xattr: invalid ea_ino
[   57.410839][ T4737] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.379: couldn't read orphan inode 15 (err -117)
[   57.423295][ T4737] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.441422][ T4737] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   57.452993][ T4737] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   57.463118][ T4737] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.379: Corrupt directory, running e2fsck is recommended
[   57.464933][ T4744] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.486079][ T4744] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.486470][ T4737] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   57.505473][ T4737] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   57.515610][ T4737] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.379: Corrupt directory, running e2fsck is recommended
[   57.533309][ T4737] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   57.544884][ T4737] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   57.555026][ T4737] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.379: Corrupt directory, running e2fsck is recommended
[   57.564290][ T4742] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   57.570278][ T4737] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   57.613165][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.623260][ T4748] loop1: detected capacity change from 0 to 512
[   57.630348][ T4748] EXT4-fs: inline encryption not supported
[   57.636520][ T4748] EXT4-fs: Ignoring removed nobh option
[   57.646430][ T4748] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   57.658455][ T4748] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   57.668713][ T4748] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.381: Corrupt directory, running e2fsck is recommended
[   57.682646][ T4748] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   57.691028][ T4748] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.381: corrupted in-inode xattr: invalid ea_ino
[   57.705729][ T4748] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.381: couldn't read orphan inode 15 (err -117)
[   57.718634][ T4748] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.737450][ T4748] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   57.749013][ T4748] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   57.759294][ T4748] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.381: Corrupt directory, running e2fsck is recommended
[   57.774859][ T4748] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   57.786504][ T4748] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   57.796735][ T4748] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.381: Corrupt directory, running e2fsck is recommended
[   57.812179][ T4748] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   57.824000][ T4748] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   57.834306][ T4748] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.381: Corrupt directory, running e2fsck is recommended
[   57.849282][ T4748] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   57.872523][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.938242][ T4755] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   57.975386][ T4758] loop3: detected capacity change from 0 to 512
[   57.996012][ T4758] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.384: error while reading EA inode 32 err=-116
[   58.008834][ T4758] EXT4-fs (loop3): Remounting filesystem read-only
[   58.015474][ T4758] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   58.026983][ T4758] EXT4-fs (loop3): 1 orphan inode deleted
[   58.033986][ T4758] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.757101][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.818253][ T4776] loop1: detected capacity change from 0 to 512
[   58.886658][ T4781] netlink: 'syz.1.394': attribute type 5 has an invalid length.
[   58.962761][ T4783] loop3: detected capacity change from 0 to 2048
[   59.034703][ T3500]  loop3: unable to read partition table
[   59.041120][ T3500] loop3: partition table beyond EOD, truncated
[   59.073766][ T4786] loop1: detected capacity change from 0 to 512
[   59.086362][ T4786] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.396: error while reading EA inode 32 err=-116
[   59.089751][ T4783]  loop3: unable to read partition table
[   59.099146][ T4786] EXT4-fs (loop1): Remounting filesystem read-only
[   59.106516][ T4783] loop3: partition table beyond EOD, truncated
[   59.111458][ T4786] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   59.117633][ T4783] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[   59.127971][ T4786] EXT4-fs (loop1): 1 orphan inode deleted
[   59.142212][ T4786] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.188660][ T3001]  loop3: unable to read partition table
[   59.194649][ T3001] loop3: partition table beyond EOD, truncated
[   59.215997][ T3549] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   59.318845][   T29] kauditd_printk_skb: 335 callbacks suppressed
[   59.318862][   T29] audit: type=1326 audit(1759999553.811:2708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4792 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd48a4deec9 code=0x7ffc0000
[   59.349583][   T29] audit: type=1326 audit(1759999553.811:2709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4792 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd48a4deec9 code=0x7ffc0000
[   59.371380][ T4793] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   59.373582][   T29] audit: type=1326 audit(1759999553.811:2710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4792 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd48a4deec9 code=0x7ffc0000
[   59.407262][   T29] audit: type=1326 audit(1759999553.841:2711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4792 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7fd48a4deec9 code=0x7ffc0000
[   59.430964][   T29] audit: type=1326 audit(1759999553.841:2712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4792 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd48a4deec9 code=0x7ffc0000
[   59.454483][   T29] audit: type=1326 audit(1759999553.841:2713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4792 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd48a4deec9 code=0x7ffc0000
[   59.478013][   T29] audit: type=1326 audit(1759999553.841:2715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4792 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fd48a4deec9 code=0x7ffc0000
[   59.501432][   T29] audit: type=1326 audit(1759999553.841:2714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4792 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd48a4deec9 code=0x7ffc0000
[   59.516042][ T4797] __nla_validate_parse: 13 callbacks suppressed
[   59.516064][ T4797] netlink: 40 bytes leftover after parsing attributes in process `syz.3.399'.
[   59.525142][   T29] audit: type=1326 audit(1759999553.841:2717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4792 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd48a4deec9 code=0x7ffc0000
[   59.531471][ T4797] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[   59.579654][   T29] audit: type=1326 audit(1759999553.841:2716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4792 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd48a4deec9 code=0x7ffc0000
[   59.613302][ T4798] syzkaller1: entered promiscuous mode
[   59.618928][ T4798] syzkaller1: entered allmulticast mode
[   59.753572][ T4808] loop3: detected capacity change from 0 to 512
[   59.869861][ T4816] loop3: detected capacity change from 0 to 8192
[   59.876889][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.892594][ T4816] macvtap1: entered promiscuous mode
[   59.898173][ T4816] macvtap1: entered allmulticast mode
[   59.903998][ T4816] dummy0: entered promiscuous mode
[   59.909549][ T4816] dummy0: entered allmulticast mode
[   59.915872][ T4816] team0: Device macvtap1 failed to register rx_handler
[   59.924984][ T4816] dummy0: left allmulticast mode
[   59.931761][ T4816] dummy0: left promiscuous mode
[   59.985030][ T4822] netlink: 16 bytes leftover after parsing attributes in process `syz.1.409'.
[   59.997022][ T4822] loop1: detected capacity change from 0 to 512
[   60.004460][ T4822] EXT4-fs: Ignoring removed mblk_io_submit option
[   60.011317][ T4822] EXT4-fs: Ignoring removed nomblk_io_submit option
[   60.018082][ T4182] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   60.020365][ T4822] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   60.032696][ T4822] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   60.063551][ T4822] EXT4-fs (loop1): failed to initialize system zone (-117)
[   60.076473][ T4826] netlink: 8 bytes leftover after parsing attributes in process `syz.0.410'.
[   60.077368][ T4822] EXT4-fs (loop1): mount failed
[   60.095444][ T4826] loop0: detected capacity change from 0 to 2048
[   60.115595][ T4828] loop3: detected capacity change from 0 to 512
[   60.137583][ T4828] EXT4-fs: inline encryption not supported
[   60.151501][ T4828] EXT4-fs: Ignoring removed nobh option
[   60.162778][ T4828] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   60.174858][ T4828] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   60.185079][ T4828] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.411: Corrupt directory, running e2fsck is recommended
[   60.207430][ T4828] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   60.216096][ T4828] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.411: corrupted in-inode xattr: invalid ea_ino
[   60.229750][ T4828] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.411: couldn't read orphan inode 15 (err -117)
[   60.245921][ T4833] 8021q: VLANs not supported on tunl0
[   60.253956][ T4828] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.260554][ T4826]  loop0: unable to read partition table
[   60.272580][ T4826] loop0: partition table beyond EOD, truncated
[   60.279052][ T4826] loop_reread_partitions: partition scan of loop0 () failed (rc=-5)
[   60.291436][ T4828] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   60.303226][ T4828] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   60.313539][ T4828] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.411: Corrupt directory, running e2fsck is recommended
[   60.314817][ T4841] netlink: 'syz.2.415': attribute type 2 has an invalid length.
[   60.328443][ T4828] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   60.334503][ T4841] netlink: 'syz.2.415': attribute type 3 has an invalid length.
[   60.346189][ T4828] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   60.346216][ T4828] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.411: Corrupt directory, running e2fsck is recommended
[   60.349010][ T4828] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   60.353968][ T4841] netlink: 132 bytes leftover after parsing attributes in process `syz.2.415'.
[   60.364846][ T4828] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   60.408995][ T4828] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.411: Corrupt directory, running e2fsck is recommended
[   60.421129][ T3001]  loop0: unable to read partition table
[   60.428023][ T3001] loop0: partition table beyond EOD, truncated
[   60.461562][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.539272][ T4848] loop2: detected capacity change from 0 to 512
[   60.552843][ T4848] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.418: error while reading EA inode 32 err=-116
[   60.562183][ T4846] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   60.596746][ T4848] EXT4-fs (loop2): Remounting filesystem read-only
[   60.605534][ T4848] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   60.631691][ T4848] EXT4-fs (loop2): 1 orphan inode deleted
[   60.640603][ T4854] loop4: detected capacity change from 0 to 2048
[   60.647834][ T4848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.724777][ T4854]  loop4: unable to read partition table
[   60.731009][ T4854] loop4: partition table beyond EOD, truncated
[   60.737354][ T4854] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[   60.771750][ T4859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   60.780580][ T4859] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   60.795008][ T3001]  loop4: unable to read partition table
[   60.800816][ T3001] loop4: partition table beyond EOD, truncated
[   60.874949][ T4862] loop4: detected capacity change from 0 to 2048
[   60.918373][ T4864] netlink: 4 bytes leftover after parsing attributes in process `syz.3.422'.
[   60.973277][ T4862]  loop4: unable to read partition table
[   60.979289][ T4862] loop4: partition table beyond EOD, truncated
[   60.985621][ T4862] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[   61.014845][ T4870] netlink: 4 bytes leftover after parsing attributes in process `syz.3.423'.
[   61.035265][ T4876] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   61.035265][ T4876]    program syz.1.424 not setting count and/or reply_len properly
[   61.054861][ T4876] netlink: 'syz.1.424': attribute type 30 has an invalid length.
[   61.085424][ T3001]  loop4: unable to read partition table
[   61.091326][ T3001] loop4: partition table beyond EOD, truncated
[   61.091432][ T4878] loop3: detected capacity change from 0 to 512
[   61.178865][ T4884] FAULT_INJECTION: forcing a failure.
[   61.178865][ T4884] name failslab, interval 1, probability 0, space 0, times 0
[   61.185053][ T4885] loop1: detected capacity change from 0 to 512
[   61.192051][ T4884] CPU: 0 UID: 0 PID: 4884 Comm: syz.4.428 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   61.192168][ T4884] Tainted: [W]=WARN
[   61.192177][ T4884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   61.192193][ T4884] Call Trace:
[   61.192202][ T4884]  <TASK>
[   61.192215][ T4884]  __dump_stack+0x1d/0x30
[   61.192328][ T4884]  dump_stack_lvl+0xe8/0x140
[   61.192355][ T4884]  dump_stack+0x15/0x1b
[   61.192378][ T4884]  should_fail_ex+0x265/0x280
[   61.192434][ T4884]  should_failslab+0x8c/0xb0
[   61.192524][ T4884]  __kmalloc_noprof+0xa5/0x570
[   61.192561][ T4884]  ? ___neigh_create+0x4c9/0x1290
[   61.192608][ T4884]  ___neigh_create+0x4c9/0x1290
[   61.192717][ T4884]  ? ipt_do_table+0x9fb/0xab0
[   61.192821][ T4884]  ? netlbl_enabled+0x25/0x40
[   61.192856][ T4884]  ? selinux_ip_postroute+0x1b7/0xb50
[   61.192901][ T4884]  __neigh_create+0x54/0x70
[   61.193023][ T4884]  ip_neigh_gw4+0x12e/0x170
[   61.193054][ T4884]  ip_finish_output2+0x857/0x8b0
[   61.193084][ T4884]  ? __rcu_read_unlock+0x34/0x70
[   61.193167][ T4884]  ip_finish_output+0x114/0x2a0
[   61.193195][ T4884]  ip_output+0xbd/0x190
[   61.193221][ T4884]  ? __pfx_ip_finish_output+0x10/0x10
[   61.193249][ T4884]  ip_send_skb+0x12c/0x160
[   61.193287][ T4884]  udp_send_skb+0x6e3/0xa40
[   61.193341][ T4884]  udp_sendmsg+0x48d/0x13c0
[   61.193365][ T4884]  ? __rcu_read_unlock+0x4f/0x70
[   61.193446][ T4884]  ? mntput_no_expire+0x6f/0x440
[   61.193491][ T4884]  ? __rcu_read_unlock+0x4f/0x70
[   61.193516][ T4884]  ? __pfx_ip_generic_getfrag+0x10/0x10
[   61.193561][ T4884]  ? avc_has_perm+0xf7/0x180
[   61.193611][ T4884]  ? __pfx_udp_sendmsg+0x10/0x10
[   61.193639][ T4884]  inet_sendmsg+0xac/0xd0
[   61.193706][ T4884]  __sock_sendmsg+0x102/0x180
[   61.193735][ T4884]  sock_write_iter+0x1a7/0x1f0
[   61.193785][ T4884]  ? __pfx_sock_write_iter+0x10/0x10
[   61.193820][ T4884]  vfs_write+0x52a/0x960
[   61.193858][ T4884]  ksys_write+0xda/0x1a0
[   61.193893][ T4884]  __x64_sys_write+0x40/0x50
[   61.193973][ T4884]  x64_sys_call+0x2802/0x3000
[   61.194003][ T4884]  do_syscall_64+0xd2/0x200
[   61.194034][ T4884]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   61.194126][ T4884]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   61.194155][ T4884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.194187][ T4884] RIP: 0033:0x7f1981a3eec9
[   61.194209][ T4884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.194234][ T4884] RSP: 002b:00007f19804a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   61.194260][ T4884] RAX: ffffffffffffffda RBX: 00007f1981c95fa0 RCX: 00007f1981a3eec9
[   61.194333][ T4884] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[   61.194350][ T4884] RBP: 00007f19804a7090 R08: 0000000000000000 R09: 0000000000000000
[   61.194395][ T4884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.194413][ T4884] R13: 00007f1981c96038 R14: 00007f1981c95fa0 R15: 00007ffd84a924a8
[   61.194439][ T4884]  </TASK>
[   61.236152][ T4881] netlink: 64 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[   61.247455][ T4885] EXT4-fs: inline encryption not supported
[   61.446548][ T4894] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   61.448902][ T4885] EXT4-fs: Ignoring removed nobh option
[   61.533046][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.543038][ T4898] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.556209][ T4898] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   61.574159][ T4885] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   61.585808][ T4885] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   61.595975][ T4885] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.427: Corrupt directory, running e2fsck is recommended
[   61.634963][ T4903] netlink: 16 bytes leftover after parsing attributes in process `syz.3.433'.
[   61.653631][ T4903] loop3: detected capacity change from 0 to 512
[   61.661522][ T4885] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   61.664981][ T4903] EXT4-fs: Ignoring removed mblk_io_submit option
[   61.676497][ T4903] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.683843][ T4885] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.427: corrupted in-inode xattr: invalid ea_ino
[   61.696853][ T4903] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   61.698246][ T4885] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.427: couldn't read orphan inode 15 (err -117)
[   61.705980][ T4903] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   61.728899][ T4885] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.748162][ T4885] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   61.752190][ T4901] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   61.759895][ T4885] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   61.780853][ T4885] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.427: Corrupt directory, running e2fsck is recommended
[   61.794633][ T4903] EXT4-fs (loop3): failed to initialize system zone (-117)
[   61.803495][ T4885] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   61.803659][ T4903] EXT4-fs (loop3): mount failed
[   61.815319][ T4885] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   61.815347][ T4885] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.427: Corrupt directory, running e2fsck is recommended
[   61.852076][ T4885] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   61.864634][ T4885] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   61.875549][ T4885] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.427: Corrupt directory, running e2fsck is recommended
[   61.951879][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.955173][ T4911] syzkaller1: entered promiscuous mode
[   61.966725][ T4911] syzkaller1: entered allmulticast mode
[   62.019036][ T4915] netlink: 4 bytes leftover after parsing attributes in process `syz.3.435'.
[   62.029034][ T4924] loop1: detected capacity change from 0 to 512
[   62.078734][ T4928] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   62.078734][ T4928]    program syz.1.438 not setting count and/or reply_len properly
[   62.148712][ T4933] netlink: 'syz.4.440': attribute type 5 has an invalid length.
[   62.156439][ T4933] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.440'.
[   62.193084][ T4935] loop1: detected capacity change from 0 to 512
[   62.205394][ T4935] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.441: error while reading EA inode 32 err=-116
[   62.225872][ T4935] EXT4-fs (loop1): Remounting filesystem read-only
[   62.236154][ T4935] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   62.247279][ T4935] EXT4-fs (loop1): 1 orphan inode deleted
[   62.253549][ T4935] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.328561][ T4941] netlink: 'syz.4.443': attribute type 1 has an invalid length.
[   62.338759][ T4941] netlink: 'syz.4.443': attribute type 6 has an invalid length.
[   62.390109][ T4944] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.407874][ T4944] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.448089][ T4945] loop4: detected capacity change from 0 to 2048
[   62.487653][ T4948] IPv6: NLM_F_CREATE should be specified when creating new route
[   62.531909][ T4945]  loop4: unable to read partition table
[   62.538435][ T4945] loop4: partition table beyond EOD, truncated
[   62.544706][ T4945] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[   62.610802][ T3001]  loop4: unable to read partition table
[   62.617443][ T3001] loop4: partition table beyond EOD, truncated
[   62.645115][ T4948] syz.0.445 (4948) used greatest stack depth: 10160 bytes left
[   62.781039][ T4960] loop0: detected capacity change from 0 to 512
[   62.997684][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.009904][ T4964] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   63.009904][ T4964]    program syz.2.452 not setting count and/or reply_len properly
[   63.096832][ T4968] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.105540][ T4968] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.220155][ T4974] loop2: detected capacity change from 0 to 2048
[   63.333446][ T3500]  loop2: unable to read partition table
[   63.345999][ T3500] loop2: partition table beyond EOD, truncated
[   63.388757][ T4974]  loop2: unable to read partition table
[   63.401141][ T4974] loop2: partition table beyond EOD, truncated
[   63.407511][ T4974] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[   63.549426][ T3001]  loop2: unable to read partition table
[   63.555304][ T3001] loop2: partition table beyond EOD, truncated
[   63.785501][ T5006] FAULT_INJECTION: forcing a failure.
[   63.785501][ T5006] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.798786][ T5006] CPU: 0 UID: 0 PID: 5006 Comm: syz.0.464 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   63.798824][ T5006] Tainted: [W]=WARN
[   63.798831][ T5006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   63.798845][ T5006] Call Trace:
[   63.798853][ T5006]  <TASK>
[   63.798862][ T5006]  __dump_stack+0x1d/0x30
[   63.798886][ T5006]  dump_stack_lvl+0xe8/0x140
[   63.798908][ T5006]  dump_stack+0x15/0x1b
[   63.798982][ T5006]  should_fail_ex+0x265/0x280
[   63.799086][ T5006]  should_fail+0xb/0x20
[   63.799199][ T5006]  should_fail_usercopy+0x1a/0x20
[   63.799225][ T5006]  _copy_from_user+0x1c/0xb0
[   63.799255][ T5006]  do_ipt_set_ctl+0x3a0/0x820
[   63.799348][ T5006]  ? _raw_spin_unlock_bh+0x36/0x40
[   63.799384][ T5006]  ? tcp_release_cb+0xf1/0x370
[   63.799425][ T5006]  nf_setsockopt+0x196/0x1b0
[   63.799485][ T5006]  ip_setsockopt+0x102/0x110
[   63.799517][ T5006]  tcp_setsockopt+0x98/0xb0
[   63.799552][ T5006]  sock_common_setsockopt+0x66/0x80
[   63.799615][ T5006]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   63.799642][ T5006]  __sys_setsockopt+0x181/0x200
[   63.799677][ T5006]  __x64_sys_setsockopt+0x64/0x80
[   63.799754][ T5006]  x64_sys_call+0x20ec/0x3000
[   63.799782][ T5006]  do_syscall_64+0xd2/0x200
[   63.799810][ T5006]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   63.799845][ T5006]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   63.799895][ T5006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.799921][ T5006] RIP: 0033:0x7f52e392eec9
[   63.799970][ T5006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.799993][ T5006] RSP: 002b:00007f52e2397038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   63.800017][ T5006] RAX: ffffffffffffffda RBX: 00007f52e3b85fa0 RCX: 00007f52e392eec9
[   63.800033][ T5006] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[   63.800048][ T5006] RBP: 00007f52e2397090 R08: 00000000000002f0 R09: 0000000000000000
[   63.800063][ T5006] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001
[   63.800147][ T5006] R13: 00007f52e3b86038 R14: 00007f52e3b85fa0 R15: 00007fff76fe6c28
[   63.800170][ T5006]  </TASK>
[   64.055744][ T5008] netlink: 'syz.2.466': attribute type 5 has an invalid length.
[   64.154788][ T5013] loop4: detected capacity change from 0 to 512
[   64.169516][ T5013] EXT4-fs: inline encryption not supported
[   64.176860][ T5015] loop1: detected capacity change from 0 to 2048
[   64.182294][ T5013] EXT4-fs: Ignoring removed nobh option
[   64.200997][ T5017] loop2: detected capacity change from 0 to 512
[   64.214907][ T5013] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   64.226618][ T5013] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   64.236848][ T5013] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.468: Corrupt directory, running e2fsck is recommended
[   64.261023][ T5013] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   64.321263][ T5025] loop2: detected capacity change from 0 to 512
[   64.345728][ T3291]  loop1: unable to read partition table
[   64.352024][ T5013] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.468: corrupted in-inode xattr: invalid ea_ino
[   64.376947][ T3291] loop1: partition table beyond EOD, truncated
[   64.385713][ T5025] EXT4-fs: Ignoring removed mblk_io_submit option
[   64.402345][ T5013] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.468: couldn't read orphan inode 15 (err -117)
[   64.410125][ T5025] EXT4-fs: Ignoring removed nomblk_io_submit option
[   64.429272][ T5025] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   64.437879][ T5025] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   64.450115][ T5013] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.479655][ T5025] EXT4-fs (loop2): failed to initialize system zone (-117)
[   64.491791][ T5013] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   64.496916][ T5025] EXT4-fs (loop2): mount failed
[   64.503422][ T5013] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   64.518419][ T5013] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.468: Corrupt directory, running e2fsck is recommended
[   64.522254][ T5015]  loop1: unable to read partition table
[   64.537461][ T5015] loop1: partition table beyond EOD, truncated
[   64.543679][ T5015] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[   64.566046][ T5013] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   64.576952][   T29] kauditd_printk_skb: 478 callbacks suppressed
[   64.576971][   T29] audit: type=1400 audit(1759999559.071:3196): avc:  denied  { unmount } for  pid=3308 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   64.577603][ T5013] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   64.606582][ T3001]  loop1: unable to read partition table
[   64.614590][ T5013] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.468: Corrupt directory, running e2fsck is recommended
[   64.620494][ T3001] loop1: partition table beyond EOD, truncated
[   64.640005][ T5032] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   64.640035][ T5032] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   64.640051][ T5032] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.468: Corrupt directory, running e2fsck is recommended
[   64.643025][ T5013] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   64.734325][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.734497][ T5035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   64.734583][ T5035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   64.805821][ T5037] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   64.805821][ T5037]    program syz.4.475 not setting count and/or reply_len properly
[   64.897314][ T5042] syzkaller1: entered promiscuous mode
[   64.903601][ T5042] syzkaller1: entered allmulticast mode
[   64.976981][   T29] audit: type=1326 audit(1759999559.471:3197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5039 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   65.041424][   T29] audit: type=1326 audit(1759999559.471:3198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5039 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   65.066366][   T29] audit: type=1326 audit(1759999559.471:3199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5039 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   65.090194][   T29] audit: type=1326 audit(1759999559.471:3200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5039 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   65.113698][   T29] audit: type=1326 audit(1759999559.471:3201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5039 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   65.137506][   T29] audit: type=1326 audit(1759999559.471:3202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5039 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   65.161029][   T29] audit: type=1326 audit(1759999559.511:3203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5039 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   65.184491][   T29] audit: type=1326 audit(1759999559.511:3204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5039 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   65.198230][ T5041] FAULT_INJECTION: forcing a failure.
[   65.198230][ T5041] name failslab, interval 1, probability 0, space 0, times 0
[   65.207934][   T29] audit: type=1326 audit(1759999559.511:3205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5039 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   65.244800][ T5041] CPU: 1 UID: 0 PID: 5041 Comm: syz.4.476 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   65.244911][ T5041] Tainted: [W]=WARN
[   65.244920][ T5041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   65.245035][ T5041] Call Trace:
[   65.245044][ T5041]  <TASK>
[   65.245053][ T5041]  __dump_stack+0x1d/0x30
[   65.245082][ T5041]  dump_stack_lvl+0xe8/0x140
[   65.245108][ T5041]  dump_stack+0x15/0x1b
[   65.245140][ T5041]  should_fail_ex+0x265/0x280
[   65.245217][ T5041]  should_failslab+0x8c/0xb0
[   65.245265][ T5041]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   65.245377][ T5041]  ? __alloc_skb+0x101/0x320
[   65.245410][ T5041]  __alloc_skb+0x101/0x320
[   65.245441][ T5041]  netlink_alloc_large_skb+0xbf/0xf0
[   65.245471][ T5041]  netlink_sendmsg+0x3cf/0x6b0
[   65.245553][ T5041]  ? __pfx_netlink_sendmsg+0x10/0x10
[   65.245610][ T5041]  __sock_sendmsg+0x142/0x180
[   65.245634][ T5041]  ____sys_sendmsg+0x31e/0x4e0
[   65.245677][ T5041]  ___sys_sendmsg+0x17b/0x1d0
[   65.245742][ T5041]  __x64_sys_sendmsg+0xd4/0x160
[   65.245778][ T5041]  x64_sys_call+0x191e/0x3000
[   65.245803][ T5041]  do_syscall_64+0xd2/0x200
[   65.245844][ T5041]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.245880][ T5041]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   65.245908][ T5041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.245990][ T5041] RIP: 0033:0x7f1981a3eec9
[   65.246006][ T5041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.246023][ T5041] RSP: 002b:00007f19804a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   65.246046][ T5041] RAX: ffffffffffffffda RBX: 00007f1981c95fa0 RCX: 00007f1981a3eec9
[   65.246063][ T5041] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[   65.246079][ T5041] RBP: 00007f19804a7090 R08: 0000000000000000 R09: 0000000000000000
[   65.246174][ T5041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.246190][ T5041] R13: 00007f1981c96038 R14: 00007f1981c95fa0 R15: 00007ffd84a924a8
[   65.246211][ T5041]  </TASK>
[   65.488690][ T5054] netlink: 'syz.3.479': attribute type 5 has an invalid length.
[   65.496493][ T5054] __nla_validate_parse: 9 callbacks suppressed
[   65.496508][ T5054] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.479'.
[   65.700552][ T5077] loop3: detected capacity change from 0 to 1024
[   65.803772][ T5077] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.485: Allocating blocks 497-513 which overlap fs metadata
[   65.822636][ T5089] netlink: 12 bytes leftover after parsing attributes in process `syz.2.486'.
[   65.883279][ T5097] loop2: detected capacity change from 0 to 1024
[   65.901220][ T5075] EXT4-fs (loop3): pa ffff8881072801c0: logic 64, phys. 177, len 21
[   65.909545][ T5075] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   65.951978][ T5102] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.962391][ T5102] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   65.999236][ T5097] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.488: Allocating blocks 497-513 which overlap fs metadata
[   66.023764][ T5106] netlink: 16 bytes leftover after parsing attributes in process `syz.1.490'.
[   66.027824][ T5090] netlink: 20 bytes leftover after parsing attributes in process `syz.0.487'.
[   66.107487][ T5095] EXT4-fs (loop2): pa ffff888107280230: logic 64, phys. 177, len 21
[   66.115809][ T5095] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   66.175814][ T5122] loop1: detected capacity change from 0 to 512
[   66.182671][ T5122] EXT4-fs: Ignoring removed bh option
[   66.197669][ T5122] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   66.227607][ T5130] netlink: 'syz.2.494': attribute type 5 has an invalid length.
[   66.235975][ T5130] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.494'.
[   66.246836][ T5128] netlink: 16 bytes leftover after parsing attributes in process `syz.3.495'.
[   66.274610][ T5128] loop3: detected capacity change from 0 to 512
[   66.284121][ T5128] EXT4-fs: Ignoring removed mblk_io_submit option
[   66.290771][ T5128] EXT4-fs: Ignoring removed nomblk_io_submit option
[   66.301114][ T5128] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   66.309787][ T5128] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   66.325542][ T5122] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.493: iget: bad i_size value: 2533274857506816
[   66.340439][ T5128] EXT4-fs (loop3): failed to initialize system zone (-117)
[   66.348436][ T5128] EXT4-fs (loop3): mount failed
[   66.407839][ T5132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.496'.
[   66.536033][ T5151] loop3: detected capacity change from 0 to 512
[   66.549546][ T5153] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   66.549546][ T5153]    program syz.4.502 not setting count and/or reply_len properly
[   66.679687][ T5159] netlink: 16 bytes leftover after parsing attributes in process `syz.4.504'.
[   66.814092][ T5164] SELinux:  policydb version 0 does not match my version range 15-35
[   66.824490][ T5164] SELinux: failed to load policy
[   66.831034][ T5173] netlink: 'syz.4.510': attribute type 5 has an invalid length.
[   66.838765][ T5173] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.510'.
[   67.025261][ T5182] loop3: detected capacity change from 0 to 512
[   67.076773][ T5186] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   67.076773][ T5186]    program syz.2.515 not setting count and/or reply_len properly
[   67.095568][ T5188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.105684][ T5188] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.106161][ T5189] netlink: 104 bytes leftover after parsing attributes in process `syz.3.516'.
[   67.128646][ T5189] loop3: detected capacity change from 0 to 512
[   67.135321][ T5189] ext4: Unknown parameter 'smackfshat'
[   67.265175][ T5194] loop3: detected capacity change from 0 to 512
[   67.283931][ T5199] FAULT_INJECTION: forcing a failure.
[   67.283931][ T5199] name failslab, interval 1, probability 0, space 0, times 0
[   67.297041][ T5199] CPU: 1 UID: 0 PID: 5199 Comm: syz.1.520 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   67.297130][ T5199] Tainted: [W]=WARN
[   67.297159][ T5199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   67.297201][ T5199] Call Trace:
[   67.297210][ T5199]  <TASK>
[   67.297221][ T5199]  __dump_stack+0x1d/0x30
[   67.297249][ T5199]  dump_stack_lvl+0xe8/0x140
[   67.297271][ T5199]  dump_stack+0x15/0x1b
[   67.297288][ T5199]  should_fail_ex+0x265/0x280
[   67.297412][ T5199]  ? __se_sys_memfd_create+0x1cc/0x590
[   67.297441][ T5199]  should_failslab+0x8c/0xb0
[   67.297544][ T5199]  __kmalloc_cache_noprof+0x4c/0x4a0
[   67.297573][ T5199]  ? fput+0x8f/0xc0
[   67.297614][ T5199]  __se_sys_memfd_create+0x1cc/0x590
[   67.297687][ T5199]  __x64_sys_memfd_create+0x31/0x40
[   67.297708][ T5199]  x64_sys_call+0x2ac2/0x3000
[   67.297729][ T5199]  do_syscall_64+0xd2/0x200
[   67.297757][ T5199]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   67.297909][ T5199]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   67.297944][ T5199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.297973][ T5199] RIP: 0033:0x7f6a1b72eec9
[   67.297992][ T5199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.298011][ T5199] RSP: 002b:00007f6a1a196e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   67.298029][ T5199] RAX: ffffffffffffffda RBX: 000000000000051a RCX: 00007f6a1b72eec9
[   67.298042][ T5199] RDX: 00007f6a1a196ef0 RSI: 0000000000000000 RDI: 00007f6a1b7b2960
[   67.298053][ T5199] RBP: 0000200000000ac0 R08: 00007f6a1a196bb7 R09: 00007f6a1a196e40
[   67.298087][ T5199] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[   67.298161][ T5199] R13: 00007f6a1a196ef0 R14: 00007f6a1a196eb0 R15: 0000200000000340
[   67.298187][ T5199]  </TASK>
[   67.311396][ T5194] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   67.321226][ T5194] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   67.321411][ T5194] EXT4-fs (loop3): orphan cleanup on readonly fs
[   67.322995][ T5194] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.518: corrupted inode contents
[   67.323231][ T5194] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #16: comm syz.3.518: mark_inode_dirty error
[   67.323381][ T5194] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.518: corrupted inode contents
[   67.323505][ T5194] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.518: mark_inode_dirty error
[   67.323658][ T5194] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.518: corrupted inode contents
[   67.323823][ T5194] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[   67.323993][ T5194] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.518: corrupted inode contents
[   67.324113][ T5194] EXT4-fs error (device loop3): ext4_truncate:4637: inode #16: comm syz.3.518: mark_inode_dirty error
[   67.324272][ T5194] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[   67.324654][ T5194] EXT4-fs (loop3): 1 truncate cleaned up
[   67.324983][   T58] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 1
[   67.409815][ T5204] 0ªî{X¹¦: renamed from gretap0 (while UP)
[   67.412159][ T5204] 0ªî{X¹¦: entered allmulticast mode
[   67.717531][ T5204] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   67.774252][ T5218] netlink: 'syz.1.525': attribute type 5 has an invalid length.
[   67.908317][ T5228] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   67.908317][ T5228]    program syz.2.529 not setting count and/or reply_len properly
[   67.939804][ T5226] loop4: detected capacity change from 0 to 512
[   67.943210][ T5224] loop0: detected capacity change from 0 to 512
[   67.992702][ T5224] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.527: error while reading EA inode 32 err=-116
[   68.014061][ T5237] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   68.017697][ T5224] EXT4-fs (loop0): Remounting filesystem read-only
[   68.027879][ T5224] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   68.038339][ T5224] EXT4-fs (loop0): 1 orphan inode deleted
[   68.069232][ T5241] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.078688][ T5241] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.108579][ T5244] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.117702][ T5244] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.212176][ T5250] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5250 comm=syz.4.536
[   68.240401][ T5250] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=5250 comm=syz.4.536
[   68.256100][ T5250] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5250 comm=syz.4.536
[   68.834794][ T5268] netlink: 'syz.1.541': attribute type 5 has an invalid length.
[   69.071231][ T5289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.081430][ T5289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.305553][ T5292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.316111][ T5292] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.616132][ T5295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.624651][ T5295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.740630][ T5301] bond1: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[   69.751684][ T5301] bond1 (unregistering): Released all slaves
[   69.815254][ T5299] loop0: detected capacity change from 0 to 512
[   69.822530][ T5299] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   69.834177][ T5299] EXT4-fs (loop0): 1 truncate cleaned up
[   69.843978][   T29] kauditd_printk_skb: 409 callbacks suppressed
[   69.843995][   T29] audit: type=1326 audit(1759999564.331:3614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   69.879389][ T5306] FAULT_INJECTION: forcing a failure.
[   69.879389][ T5306] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.890204][   T29] audit: type=1326 audit(1759999564.371:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   69.892536][ T5306] CPU: 1 UID: 0 PID: 5306 Comm: syz.3.554 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   69.892582][ T5306] Tainted: [W]=WARN
[   69.892592][ T5306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   69.892612][ T5306] Call Trace:
[   69.892696][ T5306]  <TASK>
[   69.892707][ T5306]  __dump_stack+0x1d/0x30
[   69.892737][ T5306]  dump_stack_lvl+0xe8/0x140
[   69.892808][ T5306]  dump_stack+0x15/0x1b
[   69.892871][ T5306]  should_fail_ex+0x265/0x280
[   69.892921][ T5306]  should_fail+0xb/0x20
[   69.892964][ T5306]  should_fail_usercopy+0x1a/0x20
[   69.893000][ T5306]  _copy_from_user+0x1c/0xb0
[   69.893076][ T5306]  ___sys_sendmsg+0xc1/0x1d0
[   69.893139][ T5306]  __x64_sys_sendmsg+0xd4/0x160
[   69.893189][ T5306]  x64_sys_call+0x191e/0x3000
[   69.893238][ T5306]  do_syscall_64+0xd2/0x200
[   69.893336][ T5306]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   69.893376][ T5306]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   69.893406][ T5306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.893484][ T5306] RIP: 0033:0x7fd48a4deec9
[   69.893506][ T5306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.893532][ T5306] RSP: 002b:00007fd488f47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   69.893559][ T5306] RAX: ffffffffffffffda RBX: 00007fd48a735fa0 RCX: 00007fd48a4deec9
[   69.893637][ T5306] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[   69.893666][ T5306] RBP: 00007fd488f47090 R08: 0000000000000000 R09: 0000000000000000
[   69.893682][ T5306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.893699][ T5306] R13: 00007fd48a736038 R14: 00007fd48a735fa0 R15: 00007fff22a43e18
[   69.893727][ T5306]  </TASK>
[   70.094170][   T29] audit: type=1326 audit(1759999564.371:3616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   70.118543][   T29] audit: type=1326 audit(1759999564.371:3617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   70.142234][   T29] audit: type=1326 audit(1759999564.371:3618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   70.165816][   T29] audit: type=1326 audit(1759999564.371:3619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   70.189246][   T29] audit: type=1326 audit(1759999564.371:3620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   70.212702][   T29] audit: type=1326 audit(1759999564.371:3621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   70.236236][   T29] audit: type=1326 audit(1759999564.371:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   70.259720][   T29] audit: type=1326 audit(1759999564.371:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5298 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52e392eec9 code=0x7ffc0000
[   70.300724][ T3308] EXT4-fs unmount: 11 callbacks suppressed
[   70.300744][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.400034][ T5329] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   70.406064][ T5328] loop3: detected capacity change from 0 to 1024
[   70.417643][ T5328] EXT4-fs: Ignoring removed nobh option
[   70.423381][ T5328] EXT4-fs: Ignoring removed bh option
[   70.438850][ T5328] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   70.456825][ T5332] FAULT_INJECTION: forcing a failure.
[   70.456825][ T5332] name failslab, interval 1, probability 0, space 0, times 0
[   70.470131][ T5332] CPU: 1 UID: 0 PID: 5332 Comm: syz.4.562 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   70.470173][ T5332] Tainted: [W]=WARN
[   70.470182][ T5332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   70.470197][ T5332] Call Trace:
[   70.470203][ T5332]  <TASK>
[   70.470212][ T5332]  __dump_stack+0x1d/0x30
[   70.470240][ T5332]  dump_stack_lvl+0xe8/0x140
[   70.470266][ T5332]  dump_stack+0x15/0x1b
[   70.470364][ T5332]  should_fail_ex+0x265/0x280
[   70.470410][ T5332]  should_failslab+0x8c/0xb0
[   70.470446][ T5332]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   70.470487][ T5332]  ? perf_event_alloc+0x14c/0x1740
[   70.470516][ T5332]  perf_event_alloc+0x14c/0x1740
[   70.470589][ T5332]  __se_sys_perf_event_open+0x4a5/0x11c0
[   70.470638][ T5332]  __x64_sys_perf_event_open+0x67/0x80
[   70.470673][ T5332]  x64_sys_call+0x7bd/0x3000
[   70.470696][ T5332]  do_syscall_64+0xd2/0x200
[   70.470726][ T5332]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   70.470767][ T5332]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   70.470795][ T5332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.470816][ T5332] RIP: 0033:0x7f1981a3eec9
[   70.470831][ T5332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.470923][ T5332] RSP: 002b:00007f19804a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   70.470948][ T5332] RAX: ffffffffffffffda RBX: 00007f1981c95fa0 RCX: 00007f1981a3eec9
[   70.470995][ T5332] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000800
[   70.471012][ T5332] RBP: 00007f19804a7090 R08: 000000000000000b R09: 0000000000000000
[   70.471028][ T5332] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   70.471092][ T5332] R13: 00007f1981c96038 R14: 00007f1981c95fa0 R15: 00007ffd84a924a8
[   70.471119][ T5332]  </TASK>
[   70.472295][ T5328] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.610666][ T5338] __nla_validate_parse: 9 callbacks suppressed
[   70.610689][ T5338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.559'.
[   70.621732][ T5339] loop4: detected capacity change from 0 to 512
[   70.632556][ T5338] netlink: 20 bytes leftover after parsing attributes in process `syz.0.559'.
[   70.709479][ T5341] loop1: detected capacity change from 0 to 512
[   70.761227][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.802415][ T5350] macvlan1: entered promiscuous mode
[   70.809256][ T5350] ipvlan0: entered promiscuous mode
[   70.815198][ T5350] ipvlan0: left promiscuous mode
[   70.821714][ T5350] macvlan1: left promiscuous mode
[   70.828019][ T5352] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   70.840736][ T5352] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.185904][ T5360] netlink: 4 bytes leftover after parsing attributes in process `syz.2.572'.
[   71.226466][ T5368] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   71.361720][ T5379] FAULT_INJECTION: forcing a failure.
[   71.361720][ T5379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.375644][ T5379] CPU: 1 UID: 0 PID: 5379 Comm: syz.0.578 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   71.375698][ T5379] Tainted: [W]=WARN
[   71.375707][ T5379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   71.375720][ T5379] Call Trace:
[   71.375727][ T5379]  <TASK>
[   71.375735][ T5379]  __dump_stack+0x1d/0x30
[   71.375757][ T5379]  dump_stack_lvl+0xe8/0x140
[   71.375828][ T5379]  dump_stack+0x15/0x1b
[   71.375851][ T5379]  should_fail_ex+0x265/0x280
[   71.375994][ T5379]  should_fail+0xb/0x20
[   71.376025][ T5379]  should_fail_usercopy+0x1a/0x20
[   71.376075][ T5379]  _copy_from_user+0x1c/0xb0
[   71.376103][ T5379]  ___sys_sendmsg+0xc1/0x1d0
[   71.376146][ T5379]  __x64_sys_sendmsg+0xd4/0x160
[   71.376225][ T5379]  x64_sys_call+0x191e/0x3000
[   71.376261][ T5379]  do_syscall_64+0xd2/0x200
[   71.376284][ T5379]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   71.376360][ T5379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.376384][ T5379] RIP: 0033:0x7f52e392eec9
[   71.376400][ T5379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.376438][ T5379] RSP: 002b:00007f52e2397038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   71.376458][ T5379] RAX: ffffffffffffffda RBX: 00007f52e3b85fa0 RCX: 00007f52e392eec9
[   71.376503][ T5379] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000009
[   71.376516][ T5379] RBP: 00007f52e2397090 R08: 0000000000000000 R09: 0000000000000000
[   71.376529][ T5379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.376541][ T5379] R13: 00007f52e3b86038 R14: 00007f52e3b85fa0 R15: 00007fff76fe6c28
[   71.376594][ T5379]  </TASK>
[   71.608725][ T5378] syzkaller1: entered promiscuous mode
[   71.614685][ T5378] syzkaller1: entered allmulticast mode
[   71.720104][ T5392] mmap: syz.0.580 (5392) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   71.771863][ T5396] netlink: 16 bytes leftover after parsing attributes in process `syz.4.583'.
[   71.879273][ T5408] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   71.879273][ T5408]    program syz.4.589 not setting count and/or reply_len properly
[   71.915317][ T5413] netlink: 4 bytes leftover after parsing attributes in process `syz.1.586'.
[   71.941788][ T5416] netlink: 16 bytes leftover after parsing attributes in process `syz.2.590'.
[   71.954796][ T5416] loop2: detected capacity change from 0 to 512
[   71.961975][ T5416] EXT4-fs: Ignoring removed mblk_io_submit option
[   71.968836][ T5416] EXT4-fs: Ignoring removed nomblk_io_submit option
[   71.998367][ T5420] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   71.998367][ T5420]    program syz.4.592 not setting count and/or reply_len properly
[   72.018968][ T5416] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   72.027696][ T5416] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   72.032148][ T5422] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[   72.032148][ T5422]    program syz.1.593 not setting count and/or reply_len properly
[   72.066501][ T5420] netlink: 'syz.4.592': attribute type 30 has an invalid length.
[   72.067172][ T5416] EXT4-fs (loop2): failed to initialize system zone (-117)
[   72.083350][ T5416] EXT4-fs (loop2): mount failed
[   72.134019][ T5430] loop1: detected capacity change from 0 to 512
[   72.141325][ T5430] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   72.166151][ T5430] netlink: 4 bytes leftover after parsing attributes in process `syz.1.596'.
[   72.239183][ T5438] netlink: 36 bytes leftover after parsing attributes in process `syz.1.600'.
[   72.248341][ T5438] netlink: 36 bytes leftover after parsing attributes in process `syz.1.600'.
[   72.261186][ T5438] netlink: 36 bytes leftover after parsing attributes in process `syz.1.600'.
[   72.263396][ T5439] No source specified
[   72.328957][ T5441] syzkaller1: entered promiscuous mode
[   72.334479][ T5441] syzkaller1: entered allmulticast mode
[   72.407098][ T5434] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   72.644554][ T5463] loop2: detected capacity change from 0 to 512
[   72.653541][ T5463] EXT4-fs: Ignoring removed mblk_io_submit option
[   72.667357][ T5463] EXT4-fs: Ignoring removed nomblk_io_submit option
[   72.674459][ T5463] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   72.683103][ T5463] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   72.696890][ T5463] EXT4-fs (loop2): failed to initialize system zone (-117)
[   72.704628][ T5463] EXT4-fs (loop2): mount failed
[   72.731733][ T5461] SELinux:  policydb version 0 does not match my version range 15-35
[   72.740259][ T5461] SELinux: failed to load policy
[   72.762880][ T5468] loop2: detected capacity change from 0 to 512
[   72.774223][ T5468] EXT4-fs (loop2): orphan cleanup on readonly fs
[   72.797024][ T5468] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.607: corrupted in-inode xattr: invalid size in ea xattr
[   72.812841][ T5470] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   72.836695][ T5470] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.846468][ T5468] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.607: couldn't read orphan inode 15 (err -117)
[   72.864215][ T5468] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   72.879123][ T5468] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.887518][ T5472] loop3: detected capacity change from 0 to 512
[   72.895723][ T5472] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   72.905865][    T9] ==================================================================
[   72.914073][    T9] BUG: KCSAN: data-race in delete_from_page_cache_batch / nr_blockdev_pages
[   72.922884][    T9] 
[   72.925223][    T9] read-write to 0xffff888100480bb8 of 8 bytes by task 5468 on cpu 1:
[   72.933381][    T9]  delete_from_page_cache_batch+0x4f1/0x6f0
[   72.939401][    T9]  truncate_inode_pages_range+0x1ba/0x780
[   72.945222][    T9]  truncate_inode_pages+0x24/0x30
[   72.950257][    T9]  blkdev_flush_mapping+0xa4/0x1a0
[   72.955387][    T9]  bdev_release+0x2bf/0x3d0
[   72.959910][    T9]  blkdev_release+0x15/0x20
[   72.964866][    T9]  __fput+0x298/0x650
[   72.968868][    T9]  ____fput+0x1c/0x30
[   72.972891][    T9]  task_work_run+0x12e/0x1a0
[   72.977495][    T9]  exit_to_user_mode_loop+0xed/0x110
[   72.982829][    T9]  do_syscall_64+0x1d6/0x200
[   72.987433][    T9]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.993341][    T9] 
[   72.995679][    T9] read to 0xffff888100480bb8 of 8 bytes by task 9 on cpu 0:
[   73.003152][    T9]  nr_blockdev_pages+0x7e/0xd0
[   73.007929][    T9]  si_meminfo+0x87/0xd0
[   73.012104][    T9]  update_defense_level+0x47/0x5c0
[   73.017233][    T9]  defense_work_handler+0x1f/0x80
[   73.022269][    T9]  process_scheduled_works+0x4cb/0x9d0
[   73.027754][    T9]  worker_thread+0x582/0x770
[   73.032452][    T9]  kthread+0x486/0x510
[   73.036533][    T9]  ret_from_fork+0x122/0x1b0
[   73.041142][    T9]  ret_from_fork_asm+0x1a/0x30
[   73.045931][    T9] 
[   73.048267][    T9] value changed: 0x0000000000000001 -> 0x0000000000000000
[   73.055379][    T9] 
[   73.057708][    T9] Reported by Kernel Concurrency Sanitizer on:
[   73.064044][    T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   73.075520][    T9] Tainted: [W]=WARN
[   73.079426][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   73.089586][    T9] Workqueue: events_long defense_work_handler
[   73.095680][    T9] ==================================================================
[   73.116751][ T5472] EXT4-fs (loop3): 1 truncate cleaned up
[   73.123032][ T5472] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.166973][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.936037][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110