last executing test programs:

2.945108521s ago: executing program 1 (id=413):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=<r3=>0x0, &(0x7f0000000480)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0xffffffffffffff0f, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x18)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0, 0x32})
io_uring_enter(r2, 0x3498, 0x969, 0xffff000000000000, 0x0, 0x0)
r7 = dup3(r2, r0, 0x80000)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x210e, 0x10080, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x2, @perf_config_ext={0x82, 0x5}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
connect$l2tp(r7, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r8=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r7, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000380)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140), <r9=>0x0, 0x3c, &(0x7f00000005c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0xba, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
pipe2(&(0x7f00000006c0)={<r10=>0xffffffffffffffff}, 0x0)
close_range(r10, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r11, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000d40)={0x24, 0x4, 0x8, 0x3, 0x0, 0x0, {0x3}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x12d17}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x3, 0x5, &(0x7f00000009c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x6}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}]}, &(0x7f0000000180)='GPL\x00', 0x3, 0x49, &(0x7f0000000240)=""/73, 0x41100, 0x0, '\x00', r8, @fallback=0x26, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0xb, 0x80, 0x6}, 0x10, r9, 0xffffffffffffffff, 0x9, &(0x7f0000000800)=[r7, r1, r7, r7, r10, r7, r7], &(0x7f0000000840)=[{0x0, 0x5, 0xc, 0x2}, {0x5, 0x3, 0x6, 0x8}, {0x5, 0x5, 0xe, 0x3}, {0x6, 0x3, 0xd}, {0x5, 0x2, 0x9, 0x1}, {0x5, 0x5, 0x3, 0x6}, {0x2, 0x1, 0x4, 0x9}, {0x200004, 0x1, 0x8, 0x3}, {0x0, 0x5, 0x0, 0x1}], 0x10, 0xc89b}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
r12 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r12)

2.125080057s ago: executing program 1 (id=421):
syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, 0x0)

2.121533137s ago: executing program 1 (id=422):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = inotify_init1(0x0)
ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000280)=""/230)
inotify_add_watch(r4, &(0x7f0000000400)='.\x00', 0xa4000021)
read(r4, 0x0, 0x20)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x48, 0x140d, 0x200, 0x70bd26, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x5}, 0x24000000)
close(r4)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x40, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x20000023896)
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]})
ioctl$LOOP_CLR_FD(r5, 0x4c01)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESHEX=r1, @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r9}, 0x10)
quotactl_fd$Q_SYNC(r9, 0xffffffff80000102, 0x0, 0x0)

1.559248611s ago: executing program 3 (id=430):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0xa802, 0x0)
close(r1)
r2 = socket(0x1e, 0x4, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000001c0)='kfree\x00', r5}, 0x18)
r6 = openat$selinux_context(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$selinux_context(r6, &(0x7f0000000340)='system_u:object_r:hugetlbfs_t:s0\x00', 0xff7)
setsockopt$sock_linger(r3, 0x1, 0x3d, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000d40)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="a1ab2abd70000000000032"], 0x24}, 0x1, 0x0, 0x0, 0x4050}, 0x0)
sendmsg$NL80211_CMD_SET_MPATH(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000700)={0x80, r7, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x80}, 0x1, 0x0, 0x0, 0x24000005}, 0x50)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000200000000000000ffffffff952d96e7d800000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa3)

1.423331667s ago: executing program 1 (id=433):
ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2003, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='rxrpc_peer\x00', r1}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x95255000)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
r3 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3f8, 0x2c0, 0x0, 0x2c0, 0x138, 0x0, 0x360, 0x360, 0x360, 0x360, 0x360, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0xff, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0xf, 0x7b7b, @remote, 0x4e22}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x458)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x5, 0x200, 0x0})
socket$netlink(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0xb, 0x8, 0x1c7, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd98872209ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab122c4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f0121a4929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000880)={0x8, 0x0, 0xc6, 0x80000000}, 0x10)

1.346028691s ago: executing program 3 (id=436):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000004c0)=@generic={&(0x7f0000000540)='./file0\x00', r0}, 0x18)

1.240811955s ago: executing program 3 (id=437):
prctl$PR_SET_NAME(0xf, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000380)='GPL\x00')
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b000000050000000200000002000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2, 0x0, 0xff}, 0x18)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r4=>r0, {0x4}}, './file0\x00'})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r4, 0x20, &(0x7f0000000300)={&(0x7f0000000140)=""/224, 0xe0, 0x0, &(0x7f0000000240)=""/170, 0xaa}}, 0x10)
close(r3)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r1, &(0x7f0000000600)={&(0x7f00000003c0), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x64, 0x3, 0x3, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x4a67}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffd, 0xb}}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffb, 0x7fff}}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffb}}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x1ff}, @NFQA_VERDICT_HDR={0xc, 0x2, {0x0, 0x4}}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x7}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x101}]}, 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x20040880)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(r5, 0x6)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
accept(r3, 0x0, 0x0)

1.225880106s ago: executing program 3 (id=438):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000340)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@dioread_lock}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x41, 0x0, 0x0, 0x0, 0x0, 0x82240, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200000004, 0x8}, 0x2, 0x0, 0x0, 0x8, 0x43fe, 0x7fffffff, 0x0, 0x0, 0x40000000, 0x0, 0x8800000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x10, 0x3, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x20000044)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x41, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x400, 0x0, 0x8, 0x3fe, 0x7ffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xce9d8d60ab13d530, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$selinux_user(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="000000000000000018119e00", @ANYRES32, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x203, 0x8401)
ioctl$USBDEVFS_ALLOW_SUSPEND(r2, 0x5522)
ioctl$USBDEVFS_BULK(r2, 0x5523, 0x0)
ioctl$USBDEVFS_FORBID_SUSPEND(r2, 0x5521)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8946, &(0x7f0000000400)='{\x05T\x82\x89\x98Yi:')
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0xfff}, 0x0, 0x2, 0x0, 0x1}, 0x0, 0xffffffffffffff7f, 0xffffffffffffffff, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000000f5ff000082580000000095"], &(0x7f0000000440)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00', r4}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[], &(0x7f0000000440)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00', r5}, 0x10)
r6 = socket$kcm(0x2, 0x1, 0x106)
sendmsg$inet(r6, &(0x7f0000000080)={0x0, 0x3, 0x0}, 0x30004001)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
epoll_create1(0x80000)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0b000000070500"/17], 0x48)

1.189685727s ago: executing program 4 (id=439):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0xd}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x8, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
close(r0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sendmsg$inet6(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000006c0)="bd", 0x1}], 0x1}, 0x4040845)

1.153847369s ago: executing program 0 (id=441):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00006600}, 0x8000000, 0x0, 0x1}, 0x20)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x5, 0x84)
socket(0x2, 0x80805, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f00000004c0)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x1f5}}, {@grpjquota, 0x2e}, {@barrier}, {@nolazytime}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4aa, &(0x7f0000000740)="$eJzs3MtvG0UYAPBvN4++m7SURx9QQ0FEFJImLdADh4JA6gUJCQ7lGNJQlaYtaoJEq4oGhMoR8RcARyQkTlw4gYQQcAJxhTtCqlAvLRxQ0Nq7ybqxU8d5GOrfT7IzszvrmW93xx7vZB1A16pkT0nE1oj4NSIGatn6ApXan5vXL0/8df3yRBJzcy//mVTL3bh+eaIoWmy3Jc8MpRHp+0nsbVDv9MVLZ8anpiYv5PmRmbNvjkxfvPTE6bPjpyZPTZ4bO3r0yOHRp58ae3JV4sziurHnnfP7dh9/9aMXJ+bitR8+z9q7NV9fjqNmcMV1VqISc7mFpf3V50dW/Or/LdtK6aS3gw1hWXoiIjtcfdX+PxA9sXDwBuKF9+Yz33aogcCayT6bdixa2pP/Tec/v4A7UaKPQ5cqPvGz77/FYz3HH5127dnsebIa/838UVvTG2n2XXaw9o29p8n2x1ZY/9aIODH798fZIxpehwAAWF1fZ+OfxxuN/9K4p1Ruez6HMhgRByNiZ0TcFRG7IuLuiGrZeyPivmXWX7klv3j88/OmtgJrUTb+eyaf26of/6V5iWQ+t60af1/y+umpyUP5PhmKvg1ZfnSJOr55/pcPm62rlMZ/2SOrvxgL5u34o3dD/TYnx2fGVxBynWvvRuzpbRR/Mj8TkO2B3RGxp43Xz/bZ6cc+25elt29ZvP728S9hFeaZ5j6NeLR2/GfjlvgLSa2mZvOTIxtjavLQSHFWLPbjT1dfKuf7Sum6+De2FtPGdoNtIDv+mxue/3n8RTco5munl1/H1d8+aPqdZvHxT+LEbLlE7fxPS0uy878/eaWa7s+XvT0+M3NhNKI/X1C3fGxh2yJflM/iHzrQuP/vjPjnk3y7vRGRncT3R8QDEbE/b/uDEfFQRBxYIv7vn3v4jaX3UJvn/yrI4j+51PGPGEzK8/VtJHrOfPdVs/pbe/87Uk0N5Utaef9rtYEr2XcAAADwf5FW56CTdLhIly5O7YrN6dT56ZmDlXjr3MnaXPVg9KXFla6B0vXQ0fzacJEfuyV/OCJ2VP/TaFM1PzxxfmpbJwMHqvfq1PX/SNPh4dq635v90wtw51jWPFr57sAvvlz9xgDryv2a0L30f+he+j90L/0fulej/n8l4mYHmgKsM5//0L30f+he+j90L/0futLiW+KLn1tp507/hcTO4yvafM0TcwNr8sqzy9+qZ40ijfKPdjRNJBHRXhWRLl2mv4XaO5ZIb1vmWJu7ZRmJ/XliQ0S0utWVddurnX1fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWC3/BgAA//+NJdz0")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x2000, 0x0)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r2, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
recvfrom$inet6(r2, 0x0, 0x0, 0x120, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x34, 0x10, 0x401, 0x70bd2c, 0x2, {0x0, 0x0, 0x0, 0x0, 0x401c0}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}]}, 0x34}}, 0x0)
recvfrom$inet6(r2, 0x0, 0x0, 0x2002, 0x0, 0x0)
r4 = socket$inet(0x2, 0x2, 0x1)
r5 = socket$packet(0x11, 0x2, 0x300)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000100)=@req3={0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x861}, 0x1c)
sendmsg$inet(r4, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @broadcast}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000940b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20008024)
getdents(r1, 0x0, 0x54)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000000)={&(0x7f00000002c0)={0x2, 0xffff, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@cswp={0x58, 0x114, 0x7, {{0x1, 0x3}, &(0x7f0000000140)=0x4, 0x0, 0x2, 0x3ff, 0xd, 0x8000000000000000, 0x8, 0x2}}, @mask_fadd={0x58, 0x114, 0x8, {{0xfffffff4, 0x5}, 0x0, 0x0, 0x1c4f, 0x5, 0x8, 0x8, 0x13}}], 0xb0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000000)=':\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000001c0)='./file0\x00', 0x800000, &(0x7f0000000200)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303136323134372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c696f636861727365743d6d61637475726b6973682c6e6f6e756d7461696c3d302c696f636861727365743d6b6f69382d72752c756e695f786c6174653d302c696f636861727365743d757466382c6572726f72733d636f6e74696e75652c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c7379735f696d6d757461626c652c757466383d302c0074c3fc52ac6365d676e1"], 0x1, 0x378, &(0x7f0000001080)="$eJzs3U1rXFUYAOC3Y/Op6cxCBBXxUDe6GZL4BxqkBTGgxI5UF8KtmeiQaSbMHSJTRLtz6+8oLt0J4h/IQvfu3GXjsovSK5mP5qNjSomTS/V5YDjvzDnv3HPu5V7O5vIe3PrhzvZWXt/KelG5lqISEZUHEbVBNHRp1FYG8Wwcdy/eqd76442PP/3sg7X19esbKd1Yu/nuakrpypu/fP3Nj1d/7b34yU9Xfp6L/drnB3+t/rn/yv6rB49uftXKUytPO51eytLtTqeX3W4302Yr366n9FG7meXN1NrJm90T/Vvtzu5uP2U7m0uLu91mnqdsp5+2m/3U66Ret5+yL7PWTqrX62lpMXiaxv2NjWxtGM+fMe7aRU2IKeh217LDe3juiZ7G/VImBACU6rz7/9l/df8/E/b/F+n4/p//qsP9/+zo/j3J/h8AAAAAAAAAAAAAAJ4HD4qiWhRFddwW45eER99Lnh5T9sT1P/Upe35M17EX9+Yj2t/vNfYaw3bYv7YVrWhHM5ajGg8PHwtjw/jG++vXl9NALZbufDfIv/pbROOFk/krUY3a5PyVYX56nB+H7UwsHs9fjWq8PDl/dWL+bLz91rH8elTj9y+iE+3YHDzejvK/XUnpvQ/XT+XPDcYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8P9QT2Ovx7Du/V4jYiH2RvX760cDaifr4w/zH9fXX45qPJxcn395Yn3+y/Ha5XLXDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjef/udtZuN7sXFYxr/g9+mR0H/5x1aTj83qmuhTg5eO5p/3POoPJMWQujRU7oelQUxbSmOn+xl/I8wUxEnDGmGJ3A8x/rpYg4Y8xcREx/yZXyT/gzB2U8jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBcR0W/y54JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZcr7d7ezdrvZnWJw1vFrF7dUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA58LfAQAA//8FFgzv")
socket$nl_netfilter(0x10, 0x3, 0xc)

1.126446811s ago: executing program 4 (id=442):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r0, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYRESOCT=r1, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x4, &(0x7f0000000080)=[{0xce, 0x3, 0x2, 0x55}, {0x5, 0x9, 0xf, 0x7ff}, {0x8, 0x7, 0x40, 0x7ff}, {0xa, 0xff, 0xac, 0x6}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r3}, 0x10)
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x3)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001280)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x94)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r7)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x18)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r11 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x401)
ioctl$SCSI_IOCTL_SEND_COMMAND(r11, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000000003001300a300000e1e2fed8c12fa551be3ea715d5a57dfb23d0ce2bb82ea3962000004fd2027892daf12b2b293b3f674d100000000000000"])
bind$inet6(r7, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(r8, 0x80000002)
r12 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r12, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r13 = accept(r7, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r13, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000009c0)=ANY=[@ANYRES8=r0, @ANYRESOCT=r3, @ANYRES16=0x0, @ANYBLOB="560a40679659cb4c5997c91985623c4a31ee789c6cccc1b34aa43ed4772d05e5df619d2fb575213c4f966b6b8160e8570bafa3ac45eae373a819ccf12e92bb1ce3d3184e0110c618fdb1ea4e086bd4e02566c877ca612f32092cf08e145ed6b05515028529dccfb35b3590f551438e7fb9da381e23c359bd01c75a3638f49369d6ac1b0a468b3aff57486adaf69b25ea4923e42ac8877368f73282af8ea7194c7212c3253b3449fa888bf5", @ANYRESOCT=r0, @ANYRES64=r9, @ANYRESOCT=r4, @ANYRES64=r6], 0xfffffdef}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13}, 0x94)
socket$inet(0x2, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)

1.071360093s ago: executing program 1 (id=443):
statx(0xffffffffffffff9c, &(0x7f0000001100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100, 0x800, 0x0)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x183043, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="1200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000bf0900000000000055090100000000009500000000000000bf910000000000000000008500000084001500b7000000000000009500000000000000000000000000000000000000cbeb45553c9e5c40cfdcd93e2d96e905a4144e05d743969f9b997ae1ed0849176fc58e0504950d41bcad8bb051768e90bbf67c0d63bf87063ce0324603ff74f1aa3c8d1432c55f3516bcec73b4ed6c8776b122072d469eab"], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB], 0x98}, 0x1, 0x7}, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x10, 0x2, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000200)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x60, 0x0, 0x0, 0xf000000}, {}, {}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)
ioctl$TIOCGPGRP(r0, 0x5437, 0x0)

1.028074675s ago: executing program 0 (id=444):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0xd}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x8, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sendmsg$inet6(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000006c0)="bd", 0x1}], 0x1}, 0x4040845)

973.025847ms ago: executing program 0 (id=445):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x4e, 0x2, 0x0, 0xffffffeffffffffd}, {0x800, 0x0, 0x7fffffff, 0x20000000}, 0x0, 0x0, 0x0, 0x1}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x9}, 0x0, 0x2b}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3, 0x0, 0x0, 0x3, 0x0, 0x3c0}}, 0xe8)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000d40)=ANY=[@ANYBLOB="0212000005020000fcffffff0000000001020900008000006bdae99676f5d98b222c1d175b1bde5f2af814867595cca148f284845d6726daecb906b52bcbe4a0671f0cfe91064a71252070eab7b079faae2437c1c6375c071120ac3c3dfb0e5500269ca1cd7c4713a0369feb90311ab8556d5bac400f5ffbe90545162b4d370163c56d991d223d5da19c52bdbff65404e119035c710bccfff638d731934ecdd791b655adfc821d0887903e07df64c986fa6fb88f4a7d0b3f81044ac984488238d0f3c48cf099ab574e73f1a68d600ab06ec38d634b447f1d4aad0dd4f056494500bab1d7792480ea186568121117e75c05a8bde6476b7304bb2b64f14f54921845a91f868fa925cf0a818b9bba4ea375d10464e94cba1fefd1cf5efc16c2e5c1cf9adb172617d21d333c27c4554adf58cd7508fe0eed1a11186e77fce9e4518b7280db2fc8acac72e4934e0ae31d2132afdb95c105813b90284c0f3bd48d2bae45cd2d03aeb092f6ad45692fc26c26909b57d12e3bf2024de3edce03c2dd8cf1081fbc181cb24fb432907ee893125e386edee1e48b5fb72dc536fd879fc356b5bff8ae29afeda341fbb0fbba2d1a133f05b1cac0479743ca5c562d8a9d0ddb7bee5282f97fea614ca3aab3c10d6d6a81f495737f3787737ade4f9af413bc0298d7364c46dbcacedb88aba3b4add5e20c7927ca485152618468c3d23edc4d9cd368d4791e555fd2b8ec465a838f331950b862e23a9d8291dc879d7ea58209a3372319c8a5f2db16e3ebd1e349eb699a79faa391f8cee02ba5e9d1bc0f71b4e912681dfe4716c490dbf06199553c3bac487a1f2964d2f5fd7f064807dd11c3ca2f12c7a3ec79362c247f63d20d3ca52f0474b47c40a394ddfed196dce0259bf849bcb86f2d4919522d46f87443998f7ed5e40da41a80428d3b6e3845a9b377b3c6577add73ead5d1dc4d3620b53818be04d9f7ba74600cf5b462a7ed38b53b701465a152983c8fabe301fc42bebcb7c631e94afec308dee54b51e9c1df0f446fcd47612e90a275e51516310c59eb67c1e3b2da93bd52a7c9c4135fdc36027aad74c3cfd5c6ca6f5ae914a7cab1a3a5d397422163c49c609f53bd370fdecb126cea447defd3d448dadf5079430c058cba11fbb17c14ea71f96091f9a5d3a034ae9b34ac7a0b1d4eca440a51e4cd265911eeba260345b28ac84c065553e9aace53f1f29aa6b80ef7c4070192e4c12cb4389c3476b1f0a69825fdf4de60e9d02266fe9f50cba35775b2103bf85b312b04f3c6bec4b67e1b642a6b9bbef45d28ea1af055bf3c6cc62cb571cfbc4229c7d5aa62a2ed3ce2f42666fa295c71f44263c703d207fb6925f303a3facbd7afa4dccb0b6c37cf8e8a3fdc8ed1cfff049b48a94e50a5631a75589317dbcfd154f16e7dddac2945baf059a2aa4b14b9ac1d411c81dc600343abf5e9c4750e190a5116bab2258d8f1d5e0d3ab740423267be7e21c2eac41ae2aefead42fd71f91c4c3694617fb7fc265a48c3b82eea6e57c90824914847f857deb94c810b34ad53a9824127c2fef4cc5d7fd23307dd90c01bc32c79c2344459a58442b59260d8e21dc41f0b54d5d5433b9fd44ba4803766cacfec5bb5fd1ca3ccbc7c11cfd7274b526b9b61a231499a83831b9be1f708cde614165ce3bd0ccd42ab401bcd35143199d43395107e240e61c3abbcbad69a53ec9205bc2946dab619214ae55dfc6aad9a72683cb84f489efd02f1d439d6abfc4a9d2588c4db6419a7dd6c2387461298941a1d8d5bf4c0e35d0294014f217985cca434d557899c3090c236efe06bc9f2c5dc46f67896d56450a0aa4b6b6247ce45c12a1f547825cbac09f13bb48200ee1f85b00a0ce88723c19449fe2bbe500861bb03dbc2ae489e9b3f5ddaea3b4459be8aebd66cdc054affa87d60e0e86bb0ce56f604f697c5be3cb868e6dad28e3366ef5b6e9a26f8e1ba44d700eda13fa3f589ae638843a8a98c157f25c5e88c3df285e1e70d32110614c51d0e0a74abc7800006cf0d1d3d66e84ec726edc5c52f26f702d182e702be580bf74670201ebeffecc62630b637320626cbac4e9e98c608252e3932da36804e3e1e3ec3bee53bcf0071088c84f2a014b0122dcd9507d6003e63e34d7b59807dd24907e17ba43b83af0b734d9861870f137464be924a415a7607d7c2936c9156f6bc604c51600c558cdf18fe73fffa575443a4174311ecab11cd96572306b00a8998c20bb3879c37c9d400b06f03fd7b54ab24cefc134176df98af05086839f83eeaa9efa3e7629bdb0bc8377020b040e86cf36ff9f2bcc788091c9285b423cc7670a8290c394db287b24533b508a7df6786d571e6be8cd989ea2d1b846a03f24fcdae10333f55461716292e0589efbf61462943b8c8544ac128c8ce01e99ae5ba81cf037e86e1f35271c405c640a8429bc189a749033b831ef71bfb05fa72d2da716f2d86046296f481e4364f7e033dcb4fed15eb0937a66b62143ad51e76242f4cf425d662eeeb179a46a059489c2bbdee163cf5ac3d0fb6441bf171a7c34bbbcf2e3a59e637d35f32301d9d4a85b2a1db1a5cb6fffa7ebec998674711fdfd49297d7ac33f5c89d0999172bc3dad8e76ac1f081e4c1bb755562ff5715361000f56fb464881dfe6abb4f039a139f8fb2e2dca14b895ad3ee1d2835e0cd47051ea34d855b7c8387ef1a85d94b851602cbdb2242a2afb59d26292be2ebbd8ca3b2866b293c1ef2048dd65addb63230643502ab8e9548dfee031ee8306344f89973dc22712ae6896ab40c61e6093c026524da15ca192b1ecd14ec10cebfea7faed1a9bae2be7edf9c53182805fa4af868751ff3758b9c4f7e877dc8e16475592c85bda5a62c1b38938ac3b7031773c06c5eb5539baeb0588e6ede91d2da317a1a823045e375bb4ac29d6dc75d228a4ade916671eccd320ee5c0298650b541d98c4d1e09ed841f1cffbf0c7551c5ae725ad0f77f612829a409becb4e60ccc3cbb80d77e8d9bac59cfcac2c8a4c857f862747473148d9089dc56ed827784a63390eeb78f791c75c4eb3a1efad0f75e062cc4948e4b1b67a373494b88ff819a695ceac580bdd7b2c63222a663432e31b8531ee74d34afa70266ffe08d6ab6439c1b442df9195bd1b729d9ebfa25f326e48f7104303120046b2f1eb45c59a415b68d9cc3f6ca68dadf64748393f4c1f4a5876173ef0c95ea73c682b05e9e05c9a8a1d65500106a980f0a0effa10b93a03715f40f851d122a15fd4b60740a711b1121c146bb59b740ccf8db57b2eee36e4c5a3c6aadaca73b9637cb21f1d87acd9b76885b8694a5d036b6e3dde6ceb589575b6414bef68ae179973b5e04012a3ad10c55f9049ccd757185583633543f556967796eeebb8348e969860fdeb9166f1a431d44a2ae6e73c75d3b891ea014ce2be631c9d1eb301c7043aa03b66218095c0375ed12090e5bc32c44e3ddfbbcbe48f8d396e489db24cd7d8779d659b48193b96374e2937d3087e911b4d1c70cef3b984a72f80ed2f17ef50aab6f5931c897367aa6dd86e8e93de921c611f112f676e34b4ee720f46434b2c70742c1af99bee1b0c72683cd840bbba4e75e3a0128d0ebf1010dea64f896ef3cfd82a73fe329ce53b63697cb7bc0c03e127fd59d3241646f62a25ceb692d9e469c649dec8b693975d718d89394345b684ea2507d295422c88892de4e69c71e2dbf6bfd160a1c20b63e6e21b73d6bb14377ce3578664196f7ab33be87d3fe5772415361f857f6128b7ecd261638f4133f6384b1e2ba1c045985636e818e622460d4ef2af43267efb71168a92d22ec6b337158d3bcff2f0913ece4258ba89b5e19f8cae9c7f87ac8d051247f3635f398404f1d9fb1ace4082dd6897024070dddd7942b566d3f7f2a4fd9ec148397ddb814057c66b738f45ccb08f2f9ed8c5c8735a9c6938b7c5260a8cb0cbfd2bb9656592b4a70f368ecdcc8fdfcd52ad0ea0b9c3152147e9e441519eb1a69bc1b216fda362376ce23729bd384e8579c37aadf759b6c23ea54bfde28652d0b37cbcea221da9125919212cbad64e4aec3075bb70cc7eca71a25cb2a77c898fd775d74d61dcfcbff9d4d20102f3b5c804ccc3bb711b88140508a8802dcb205ebff54cbd9af252f36cf44b2337c382a7562ad6fc035313bff7f7d30a45fe01a083fb744460147a3a4b34b8dcc047607f38ba6b927c93872830e8d0c84031889b29afc2ef3944c4c0a3f3060f337bf0da8c7209e79a81f09330ecbf0024dcf85f7e4ec644867f5343f259825b1f421c51d30f3da87bbcb67946f133c6a4add120054b1b8a16a12a58352d37425f68d55e8e3a0391ed03085fef286214f51ab917906b2b9fcbf6ef85e04ba368f8811f9ec5a3a112c1b498f553e6659ed41b10ad141d921cca6878c7e1960380a2d0f86226f6b7e95a9639b41be4f73c392d3e7b133cfc2009f6a02edcfeb11bd2c84b3fcf50d4cb0d49f770ae2c71c73c766d327fb0c8d79c9908e1f7292eff8657f0ff0542df3127613c31cc2387d270b9510bd0a9709d80ed781b828d3a0f92df1be687206d572066d44b9afcf6b440b7298bf30f657fd9f986debea4f23032f37d711859854a134e7ad44613643eb7104e624e0bc34dddc2dd0ecee2bd04a87b03e06864710c51d561f28718c88ddc35dcbf23f1c5f0ef8149e24949e1d50572f039da9ef0fd29934fc6c7bcc9c44771b0d8c1dd739796eedd036abd78f4f26da1bb680138f9191eac4669d84e4866974257d8438f3253198b0478d33c325f633aaf85d9e6056766d1a17fa6cc1e1d639cf59dd06c1d8c1f4d48ea9ab2c3cc08fa812821eda5f32f17e808c14002aa846ee6f18177d27e6f715462e5562f0f7afbe6f5fa6ec031536b478733270175d928a46bc23cf14ed073854afd5032a8bef43d4c5664e159ffa7e9cdef4fe17c2c5ef36c6e6ddf342d16ce207cfe09b8067f2e48c6bae69b620d8be76725200b63522d766517203c6641e7d891469bf239c7a48d14f7c690e182c4f6a1fd02f2aa1b97dbecb8e120cc0fbd374ff598c53cb505698f94429466b97acb1a0232169e0e19e9ad7e3a41ee63e3b9ddcc0d40385c3d5acbb51e1987821de029bd9dc1fabd200a2e55bf786c52ae9ffc335d8a82e9156705ebfaff0992c1f5bca9d0d020834fea9163fcb691bf06deb6f92b76e2c21b3fa1625910846f3c715cbfb7de75209aec43c1a9acd2b4f833ac3a3883ba23349aa2a439871764c54ac8842a4a10280ff498072928aa1b4ced9ab3d9d27e4b5fab13bb979788848f7a4239896fe73a176a38766ed7fa1e84e88efb12a9c75c2e4431396b192b9dc4fa92343a702538feef01ae577fa443f4b50666bb87fc62577045963e8168981e1b6063b7454345a84dfdb278a4090d155220a18fd21e90a2c84943d947f5079aaa3e04364ffeb8a804df0f6e3c1b45782fcd5a4535940f26636ee79188ccb2ba071e0c832d9e9a9a391e0992e0f6965100ad2e6608d5db25847b2aa794ea6ee9b7687a1f9357320d073d06db8c38fbdc1be781bf53d05a5deeeb9e8d8ff66876b3a88b309d27bb83f8b3390947fd97c9f9ea41b215803088ac254cdab849291ed081e4a0cfd611fb7819d50753121bdda8770ad38d84bfadd9da9d7e9ffa5b9af3b9b8c13d7f73d920173137a6d4d17f2a2d0605926a68623947ee798dffe22746288195a718ae5dbfcc03b7da8a8ff0aa40c133b56c0c3ee95dd1dfaadafbdb37dc17ec84b0a0ce29ad46d50ef4fde31b6ba31c76498091fea2ef0c785be2daf492121dbc2101fd102000a"], 0x1028}}, 0x20000050)

958.946488ms ago: executing program 0 (id=446):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0xa802, 0x0)
close(r1)
r2 = socket(0x1e, 0x4, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000001c0)='kfree\x00', r5}, 0x18)
r6 = openat$selinux_context(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$selinux_context(r6, &(0x7f0000000340)='system_u:object_r:hugetlbfs_t:s0\x00', 0xff7)
setsockopt$sock_linger(r3, 0x1, 0x3d, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000d40)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="a1ab2abd70000000000032"], 0x24}, 0x1, 0x0, 0x0, 0x4050}, 0x0)
sendmsg$NL80211_CMD_SET_MPATH(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000700)={0x80, r7, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x80}, 0x1, 0x0, 0x0, 0x24000005}, 0x50)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000200000000000000ffffffff952d96e7d800000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa3)

936.906999ms ago: executing program 3 (id=447):
getpeername$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000080)=0x14)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c5"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f0000000380)={{0x1, 0x1, 0x1018}, './file0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3U9oHNUfAPDvzDb59U9+JhURWxQDHipIt9larHpqe7GHggU9iHhoaDc1dNuEJAUTekjBi1BB1KuHXgTP3iV3byKoN48iVJGIJyEyu7NJTHaTsOx2Yubzgdl9fzZ577vDy7y3s48EUFrj2UMacSIiriURo5vqDkVeOd563eof965nRxJra2/9nkSSl7Vfn+TPx/LM4Yj47lLEk5Xt7c4vLt2abDTqc3n+zMLt2TPzi0unp29P3qzfrN+pnX313PmJ12rnan2L9cFXn/1y+cqbz3784fuvTH3fOJ3EhRjJ6zbH0S/jMb7+nmyWva/n+91YQSp5PJ3iZP9rn7+hiHg6RqOSj/rMaEw/KLRzwECtVSLWgJJKjH8oqcjn/+21/SDWwfvZo4utN2B7/Idan43E4eba6Ohqsmll1FrvjvWh/ayNv++d/CI7YkCfQ+xk+X4rmO3xJ82+jTU/xcniT/8VfxoRE3n/s/KzPbY/viVfSPzP9Bb/hfw5K7/UY/tFxw9AOa1cbF3It1//0vX5T3SY/4x0uHb1oujrX/f530b8lS7zv6t7bOPnjy5/2q1u8/wvO7L223PBx+HR/YiTHeNP1uNPOsSfzXuu7bGNN3747XK3uqLjX3sYcarj+mfjjlay8/3JM1PTjfpE67FjG998+96X3dovOv7s/B/tEv9O5z8rm91jG19ffXi7W93u8ae/DidvN1PDeckHkwsLc7WI4eTK9vJdFiLt17R/Rxb/iy/sPP47xX8kWzvsMf7Zd26t9h7/YGXx3+jx/H+yxzb+evfuc93qio4fAAAAAAAADpK0+V2OJK2up9O0Wm3t4X0qjqaNmfmFl6Zm7t650frOx1gMpe073aOtfJLla/n3Ydv5s1vyL0fE8Yj4vHKkma9en2ncKDp4AAAAAAAAAAAAAAAAAAAA2CeObdn//2eltf8fKIlDRXcAKIzxD+Vl/EN5Gf9QXsY/lJfxD+Vl/EN5Gf9QXj2N/+X+9wN4/Fz/obyMfwAAAAA4kI4/v/JTEhHLrx9pHpnhvG6o0J4Bg5YW3QGgMJWiOwAUxq1/KC9rfCDZpf5wt4qV3X4SAAAAAAAAAAAAAOiXUyfs/4eysv8fysv+fygv+/+hvKzxAfv/AQAAAAAAAAAAAGD/G2keSVrN9wKPRJpWqxH/j4ixGEqmphv1iYh4IiJ+rAz9L8vXiu40AAAAAAAAAAAAAAAAAAAAHDDzi0u3JhuN+pyEhITEeqLov0wAAAAAAAAAAAAAAAAAAFA+G5t+i+4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABRn4///Dy5RdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/TPwEAAP//KHYg8A==")
openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)

914.449899ms ago: executing program 0 (id=448):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x44000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a00010025bd7000fbdb5f251c208008ff01ff0a001ef83708000100000001"], 0x24}, 0x1, 0x0, 0x0, 0x4c25}, 0x400c020)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0x300}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r0}, 0x0, 0x0}, 0x20)
syz_open_procfs(0x0, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000003, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newlink={0x60, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x30, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @private1}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}, @IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x60}}, 0x0)

823.020084ms ago: executing program 3 (id=449):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000300)={0x1, 0x1000}, 0x4)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0x73220c8b}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000002b00)=[{{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x1}], 0x2, 0x0, 0x0)

787.310105ms ago: executing program 1 (id=450):
syz_open_dev$usbfs(0x0, 0x80006f, 0x81501)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6(0xa, 0x1, 0x0)
socket$key(0xf, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x18)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000180)='cpu<=0||!')
process_madvise(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000000)="854b", 0x2}], 0x20, 0x14, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000003c0)={0x0, r1}, 0x8)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffffffffffc, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x6, 0x10000, 0x1, 0x0})
pipe(&(0x7f0000000200)={<r5=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500))
vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000340)='kfree\x00', r6}, 0x18)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
r8 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r8, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r8, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r8, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
close_range(r7, 0xffffffffffffffff, 0x0)

464.8311ms ago: executing program 2 (id=452):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(0x0, r0)
sendmsg$NFC_CMD_LLC_GET_PARAMS(0xffffffffffffffff, 0x0, 0x10008054)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x60, 0x14, 0x8, 0x2}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x0, 0x0})
mount(0x0, 0x0, 0x0, 0x800000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
syz_emit_ethernet(0x86, &(0x7f00000024c0)={@random="e90cbf939d93", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0xe000, 0x3, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x2, 0x3, 0x2, "ce83712c78ba14d25523d67f0ee03c16c1c4f07ebfe6bb9186f94c63e52b0b33", "ab99bbf9c30f0ba8f4659abec361b0b2", {"ddfc7fdeed127e49505ee4727b5b7f00", "935b408064a4b34f14101705476d0352"}}}}}}}, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000b40)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x1, 0x3, 0xb, 0x100, @void}}}}}}}, 0x0)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757815"], 0x65)

441.54831ms ago: executing program 2 (id=453):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b\x00\x00\x00\b'], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0xfd, 0x3, 0x2, 0x5c, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7800, 0x40, 0x4, 0x4}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', 0x0})

389.525853ms ago: executing program 2 (id=454):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00006600}, 0x8000000, 0x0, 0x1}, 0x20)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x5, 0x84)
socket(0x2, 0x80805, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f00000004c0)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x1f5}}, {@grpjquota, 0x2e}, {@barrier}, {@nolazytime}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4aa, &(0x7f0000000740)="$eJzs3MtvG0UYAPBvN4++m7SURx9QQ0FEFJImLdADh4JA6gUJCQ7lGNJQlaYtaoJEq4oGhMoR8RcARyQkTlw4gYQQcAJxhTtCqlAvLRxQ0Nq7ybqxU8d5GOrfT7IzszvrmW93xx7vZB1A16pkT0nE1oj4NSIGatn6ApXan5vXL0/8df3yRBJzcy//mVTL3bh+eaIoWmy3Jc8MpRHp+0nsbVDv9MVLZ8anpiYv5PmRmbNvjkxfvPTE6bPjpyZPTZ4bO3r0yOHRp58ae3JV4sziurHnnfP7dh9/9aMXJ+bitR8+z9q7NV9fjqNmcMV1VqISc7mFpf3V50dW/Or/LdtK6aS3gw1hWXoiIjtcfdX+PxA9sXDwBuKF9+Yz33aogcCayT6bdixa2pP/Tec/v4A7UaKPQ5cqPvGz77/FYz3HH5127dnsebIa/838UVvTG2n2XXaw9o29p8n2x1ZY/9aIODH798fZIxpehwAAWF1fZ+OfxxuN/9K4p1Ruez6HMhgRByNiZ0TcFRG7IuLuiGrZeyPivmXWX7klv3j88/OmtgJrUTb+eyaf26of/6V5iWQ+t60af1/y+umpyUP5PhmKvg1ZfnSJOr55/pcPm62rlMZ/2SOrvxgL5u34o3dD/TYnx2fGVxBynWvvRuzpbRR/Mj8TkO2B3RGxp43Xz/bZ6cc+25elt29ZvP728S9hFeaZ5j6NeLR2/GfjlvgLSa2mZvOTIxtjavLQSHFWLPbjT1dfKuf7Sum6+De2FtPGdoNtIDv+mxue/3n8RTco5munl1/H1d8+aPqdZvHxT+LEbLlE7fxPS0uy878/eaWa7s+XvT0+M3NhNKI/X1C3fGxh2yJflM/iHzrQuP/vjPjnk3y7vRGRncT3R8QDEbE/b/uDEfFQRBxYIv7vn3v4jaX3UJvn/yrI4j+51PGPGEzK8/VtJHrOfPdVs/pbe/87Uk0N5Utaef9rtYEr2XcAAADwf5FW56CTdLhIly5O7YrN6dT56ZmDlXjr3MnaXPVg9KXFla6B0vXQ0fzacJEfuyV/OCJ2VP/TaFM1PzxxfmpbJwMHqvfq1PX/SNPh4dq635v90wtw51jWPFr57sAvvlz9xgDryv2a0L30f+he+j90L/0fulej/n8l4mYHmgKsM5//0L30f+he+j90L/0futLiW+KLn1tp507/hcTO4yvafM0TcwNr8sqzy9+qZ40ijfKPdjRNJBHRXhWRLl2mv4XaO5ZIb1vmWJu7ZRmJ/XliQ0S0utWVddurnX1fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWC3/BgAA//+NJdz0")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x2000, 0x0)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r2, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
recvfrom$inet6(r2, 0x0, 0x0, 0x120, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x34, 0x10, 0x401, 0x70bd2c, 0x2, {0x0, 0x0, 0x0, 0x0, 0x401c0}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}]}, 0x34}}, 0x0)
recvfrom$inet6(r2, 0x0, 0x0, 0x2002, 0x0, 0x0)
r4 = socket$inet(0x2, 0x2, 0x1)
r5 = socket$packet(0x11, 0x2, 0x300)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000100)=@req3={0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x861}, 0x1c)
sendmsg$inet(r4, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @broadcast}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000940b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20008024)
getdents(r1, 0x0, 0x54)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000000)={&(0x7f00000002c0)={0x2, 0xffff, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@cswp={0x58, 0x114, 0x7, {{0x1, 0x3}, &(0x7f0000000140)=0x4, 0x0, 0x2, 0x3ff, 0xd, 0x8000000000000000, 0x8, 0x2}}, @mask_fadd={0x58, 0x114, 0x8, {{0xfffffff4, 0x5}, 0x0, 0x0, 0x1c4f, 0x5, 0x8, 0x8, 0x13}}], 0xb0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000000)=':\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000001c0)='./file0\x00', 0x800000, &(0x7f0000000200)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303136323134372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c696f636861727365743d6d61637475726b6973682c6e6f6e756d7461696c3d302c696f636861727365743d6b6f69382d72752c756e695f786c6174653d302c696f636861727365743d757466382c6572726f72733d636f6e74696e75652c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c7379735f696d6d757461626c652c757466383d302c0074c3fc52ac6365d676e1"], 0x1, 0x378, &(0x7f0000001080)="$eJzs3U1rXFUYAOC3Y/Op6cxCBBXxUDe6GZL4BxqkBTGgxI5UF8KtmeiQaSbMHSJTRLtz6+8oLt0J4h/IQvfu3GXjsovSK5mP5qNjSomTS/V5YDjvzDnv3HPu5V7O5vIe3PrhzvZWXt/KelG5lqISEZUHEbVBNHRp1FYG8Wwcdy/eqd76442PP/3sg7X19esbKd1Yu/nuakrpypu/fP3Nj1d/7b34yU9Xfp6L/drnB3+t/rn/yv6rB49uftXKUytPO51eytLtTqeX3W4302Yr366n9FG7meXN1NrJm90T/Vvtzu5uP2U7m0uLu91mnqdsp5+2m/3U66Ret5+yL7PWTqrX62lpMXiaxv2NjWxtGM+fMe7aRU2IKeh217LDe3juiZ7G/VImBACU6rz7/9l/df8/E/b/F+n4/p//qsP9/+zo/j3J/h8AAAAAAAAAAAAAAJ4HD4qiWhRFddwW45eER99Lnh5T9sT1P/Upe35M17EX9+Yj2t/vNfYaw3bYv7YVrWhHM5ajGg8PHwtjw/jG++vXl9NALZbufDfIv/pbROOFk/krUY3a5PyVYX56nB+H7UwsHs9fjWq8PDl/dWL+bLz91rH8elTj9y+iE+3YHDzejvK/XUnpvQ/XT+XPDcYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8P9QT2Ovx7Du/V4jYiH2RvX760cDaifr4w/zH9fXX45qPJxcn395Yn3+y/Ha5XLXDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjef/udtZuN7sXFYxr/g9+mR0H/5x1aTj83qmuhTg5eO5p/3POoPJMWQujRU7oelQUxbSmOn+xl/I8wUxEnDGmGJ3A8x/rpYg4Y8xcREx/yZXyT/gzB2U8jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBcR0W/y54JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZcr7d7ezdrvZnWJw1vFrF7dUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA58LfAQAA//8FFgzv")
socket$nl_netfilter(0x10, 0x3, 0xc)

272.253368ms ago: executing program 4 (id=455):
openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00'}, 0x10)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000240)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x11, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x88, 0x2c, 0xd27, 0x3, 0x0, {0x0, 0x0, 0x0, r2, {0xfffa, 0x5}, {}, {0x1c, 0xb}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x1, 0x7, 0xfc, 0x3}, 0xb}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x88}}, 0x4000000)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x1100)

226.87151ms ago: executing program 4 (id=456):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x4e, 0x2, 0x0, 0xffffffeffffffffd}, {0x800, 0x0, 0x7fffffff, 0x20000000}, 0x0, 0x0, 0x0, 0x1}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x9}, 0x0, 0x2b}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3, 0x0, 0x0, 0x3, 0x0, 0x3c0}}, 0xe8)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000d40)=ANY=[@ANYBLOB="0212000005020000fcffffff0000000001020900008000006bdae99676f5d98b222c1d175b1bde5f2af814867595cca148f284845d6726daecb906b52bcbe4a0671f0cfe91064a71252070eab7b079faae2437c1c6375c071120ac3c3dfb0e5500269ca1cd7c4713a0369feb90311ab8556d5bac400f5ffbe90545162b4d370163c56d991d223d5da19c52bdbff65404e119035c710bccfff638d731934ecdd791b655adfc821d0887903e07df64c986fa6fb88f4a7d0b3f81044ac984488238d0f3c48cf099ab574e73f1a68d600ab06ec38d634b447f1d4aad0dd4f056494500bab1d7792480ea186568121117e75c05a8bde6476b7304bb2b64f14f54921845a91f868fa925cf0a818b9bba4ea375d10464e94cba1fefd1cf5efc16c2e5c1cf9adb172617d21d333c27c4554adf58cd7508fe0eed1a11186e77fce9e4518b7280db2fc8acac72e4934e0ae31d2132afdb95c105813b90284c0f3bd48d2bae45cd2d03aeb092f6ad45692fc26c26909b57d12e3bf2024de3edce03c2dd8cf1081fbc181cb24fb432907ee893125e386edee1e48b5fb72dc536fd879fc356b5bff8ae29afeda341fbb0fbba2d1a133f05b1cac0479743ca5c562d8a9d0ddb7bee5282f97fea614ca3aab3c10d6d6a81f495737f3787737ade4f9af413bc0298d7364c46dbcacedb88aba3b4add5e20c7927ca485152618468c3d23edc4d9cd368d4791e555fd2b8ec465a838f331950b862e23a9d8291dc879d7ea58209a3372319c8a5f2db16e3ebd1e349eb699a79faa391f8cee02ba5e9d1bc0f71b4e912681dfe4716c490dbf06199553c3bac487a1f2964d2f5fd7f064807dd11c3ca2f12c7a3ec79362c247f63d20d3ca52f0474b47c40a394ddfed196dce0259bf849bcb86f2d4919522d46f87443998f7ed5e40da41a80428d3b6e3845a9b377b3c6577add73ead5d1dc4d3620b53818be04d9f7ba74600cf5b462a7ed38b53b701465a152983c8fabe301fc42bebcb7c631e94afec308dee54b51e9c1df0f446fcd47612e90a275e51516310c59eb67c1e3b2da93bd52a7c9c4135fdc36027aad74c3cfd5c6ca6f5ae914a7cab1a3a5d397422163c49c609f53bd370fdecb126cea447defd3d448dadf5079430c058cba11fbb17c14ea71f96091f9a5d3a034ae9b34ac7a0b1d4eca440a51e4cd265911eeba260345b28ac84c065553e9aace53f1f29aa6b80ef7c4070192e4c12cb4389c3476b1f0a69825fdf4de60e9d02266fe9f50cba35775b2103bf85b312b04f3c6bec4b67e1b642a6b9bbef45d28ea1af055bf3c6cc62cb571cfbc4229c7d5aa62a2ed3ce2f42666fa295c71f44263c703d207fb6925f303a3facbd7afa4dccb0b6c37cf8e8a3fdc8ed1cfff049b48a94e50a5631a75589317dbcfd154f16e7dddac2945baf059a2aa4b14b9ac1d411c81dc600343abf5e9c4750e190a5116bab2258d8f1d5e0d3ab740423267be7e21c2eac41ae2aefead42fd71f91c4c3694617fb7fc265a48c3b82eea6e57c90824914847f857deb94c810b34ad53a9824127c2fef4cc5d7fd23307dd90c01bc32c79c2344459a58442b59260d8e21dc41f0b54d5d5433b9fd44ba4803766cacfec5bb5fd1ca3ccbc7c11cfd7274b526b9b61a231499a83831b9be1f708cde614165ce3bd0ccd42ab401bcd35143199d43395107e240e61c3abbcbad69a53ec9205bc2946dab619214ae55dfc6aad9a72683cb84f489efd02f1d439d6abfc4a9d2588c4db6419a7dd6c2387461298941a1d8d5bf4c0e35d0294014f217985cca434d557899c3090c236efe06bc9f2c5dc46f67896d56450a0aa4b6b6247ce45c12a1f547825cbac09f13bb48200ee1f85b00a0ce88723c19449fe2bbe500861bb03dbc2ae489e9b3f5ddaea3b4459be8aebd66cdc054affa87d60e0e86bb0ce56f604f697c5be3cb868e6dad28e3366ef5b6e9a26f8e1ba44d700eda13fa3f589ae638843a8a98c157f25c5e88c3df285e1e70d32110614c51d0e0a74abc7800006cf0d1d3d66e84ec726edc5c52f26f702d182e702be580bf74670201ebeffecc62630b637320626cbac4e9e98c608252e3932da36804e3e1e3ec3bee53bcf0071088c84f2a014b0122dcd9507d6003e63e34d7b59807dd24907e17ba43b83af0b734d9861870f137464be924a415a7607d7c2936c9156f6bc604c51600c558cdf18fe73fffa575443a4174311ecab11cd96572306b00a8998c20bb3879c37c9d400b06f03fd7b54ab24cefc134176df98af05086839f83eeaa9efa3e7629bdb0bc8377020b040e86cf36ff9f2bcc788091c9285b423cc7670a8290c394db287b24533b508a7df6786d571e6be8cd989ea2d1b846a03f24fcdae10333f55461716292e0589efbf61462943b8c8544ac128c8ce01e99ae5ba81cf037e86e1f35271c405c640a8429bc189a749033b831ef71bfb05fa72d2da716f2d86046296f481e4364f7e033dcb4fed15eb0937a66b62143ad51e76242f4cf425d662eeeb179a46a059489c2bbdee163cf5ac3d0fb6441bf171a7c34bbbcf2e3a59e637d35f32301d9d4a85b2a1db1a5cb6fffa7ebec998674711fdfd49297d7ac33f5c89d0999172bc3dad8e76ac1f081e4c1bb755562ff5715361000f56fb464881dfe6abb4f039a139f8fb2e2dca14b895ad3ee1d2835e0cd47051ea34d855b7c8387ef1a85d94b851602cbdb2242a2afb59d26292be2ebbd8ca3b2866b293c1ef2048dd65addb63230643502ab8e9548dfee031ee8306344f89973dc22712ae6896ab40c61e6093c026524da15ca192b1ecd14ec10cebfea7faed1a9bae2be7edf9c53182805fa4af868751ff3758b9c4f7e877dc8e16475592c85bda5a62c1b38938ac3b7031773c06c5eb5539baeb0588e6ede91d2da317a1a823045e375bb4ac29d6dc75d228a4ade916671eccd320ee5c0298650b541d98c4d1e09ed841f1cffbf0c7551c5ae725ad0f77f612829a409becb4e60ccc3cbb80d77e8d9bac59cfcac2c8a4c857f862747473148d9089dc56ed827784a63390eeb78f791c75c4eb3a1efad0f75e062cc4948e4b1b67a373494b88ff819a695ceac580bdd7b2c63222a663432e31b8531ee74d34afa70266ffe08d6ab6439c1b442df9195bd1b729d9ebfa25f326e48f7104303120046b2f1eb45c59a415b68d9cc3f6ca68dadf64748393f4c1f4a5876173ef0c95ea73c682b05e9e05c9a8a1d65500106a980f0a0effa10b93a03715f40f851d122a15fd4b60740a711b1121c146bb59b740ccf8db57b2eee36e4c5a3c6aadaca73b9637cb21f1d87acd9b76885b8694a5d036b6e3dde6ceb589575b6414bef68ae179973b5e04012a3ad10c55f9049ccd757185583633543f556967796eeebb8348e969860fdeb9166f1a431d44a2ae6e73c75d3b891ea014ce2be631c9d1eb301c7043aa03b66218095c0375ed12090e5bc32c44e3ddfbbcbe48f8d396e489db24cd7d8779d659b48193b96374e2937d3087e911b4d1c70cef3b984a72f80ed2f17ef50aab6f5931c897367aa6dd86e8e93de921c611f112f676e34b4ee720f46434b2c70742c1af99bee1b0c72683cd840bbba4e75e3a0128d0ebf1010dea64f896ef3cfd82a73fe329ce53b63697cb7bc0c03e127fd59d3241646f62a25ceb692d9e469c649dec8b693975d718d89394345b684ea2507d295422c88892de4e69c71e2dbf6bfd160a1c20b63e6e21b73d6bb14377ce3578664196f7ab33be87d3fe5772415361f857f6128b7ecd261638f4133f6384b1e2ba1c045985636e818e622460d4ef2af43267efb71168a92d22ec6b337158d3bcff2f0913ece4258ba89b5e19f8cae9c7f87ac8d051247f3635f398404f1d9fb1ace4082dd6897024070dddd7942b566d3f7f2a4fd9ec148397ddb814057c66b738f45ccb08f2f9ed8c5c8735a9c6938b7c5260a8cb0cbfd2bb9656592b4a70f368ecdcc8fdfcd52ad0ea0b9c3152147e9e441519eb1a69bc1b216fda362376ce23729bd384e8579c37aadf759b6c23ea54bfde28652d0b37cbcea221da9125919212cbad64e4aec3075bb70cc7eca71a25cb2a77c898fd775d74d61dcfcbff9d4d20102f3b5c804ccc3bb711b88140508a8802dcb205ebff54cbd9af252f36cf44b2337c382a7562ad6fc035313bff7f7d30a45fe01a083fb744460147a3a4b34b8dcc047607f38ba6b927c93872830e8d0c84031889b29afc2ef3944c4c0a3f3060f337bf0da8c7209e79a81f09330ecbf0024dcf85f7e4ec644867f5343f259825b1f421c51d30f3da87bbcb67946f133c6a4add120054b1b8a16a12a58352d37425f68d55e8e3a0391ed03085fef286214f51ab917906b2b9fcbf6ef85e04ba368f8811f9ec5a3a112c1b498f553e6659ed41b10ad141d921cca6878c7e1960380a2d0f86226f6b7e95a9639b41be4f73c392d3e7b133cfc2009f6a02edcfeb11bd2c84b3fcf50d4cb0d49f770ae2c71c73c766d327fb0c8d79c9908e1f7292eff8657f0ff0542df3127613c31cc2387d270b9510bd0a9709d80ed781b828d3a0f92df1be687206d572066d44b9afcf6b440b7298bf30f657fd9f986debea4f23032f37d711859854a134e7ad44613643eb7104e624e0bc34dddc2dd0ecee2bd04a87b03e06864710c51d561f28718c88ddc35dcbf23f1c5f0ef8149e24949e1d50572f039da9ef0fd29934fc6c7bcc9c44771b0d8c1dd739796eedd036abd78f4f26da1bb680138f9191eac4669d84e4866974257d8438f3253198b0478d33c325f633aaf85d9e6056766d1a17fa6cc1e1d639cf59dd06c1d8c1f4d48ea9ab2c3cc08fa812821eda5f32f17e808c14002aa846ee6f18177d27e6f715462e5562f0f7afbe6f5fa6ec031536b478733270175d928a46bc23cf14ed073854afd5032a8bef43d4c5664e159ffa7e9cdef4fe17c2c5ef36c6e6ddf342d16ce207cfe09b8067f2e48c6bae69b620d8be76725200b63522d766517203c6641e7d891469bf239c7a48d14f7c690e182c4f6a1fd02f2aa1b97dbecb8e120cc0fbd374ff598c53cb505698f94429466b97acb1a0232169e0e19e9ad7e3a41ee63e3b9ddcc0d40385c3d5acbb51e1987821de029bd9dc1fabd200a2e55bf786c52ae9ffc335d8a82e9156705ebfaff0992c1f5bca9d0d020834fea9163fcb691bf06deb6f92b76e2c21b3fa1625910846f3c715cbfb7de75209aec43c1a9acd2b4f833ac3a3883ba23349aa2a439871764c54ac8842a4a10280ff498072928aa1b4ced9ab3d9d27e4b5fab13bb979788848f7a4239896fe73a176a38766ed7fa1e84e88efb12a9c75c2e4431396b192b9dc4fa92343a702538feef01ae577fa443f4b50666bb87fc62577045963e8168981e1b6063b7454345a84dfdb278a4090d155220a18fd21e90a2c84943d947f5079aaa3e04364ffeb8a804df0f6e3c1b45782fcd5a4535940f26636ee79188ccb2ba071e0c832d9e9a9a391e0992e0f6965100ad2e6608d5db25847b2aa794ea6ee9b7687a1f9357320d073d06db8c38fbdc1be781bf53d05a5deeeb9e8d8ff66876b3a88b309d27bb83f8b3390947fd97c9f9ea41b215803088ac254cdab849291ed081e4a0cfd611fb7819d50753121bdda8770ad38d84bfadd9da9d7e9ffa5b9af3b9b8c13d7f73d920173137a6d4d17f2a2d0605926a68623947ee798dffe22746288195a718ae5dbfcc03b7da8a8ff0aa40c133b56c0c3ee95dd1dfaadafbdb37dc17ec84b0a0ce29ad46d50ef4fde31b6ba31c76498091fea2ef0c785be2daf492121dbc2101fd102000a"], 0x1028}}, 0x20000050)

193.686672ms ago: executing program 4 (id=457):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r2}, 0x10) (async)
r3 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
inotify_rm_watch(0xffffffffffffffff, r3) (async)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r5=>0x0}) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340), &(0x7f00000004c0), 0xffffff81, r0}, 0x38)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020662a, &(0x7f00000004c0)={0x1, 0x7fffffff, 0x4, 0x0, 0x5, 0x0, [{0x2, 0x3, 0x4, '\x00', 0x80}, {0x11e, 0x8, 0x1, '\x00', 0x100}, {0x3ff, 0xb8d, 0x1, '\x00', 0x4}, {0x5, 0x9, 0xb, '\x00', 0x80}, {0x3, 0x4, 0x8001, '\x00', 0x2000}]}) (async)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

127.619204ms ago: executing program 2 (id=458):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0xa802, 0x0)
close(r1)
r2 = socket(0x1e, 0x4, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000001c0)='kfree\x00', r5}, 0x18)
r6 = openat$selinux_context(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$selinux_context(r6, &(0x7f0000000340)='system_u:object_r:hugetlbfs_t:s0\x00', 0xff7)
setsockopt$sock_linger(r3, 0x1, 0x3d, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000d40)=ANY=[@ANYRES16=r7, @ANYBLOB="a1ab2abd70000000000032"], 0x24}, 0x1, 0x0, 0x0, 0x4050}, 0x0)
sendmsg$NL80211_CMD_SET_MPATH(r2, &(0x7f0000000780)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f0000000700)={0x80, r7, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x80}, 0x1, 0x0, 0x0, 0x24000005}, 0x50)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000200000000000000ffffffff952d96e7d800000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa3)

52.307017ms ago: executing program 2 (id=459):
r0 = syz_io_uring_setup(0x254c, &(0x7f0000000000)={0x0, 0x7c87, 0x40, 0x0, 0x39}, &(0x7f0000000080), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000900000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r1, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0], <r3=>0x0, 0x27, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x8c, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r5}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000ff0100005c00000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000170000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000feffffff000000000000000000"], 0x48)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000f40)={0x0, 0x0, 0x3}, 0x1)

2.31357ms ago: executing program 4 (id=460):
statx(0xffffffffffffff9c, &(0x7f0000001100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100, 0x800, 0x0)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x183043, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="1200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000bf0900000000000055090100000000009500000000000000bf910000000000000000008500000084001500b7000000000000009500000000000000000000000000000000000000cbeb45553c9e5c40cfdcd93e2d96e905a4144e05d743969f9b997ae1ed0849176fc58e0504950d41bcad8bb051768e90bbf67c0d63bf87063ce0324603ff74f1aa3c8d1432c55f3516bcec73b4ed6c8776b122072d469eab"], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB], 0x98}, 0x1, 0x7}, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x10, 0x2, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000200)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x60, 0x0, 0x0, 0xf000000}, {}, {}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)
ioctl$TIOCGPGRP(r0, 0x5437, 0x0)

1.97001ms ago: executing program 2 (id=461):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = inotify_init1(0x0)
ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000280)=""/230)
inotify_add_watch(r4, &(0x7f0000000400)='.\x00', 0xa4000021)
read(r4, 0x0, 0x20)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x48, 0x140d, 0x200, 0x70bd26, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x5}, 0x24000000)
close(r4)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x40, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x20000023896)
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]})
ioctl$LOOP_CLR_FD(r5, 0x4c01)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESHEX=r1, @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r9}, 0x10)
quotactl_fd$Q_SYNC(r9, 0xffffffff80000102, 0x0, 0x0)

0s ago: executing program 0 (id=462):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1}, &(0x7f0000000100), &(0x7f0000000340)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0x11, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x3d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x4}, 0xe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r3}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000004100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

kernel console output (not intermixed with test programs):

or (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.125: invalid indirect mapped block 4294967295 (level 1)
[   41.946620][ T3903] EXT4-fs (loop0): 1 orphan inode deleted
[   41.952527][ T3903] EXT4-fs (loop0): 1 truncate cleaned up
[   41.968962][ T3903] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.024605][ T3908] loop4: detected capacity change from 0 to 1024
[   42.040355][ T3903] netlink: 48 bytes leftover after parsing attributes in process `syz.0.125'.
[   42.058280][ T3908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.070557][ T3908] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.095519][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.114973][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.564372][ T3930] program syz.2.133 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   43.377526][ T3947] loop3: detected capacity change from 0 to 512
[   43.386988][ T3947] EXT4-fs: Ignoring removed orlov option
[   43.393739][ T3947] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   43.404680][ T3947] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.138: corrupted in-inode xattr: e_value size too large
[   43.432254][ T3947] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.138: couldn't read orphan inode 15 (err -117)
[   43.444834][ T3947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.466984][ T3950] loop0: detected capacity change from 0 to 1024
[   43.503945][ T3950] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.528664][ T3950] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.541635][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.550781][ T3548] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   43.595384][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.615037][ T3961] FAULT_INJECTION: forcing a failure.
[   43.615037][ T3961] name failslab, interval 1, probability 0, space 0, times 0
[   43.627738][ T3961] CPU: 1 UID: 0 PID: 3961 Comm: syz.3.142 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   43.627792][ T3961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   43.627803][ T3961] Call Trace:
[   43.627809][ T3961]  <TASK>
[   43.627817][ T3961]  __dump_stack+0x1d/0x30
[   43.627847][ T3961]  dump_stack_lvl+0xe8/0x140
[   43.627873][ T3961]  dump_stack+0x15/0x1b
[   43.627954][ T3961]  should_fail_ex+0x265/0x280
[   43.627993][ T3961]  should_failslab+0x8c/0xb0
[   43.628098][ T3961]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   43.628133][ T3961]  ? __alloc_skb+0x101/0x320
[   43.628239][ T3961]  __alloc_skb+0x101/0x320
[   43.628266][ T3961]  pfkey_sendmsg+0xd7/0x900
[   43.628294][ T3961]  ? avc_has_perm+0xf7/0x180
[   43.628319][ T3961]  ? selinux_socket_sendmsg+0x175/0x1b0
[   43.628368][ T3961]  ? __pfx_pfkey_sendmsg+0x10/0x10
[   43.628392][ T3961]  __sock_sendmsg+0x145/0x180
[   43.628416][ T3961]  ____sys_sendmsg+0x31e/0x4e0
[   43.628441][ T3961]  ___sys_sendmsg+0x17b/0x1d0
[   43.628475][ T3961]  __x64_sys_sendmsg+0xd4/0x160
[   43.628559][ T3961]  x64_sys_call+0x191e/0x3000
[   43.628585][ T3961]  do_syscall_64+0xd2/0x200
[   43.628608][ T3961]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   43.628667][ T3961]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   43.628735][ T3961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.628760][ T3961] RIP: 0033:0x7f70a1bef749
[   43.628779][ T3961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.628828][ T3961] RSP: 002b:00007f70a064f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   43.628858][ T3961] RAX: ffffffffffffffda RBX: 00007f70a1e45fa0 RCX: 00007f70a1bef749
[   43.628871][ T3961] RDX: 0000000000040080 RSI: 00002000000007c0 RDI: 0000000000000006
[   43.628883][ T3961] RBP: 00007f70a064f090 R08: 0000000000000000 R09: 0000000000000000
[   43.628895][ T3961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.628907][ T3961] R13: 00007f70a1e46038 R14: 00007f70a1e45fa0 R15: 00007fffc16e4678
[   43.628923][ T3961]  </TASK>
[   43.884116][ T3966] process 'syz.0.143' launched '/dev/fd/10' with NULL argv: empty string added
[   43.933934][ T3959] xt_TPROXY: Can be used only with -p tcp or -p udp
[   43.995565][ T3972] loop4: detected capacity change from 0 to 512
[   44.005501][ T3972] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   44.017184][ T3972] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   44.017209][ T3972] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.147: Corrupt directory, running e2fsck is recommended
[   44.028968][ T3978] loop0: detected capacity change from 0 to 512
[   44.065898][ T3959] loop1: detected capacity change from 0 to 1024
[   44.079791][ T3972] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   44.089188][ T3972] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.147: corrupted in-inode xattr: invalid ea_ino
[   44.104118][ T3972] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.147: couldn't read orphan inode 15 (err -117)
[   44.107926][ T3959] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[   44.155815][ T3972] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.185205][ T3978] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.211972][ T3978] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.227636][ T3972] bond2: entered promiscuous mode
[   44.276842][ T3991] loop1: detected capacity change from 0 to 1024
[   44.277035][ T3972] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   44.295033][ T3972] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   44.305322][ T3972] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.147: Corrupt directory, running e2fsck is recommended
[   44.318793][ T3972] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.147: path /28/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   44.321936][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.338964][ T3972] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 64: comm syz.4.147: path /28/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   44.385437][ T3991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.399154][ T3991] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.434551][ T3997] netlink: 104 bytes leftover after parsing attributes in process `syz.0.154'.
[   44.467308][ T4002] loop2: detected capacity change from 0 to 2048
[   44.499955][ T4004] netlink: 'syz.3.157': attribute type 322 has an invalid length.
[   44.511559][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.514269][ T4002] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.537042][ T4004] loop3: detected capacity change from 0 to 1024
[   44.543859][ T4002] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.557329][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.616984][ T4009] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   44.647176][ T4004] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.688392][ T4015] ip6t_srh: unknown srh match flags  4000
[   44.704861][ T4015] loop1: detected capacity change from 0 to 2048
[   44.714411][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.732807][ T4015] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.745064][ T4015] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.848791][ T4025] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.158: bg 0: block 345: padding at end of block bitmap is not set
[   44.868473][ T4026] loop4: detected capacity change from 0 to 128
[   44.868753][ T4021] netlink: 24 bytes leftover after parsing attributes in process `syz.3.161'.
[   44.884292][ T4025] EXT4-fs (loop1): Remounting filesystem read-only
[   44.931625][ T4002] program syz.2.156 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   44.938051][ T4026] tipc: Started in network mode
[   44.946152][ T4026] tipc: Node identity 4, cluster identity 4711
[   44.952477][ T4026] tipc: Node number set to 4
[   45.007647][ T4021] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4021 comm=syz.3.161
[   45.040702][ T4021] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.092971][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.093455][ T4021] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.136872][ T4036] loop2: detected capacity change from 0 to 2048
[   45.145782][ T4021] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.188596][ T3305]  loop2: p1 < > p3 p4
[   45.193763][ T3305] loop2: p3 size 134217728 extends beyond EOD, truncated
[   45.202301][ T3305] loop2: p4 start 4278190085 is beyond EOD, truncated
[   45.202740][ T4021] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.222900][ T4036]  loop2: p1 < > p3 p4
[   45.227836][ T4036] loop2: p3 size 134217728 extends beyond EOD, truncated
[   45.237987][ T4036] loop2: p4 start 4278190085 is beyond EOD, truncated
[   45.299733][ T4039] ieee802154 phy0 wpan0: encryption failed: -22
[   45.302187][ T4041] loop0: detected capacity change from 0 to 1024
[   45.314140][ T3583] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.340488][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   45.358977][ T3297] udevd[3297]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   45.369579][ T4041] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.394952][ T3583] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.419636][ T4041] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.429755][ T4050] loop2: detected capacity change from 0 to 512
[   45.440620][ T3583] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.453183][ T3583] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   45.463483][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.474178][ T4050] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   45.489531][ T4053] FAULT_INJECTION: forcing a failure.
[   45.489531][ T4053] name failslab, interval 1, probability 0, space 0, times 0
[   45.502312][ T4053] CPU: 1 UID: 0 PID: 4053 Comm: syz.4.172 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.502343][ T4053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   45.502356][ T4053] Call Trace:
[   45.502363][ T4053]  <TASK>
[   45.502372][ T4053]  __dump_stack+0x1d/0x30
[   45.502425][ T4053]  dump_stack_lvl+0xe8/0x140
[   45.502473][ T4053]  dump_stack+0x15/0x1b
[   45.502494][ T4053]  should_fail_ex+0x265/0x280
[   45.502533][ T4053]  should_failslab+0x8c/0xb0
[   45.502575][ T4053]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   45.502652][ T4053]  ? sidtab_sid2str_get+0xa0/0x130
[   45.502719][ T4053]  ? skb_put+0xa9/0xf0
[   45.502750][ T4053]  kmemdup_noprof+0x2b/0x70
[   45.502779][ T4053]  sidtab_sid2str_get+0xa0/0x130
[   45.502812][ T4053]  security_sid_to_context_core+0x1eb/0x2e0
[   45.502876][ T4053]  security_sid_to_context+0x27/0x40
[   45.502906][ T4053]  avc_audit_post_callback+0x9d/0x520
[   45.503010][ T4053]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   45.503048][ T4053]  common_lsm_audit+0x1bb/0x230
[   45.503076][ T4053]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   45.503116][ T4053]  slow_avc_audit+0x104/0x140
[   45.503233][ T4053]  avc_has_perm+0x13a/0x180
[   45.503258][ T4053]  selinux_socket_recvmsg+0x175/0x1b0
[   45.503290][ T4053]  security_socket_recvmsg+0x50/0x90
[   45.503396][ T4053]  sock_recvmsg+0x38/0x170
[   45.503421][ T4053]  __sys_recvfrom+0x122/0x1f0
[   45.503456][ T4053]  __x64_sys_recvfrom+0x76/0x90
[   45.503613][ T4053]  x64_sys_call+0x2f2f/0x3000
[   45.503638][ T4053]  do_syscall_64+0xd2/0x200
[   45.503671][ T4053]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   45.503742][ T4053]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   45.503817][ T4053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.503841][ T4053] RIP: 0033:0x7f886704f749
[   45.503867][ T4053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.503883][ T4053] RSP: 002b:00007f8865aaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[   45.503902][ T4053] RAX: ffffffffffffffda RBX: 00007f88672a5fa0 RCX: 00007f886704f749
[   45.503919][ T4053] RDX: f92e58a67d38802c RSI: 0000200000000200 RDI: 0000000000000005
[   45.503932][ T4053] RBP: 00007f8865aaf090 R08: 0000000000000000 R09: 0000000000000000
[   45.503944][ T4053] R10: 0000000000002101 R11: 0000000000000246 R12: 0000000000000001
[   45.503958][ T4053] R13: 00007f88672a6038 R14: 00007f88672a5fa0 R15: 00007ffeee6c98c8
[   45.504030][ T4053]  </TASK>
[   45.506368][ T4050] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.171: invalid indirect mapped block 4294967295 (level 0)
[   45.527720][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.540757][ T4050] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.171: invalid indirect mapped block 4294967295 (level 1)
[   45.623768][ T4059] Zero length message leads to an empty skb
[   45.672264][ T4050] EXT4-fs (loop2): 1 orphan inode deleted
[   45.801357][ T4050] EXT4-fs (loop2): 1 truncate cleaned up
[   45.814577][ T4069] loop3: detected capacity change from 0 to 512
[   45.820437][ T4071] loop1: detected capacity change from 0 to 512
[   45.837448][ T4071] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   45.849194][ T4071] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   45.855638][ T4069] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   45.859375][ T4071] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.178: Corrupt directory, running e2fsck is recommended
[   45.871229][ T4069] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   45.894608][ T4069] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.179: Corrupt directory, running e2fsck is recommended
[   45.894977][ T4050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.933869][ T4071] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   45.940573][ T4076] loop0: detected capacity change from 0 to 512
[   45.942254][ T4071] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.178: corrupted in-inode xattr: invalid ea_ino
[   45.962283][ T4069] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   45.962331][ T4069] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.179: corrupted in-inode xattr: invalid ea_ino
[   45.965359][ T4069] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.179: couldn't read orphan inode 15 (err -117)
[   45.971245][ T4071] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.178: couldn't read orphan inode 15 (err -117)
[   45.997065][ T4069] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.008966][ T4071] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.022254][ T4076] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   46.044491][ T4076] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   46.044517][ T4076] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.180: Corrupt directory, running e2fsck is recommended
[   46.056072][ T4076] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   46.064352][ T4076] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.180: corrupted in-inode xattr: invalid ea_ino
[   46.070541][ T4079] netlink: 8 bytes leftover after parsing attributes in process `syz.2.171'.
[   46.082036][ T4069] bond3: entered promiscuous mode
[   46.123219][ T4076] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.180: couldn't read orphan inode 15 (err -117)
[   46.131516][ T4071] bond1: entered promiscuous mode
[   46.148433][ T4076] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.211256][ T4071] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   46.211289][ T4071] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   46.211368][ T4071] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.178: Corrupt directory, running e2fsck is recommended
[   46.211401][ T4071] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 3: comm syz.1.178: path /25/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   46.211639][ T4071] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 64: comm syz.1.178: path /25/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   46.236591][ T4069] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   46.236672][ T4069] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   46.236691][ T4069] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.179: Corrupt directory, running e2fsck is recommended
[   46.236731][ T4069] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.179: path /36/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   46.239708][ T4069] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 64: comm syz.3.179: path /36/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   46.257046][ T4076] bond2: entered promiscuous mode
[   46.257705][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.282160][ T4076] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   46.282209][ T4076] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   46.282227][ T4076] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.180: Corrupt directory, running e2fsck is recommended
[   46.282265][ T4076] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.180: path /45/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   46.286504][ T4076] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 64: comm syz.0.180: path /45/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   46.297711][ T4089] loop4: detected capacity change from 0 to 1024
[   46.316443][ T4091] FAULT_INJECTION: forcing a failure.
[   46.316443][ T4091] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   46.316542][ T4091] CPU: 1 UID: 0 PID: 4091 Comm: syz.1.183 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.316579][ T4091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   46.316591][ T4091] Call Trace:
[   46.316597][ T4091]  <TASK>
[   46.316605][ T4091]  __dump_stack+0x1d/0x30
[   46.316629][ T4091]  dump_stack_lvl+0xe8/0x140
[   46.316651][ T4091]  dump_stack+0x15/0x1b
[   46.316669][ T4091]  should_fail_ex+0x265/0x280
[   46.316751][ T4091]  should_fail+0xb/0x20
[   46.316768][ T4091]  should_fail_usercopy+0x1a/0x20
[   46.316790][ T4091]  _copy_from_user+0x1c/0xb0
[   46.316817][ T4091]  autofs_dev_ioctl+0xdd/0x6a0
[   46.316861][ T4091]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[   46.316883][ T4091]  __se_sys_ioctl+0xce/0x140
[   46.316906][ T4091]  __x64_sys_ioctl+0x43/0x50
[   46.316936][ T4091]  x64_sys_call+0x1816/0x3000
[   46.316959][ T4091]  do_syscall_64+0xd2/0x200
[   46.317025][ T4091]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   46.317054][ T4091]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   46.317089][ T4091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.317191][ T4091] RIP: 0033:0x7fe79c0ff749
[   46.317208][ T4091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.317227][ T4091] RSP: 002b:00007fe79ab5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   46.317279][ T4091] RAX: ffffffffffffffda RBX: 00007fe79c355fa0 RCX: 00007fe79c0ff749
[   46.317293][ T4091] RDX: 0000200000000240 RSI: 00000000c0189374 RDI: 0000000000000006
[   46.317307][ T4091] RBP: 00007fe79ab5f090 R08: 0000000000000000 R09: 0000000000000000
[   46.317320][ T4091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.317334][ T4091] R13: 00007fe79c356038 R14: 00007fe79c355fa0 R15: 00007ffc28378218
[   46.317354][ T4091]  </TASK>
[   46.386210][ T4089] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.758757][   T29] kauditd_printk_skb: 267 callbacks suppressed
[   46.758773][   T29] audit: type=1326 audit(1764012886.136:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4094 comm="syz.1.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   46.759031][   T29] audit: type=1326 audit(1764012886.136:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4094 comm="syz.1.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   46.759153][   T29] audit: type=1326 audit(1764012886.136:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4094 comm="syz.1.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   46.759427][   T29] audit: type=1326 audit(1764012886.136:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4094 comm="syz.1.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   46.759533][   T29] audit: type=1326 audit(1764012886.136:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4094 comm="syz.1.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   46.759615][   T29] audit: type=1326 audit(1764012886.136:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4094 comm="syz.1.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   46.759962][   T29] audit: type=1326 audit(1764012886.136:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4094 comm="syz.1.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   46.759996][   T29] audit: type=1326 audit(1764012886.136:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4094 comm="syz.1.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   46.760084][   T29] audit: type=1326 audit(1764012886.136:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4094 comm="syz.1.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   46.760339][   T29] audit: type=1326 audit(1764012886.136:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4094 comm="syz.1.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   46.768778][ T4089] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.846517][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.867445][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.059660][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.086719][ T4098] loop0: detected capacity change from 0 to 512
[   47.104179][ T4098] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   47.115880][ T4098] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   47.126020][ T4098] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.186: Corrupt directory, running e2fsck is recommended
[   47.171287][ T4098] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   47.241123][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.290839][ T4104] loop3: detected capacity change from 0 to 512
[   47.305340][ T4098] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.186: corrupted in-inode xattr: invalid ea_ino
[   47.370988][ T4101] xt_hashlimit: max too large, truncated to 1048576
[   47.469481][ T4098] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.186: couldn't read orphan inode 15 (err -117)
[   47.631147][ T4098] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.661794][ T4119] loop1: detected capacity change from 0 to 512
[   47.668520][ T4098] bond3: entered promiscuous mode
[   47.679500][ T4119] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   47.691424][ T4119] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   47.701964][ T4119] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.194: Corrupt directory, running e2fsck is recommended
[   47.715670][ T4119] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   47.715772][ T4098] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   47.724213][ T4119] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.194: corrupted in-inode xattr: invalid ea_ino
[   47.735511][ T4098] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   47.735535][ T4098] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.186: Corrupt directory, running e2fsck is recommended
[   47.759201][ T4098] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.186: path /46/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   47.763202][ T4119] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.194: couldn't read orphan inode 15 (err -117)
[   47.792875][ T4098] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 64: comm syz.0.186: path /46/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   47.841985][ T4119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.875095][ T4119] bond2: entered promiscuous mode
[   47.901519][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.929569][ T4119] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   47.941416][ T4119] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   47.952208][ T4119] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.194: Corrupt directory, running e2fsck is recommended
[   47.974219][ T4119] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 3: comm syz.1.194: path /28/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   48.008058][ T4119] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 64: comm syz.1.194: path /28/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   48.084554][ T4136] loop3: detected capacity change from 0 to 1024
[   48.116043][ T4138] FAULT_INJECTION: forcing a failure.
[   48.116043][ T4138] name failslab, interval 1, probability 0, space 0, times 0
[   48.128994][ T4138] CPU: 0 UID: 0 PID: 4138 Comm: syz.2.199 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.129107][ T4138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   48.129121][ T4138] Call Trace:
[   48.129128][ T4138]  <TASK>
[   48.129137][ T4138]  __dump_stack+0x1d/0x30
[   48.129163][ T4138]  dump_stack_lvl+0xe8/0x140
[   48.129187][ T4138]  dump_stack+0x15/0x1b
[   48.129207][ T4138]  should_fail_ex+0x265/0x280
[   48.129315][ T4138]  should_failslab+0x8c/0xb0
[   48.129348][ T4138]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   48.129395][ T4138]  ? __alloc_skb+0x101/0x320
[   48.129429][ T4138]  __alloc_skb+0x101/0x320
[   48.129463][ T4138]  netlink_alloc_large_skb+0xbf/0xf0
[   48.129540][ T4138]  netlink_sendmsg+0x3cf/0x6b0
[   48.129565][ T4138]  ? __pfx_netlink_sendmsg+0x10/0x10
[   48.129588][ T4138]  __sock_sendmsg+0x145/0x180
[   48.129691][ T4138]  ____sys_sendmsg+0x31e/0x4e0
[   48.129716][ T4138]  ___sys_sendmsg+0x17b/0x1d0
[   48.129751][ T4138]  __x64_sys_sendmsg+0xd4/0x160
[   48.129777][ T4138]  x64_sys_call+0x191e/0x3000
[   48.129803][ T4138]  do_syscall_64+0xd2/0x200
[   48.129865][ T4138]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   48.129897][ T4138]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   48.129933][ T4138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.129961][ T4138] RIP: 0033:0x7f347e19f749
[   48.129979][ T4138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.129999][ T4138] RSP: 002b:00007f347cbff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.130041][ T4138] RAX: ffffffffffffffda RBX: 00007f347e3f5fa0 RCX: 00007f347e19f749
[   48.130056][ T4138] RDX: 0000000002000000 RSI: 0000200000000400 RDI: 000000000000000a
[   48.130070][ T4138] RBP: 00007f347cbff090 R08: 0000000000000000 R09: 0000000000000000
[   48.130083][ T4138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.130094][ T4138] R13: 00007f347e3f6038 R14: 00007f347e3f5fa0 R15: 00007ffd97d5b6d8
[   48.130115][ T4138]  </TASK>
[   48.342781][ T4129] loop4: detected capacity change from 0 to 512
[   48.369321][ T4129] EXT4-fs: Ignoring removed orlov option
[   48.396607][ T4129] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   48.416496][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.418365][ T4131] xt_TPROXY: Can be used only with -p tcp or -p udp
[   48.436240][ T4136] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.440433][ T4131] loop0: detected capacity change from 0 to 1024
[   48.455133][ T4136] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.467504][ T4131] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[   48.478584][ T4145] FAULT_INJECTION: forcing a failure.
[   48.478584][ T4145] name failslab, interval 1, probability 0, space 0, times 0
[   48.491665][ T4145] CPU: 0 UID: 0 PID: 4145 Comm: syz.2.200 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.491694][ T4145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   48.491707][ T4145] Call Trace:
[   48.491725][ T4145]  <TASK>
[   48.491733][ T4145]  __dump_stack+0x1d/0x30
[   48.491856][ T4145]  dump_stack_lvl+0xe8/0x140
[   48.491916][ T4145]  dump_stack+0x15/0x1b
[   48.491934][ T4145]  should_fail_ex+0x265/0x280
[   48.492036][ T4145]  should_failslab+0x8c/0xb0
[   48.492151][ T4145]  kmem_cache_alloc_lru_noprof+0x55/0x490
[   48.492244][ T4145]  ? hugetlbfs_alloc_inode+0xbc/0x100
[   48.492277][ T4145]  hugetlbfs_alloc_inode+0xbc/0x100
[   48.492305][ T4145]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[   48.492349][ T4145]  alloc_inode+0x40/0x170
[   48.492378][ T4145]  new_inode+0x1d/0xe0
[   48.492406][ T4145]  hugetlbfs_get_inode+0x7b/0x370
[   48.492496][ T4145]  hugetlb_file_setup+0x192/0x3d0
[   48.492676][ T4145]  ksys_mmap_pgoff+0x157/0x310
[   48.492700][ T4145]  x64_sys_call+0x14a3/0x3000
[   48.492725][ T4145]  do_syscall_64+0xd2/0x200
[   48.492749][ T4145]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   48.492832][ T4145]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   48.492867][ T4145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.492892][ T4145] RIP: 0033:0x7f347e19f749
[   48.492911][ T4145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.492931][ T4145] RSP: 002b:00007f347cbff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   48.493022][ T4145] RAX: ffffffffffffffda RBX: 00007f347e3f5fa0 RCX: 00007f347e19f749
[   48.493037][ T4145] RDX: 0000000000000002 RSI: 0000000000ff5000 RDI: 0000200000000000
[   48.493051][ T4145] RBP: 00007f347cbff090 R08: ffffffffffffffff R09: 0000000000000000
[   48.493067][ T4145] R10: 000000000004c831 R11: 0000000000000246 R12: 0000000000000001
[   48.493081][ T4145] R13: 00007f347e3f6038 R14: 00007f347e3f5fa0 R15: 00007ffd97d5b6d8
[   48.493100][ T4145]  </TASK>
[   48.494039][ T4129] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.196: corrupted in-inode xattr: e_value size too large
[   48.707734][ T4129] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.196: couldn't read orphan inode 15 (err -117)
[   48.708525][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.731344][ T4129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.831598][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.911403][ T4163] loop3: detected capacity change from 0 to 512
[   48.932891][ T4165] netlink: 12 bytes leftover after parsing attributes in process `gtp'.
[   48.965049][ T4163] EXT4-fs: Ignoring removed orlov option
[   48.971093][ T4165] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[   48.979262][ T4163] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   48.994168][ T4163] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.202: corrupted in-inode xattr: e_value size too large
[   49.091927][ T4163] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.202: couldn't read orphan inode 15 (err -117)
[   49.147584][ T4175] loop2: detected capacity change from 0 to 512
[   49.178698][ T4163] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.285578][ T4175] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.298625][ T4175] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   49.757402][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.232761][ T4191] FAULT_INJECTION: forcing a failure.
[   50.232761][ T4191] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   50.246145][ T4191] CPU: 1 UID: 0 PID: 4191 Comm: syz.0.213 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.246176][ T4191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   50.246187][ T4191] Call Trace:
[   50.246193][ T4191]  <TASK>
[   50.246202][ T4191]  __dump_stack+0x1d/0x30
[   50.246228][ T4191]  dump_stack_lvl+0xe8/0x140
[   50.246252][ T4191]  dump_stack+0x15/0x1b
[   50.246273][ T4191]  should_fail_ex+0x265/0x280
[   50.246361][ T4191]  should_fail_alloc_page+0xf2/0x100
[   50.246390][ T4191]  __alloc_frozen_pages_noprof+0xff/0x360
[   50.246541][ T4191]  alloc_pages_mpol+0xb3/0x260
[   50.246565][ T4191]  vma_alloc_folio_noprof+0x1aa/0x300
[   50.246588][ T4191]  handle_mm_fault+0xec2/0x2be0
[   50.246612][ T4191]  ? vma_start_read+0x141/0x1f0
[   50.246645][ T4191]  do_user_addr_fault+0x630/0x1080
[   50.246669][ T4191]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   50.246734][ T4191]  exc_page_fault+0x62/0xa0
[   50.246766][ T4191]  asm_exc_page_fault+0x26/0x30
[   50.246800][ T4191] RIP: 0033:0x7f4320b3cc5b
[   50.246816][ T4191] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[   50.246833][ T4191] RSP: 002b:00007f431f5d3e10 EFLAGS: 00010246
[   50.246849][ T4191] RAX: 00007f431f5d5f30 RBX: 00007f4320dba640 RCX: 0000000000000000
[   50.246861][ T4191] RDX: 00007f431f5d5f78 RSI: 00007f4320bf0df8 RDI: 00007f431f5d3e30
[   50.246876][ T4191] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[   50.246890][ T4191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.246907][ T4191] R13: 00007f4320de6128 R14: 00007f4320de6090 R15: 00007fffd73fd248
[   50.246937][ T4191]  </TASK>
[   50.246972][ T4191] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   50.379906][ T4181] xt_TPROXY: Can be used only with -p tcp or -p udp
[   50.463221][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.532422][ T4181] loop1: detected capacity change from 0 to 1024
[   50.561036][ T4181] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[   50.692448][ T4194] xt_TPROXY: Can be used only with -p tcp or -p udp
[   50.705488][ T4194] loop4: detected capacity change from 0 to 1024
[   50.725746][ T4194] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[   50.740821][ T4209] loop0: detected capacity change from 0 to 1024
[   50.763454][ T4209] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   50.789359][ T4209] EXT4-fs (loop0): mount failed
[   50.824978][ T4211] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   50.834774][ T4211] batman_adv: batadv0: Adding interface: dummy0
[   50.841128][ T4211] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   50.854255][ T4214] loop0: detected capacity change from 0 to 512
[   50.882881][ T4211] batman_adv: batadv0: Interface activated: dummy0
[   50.912992][ T4214] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   50.924590][ T4214] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   50.934740][ T4214] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.221: Corrupt directory, running e2fsck is recommended
[   50.954218][ T4215] batadv0: mtu less than device minimum
[   50.960236][ T4215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   50.960512][ T4218] FAULT_INJECTION: forcing a failure.
[   50.960512][ T4218] name failslab, interval 1, probability 0, space 0, times 0
[   50.971006][ T4215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   50.983499][ T4218] CPU: 0 UID: 0 PID: 4218 Comm: syz.4.222 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.983527][ T4218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   50.983610][ T4218] Call Trace:
[   50.983617][ T4218]  <TASK>
[   50.983626][ T4218]  __dump_stack+0x1d/0x30
[   50.983650][ T4218]  dump_stack_lvl+0xe8/0x140
[   50.983671][ T4218]  dump_stack+0x15/0x1b
[   50.983689][ T4218]  should_fail_ex+0x265/0x280
[   50.983722][ T4218]  should_failslab+0x8c/0xb0
[   50.983779][ T4218]  kmem_cache_alloc_noprof+0x50/0x480
[   50.983815][ T4218]  ? alloc_empty_file+0x76/0x200
[   50.983846][ T4218]  ? mntput+0x4b/0x80
[   50.983932][ T4218]  alloc_empty_file+0x76/0x200
[   50.983989][ T4218]  path_openat+0x68/0x2170
[   50.984010][ T4218]  ? _parse_integer_limit+0x170/0x190
[   50.984161][ T4218]  ? kstrtoull+0x111/0x140
[   50.984191][ T4218]  ? kstrtouint+0x76/0xc0
[   50.984221][ T4218]  do_filp_open+0x109/0x230
[   50.984250][ T4218]  do_sys_openat2+0xa6/0x110
[   50.984299][ T4218]  __x64_sys_openat+0xf2/0x120
[   50.984320][ T4218]  x64_sys_call+0x2eab/0x3000
[   50.984342][ T4218]  do_syscall_64+0xd2/0x200
[   50.984364][ T4218]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   50.984391][ T4218]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   50.984488][ T4218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.984510][ T4218] RIP: 0033:0x7f886704f749
[   50.984526][ T4218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.984583][ T4218] RSP: 002b:00007f8865aaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   50.984604][ T4218] RAX: ffffffffffffffda RBX: 00007f88672a5fa0 RCX: 00007f886704f749
[   50.984617][ T4218] RDX: 0000000000200000 RSI: 0000200000004040 RDI: ffffffffffffff9c
[   50.984692][ T4218] RBP: 00007f8865aaf090 R08: 0000000000000000 R09: 0000000000000000
[   50.984705][ T4218] R10: 0000000000000070 R11: 0000000000000246 R12: 0000000000000001
[   50.984717][ T4218] R13: 00007f88672a6038 R14: 00007f88672a5fa0 R15: 00007ffeee6c98c8
[   50.984754][ T4218]  </TASK>
[   51.030524][ T4214] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   51.033528][ T4215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   51.038091][ T4214] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.221: corrupted in-inode xattr: invalid ea_ino
[   51.042873][ T4215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   51.048238][ T4214] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.221: couldn't read orphan inode 15 (err -117)
[   51.053353][ T4215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   51.057553][ T4214] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.062104][ T4215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   51.125669][ T4230] netlink: 56 bytes leftover after parsing attributes in process `syz.3.226'.
[   51.126348][ T4215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   51.305985][ T4215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   51.382775][ T4241] loop4: detected capacity change from 0 to 512
[   51.415840][ T4214] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   51.427463][ T4214] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   51.437904][ T4214] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.221: Corrupt directory, running e2fsck is recommended
[   51.508979][ T4214] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.221: path /54/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   51.650030][ T4214] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 64: comm syz.0.221: path /54/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   51.679458][ T4238] bond4: entered promiscuous mode
[   51.702358][ T4267] random: crng reseeded on system resumption
[   51.730454][ T4241] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.730522][ T4241] ext4 filesystem being mounted at /52/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   51.869648][ T4271] loop0: detected capacity change from 0 to 512
[   51.944323][ T4271] ext4 filesystem being mounted at /55/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.982617][ T4257] xt_TPROXY: Can be used only with -p tcp or -p udp
[   51.995578][ T4257] loop2: detected capacity change from 0 to 1024
[   52.018809][ T4257] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   52.209652][ T4276] FAULT_INJECTION: forcing a failure.
[   52.209652][ T4276] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.222893][ T4276] CPU: 1 UID: 0 PID: 4276 Comm: syz.2.238 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.223068][ T4276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.223081][ T4276] Call Trace:
[   52.223089][ T4276]  <TASK>
[   52.223096][ T4276]  __dump_stack+0x1d/0x30
[   52.223139][ T4276]  dump_stack_lvl+0xe8/0x140
[   52.223162][ T4276]  dump_stack+0x15/0x1b
[   52.223183][ T4276]  should_fail_ex+0x265/0x280
[   52.223294][ T4276]  should_fail+0xb/0x20
[   52.223312][ T4276]  should_fail_usercopy+0x1a/0x20
[   52.223336][ T4276]  _copy_to_user+0x20/0xa0
[   52.223364][ T4276]  simple_read_from_buffer+0xb5/0x130
[   52.223387][ T4276]  proc_fail_nth_read+0x10e/0x150
[   52.223482][ T4276]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   52.223516][ T4276]  vfs_read+0x1a8/0x770
[   52.223586][ T4276]  ? __rcu_read_unlock+0x4f/0x70
[   52.223612][ T4276]  ? __fget_files+0x184/0x1c0
[   52.223767][ T4276]  ksys_read+0xda/0x1a0
[   52.223871][ T4276]  __x64_sys_read+0x40/0x50
[   52.223897][ T4276]  x64_sys_call+0x27c0/0x3000
[   52.223940][ T4276]  do_syscall_64+0xd2/0x200
[   52.223959][ T4276]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.223991][ T4276]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.224050][ T4276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.224070][ T4276] RIP: 0033:0x7f347e19e15c
[   52.224085][ T4276] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   52.224154][ T4276] RSP: 002b:00007f347cbff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   52.224173][ T4276] RAX: ffffffffffffffda RBX: 00007f347e3f5fa0 RCX: 00007f347e19e15c
[   52.224186][ T4276] RDX: 000000000000000f RSI: 00007f347cbff0a0 RDI: 0000000000000003
[   52.224197][ T4276] RBP: 00007f347cbff090 R08: 0000000000000000 R09: 0000000000000000
[   52.224216][ T4276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.224242][ T4276] R13: 00007f347e3f6038 R14: 00007f347e3f5fa0 R15: 00007ffd97d5b6d8
[   52.224261][ T4276]  </TASK>
[   52.457954][   T29] kauditd_printk_skb: 58 callbacks suppressed
[   52.457999][   T29] audit: type=1400 audit(1764012891.826:1622): avc:  denied  { write } for  pid=4278 comm="syz.1.239" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   52.565948][ T4291] loop2: detected capacity change from 0 to 512
[   52.576458][   T29] audit: type=1400 audit(1764012891.946:1623): avc:  denied  { connect } for  pid=4292 comm="syz.4.245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   52.596095][   T29] audit: type=1400 audit(1764012891.946:1624): avc:  denied  { write } for  pid=4292 comm="syz.4.245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   52.615547][   T29] audit: type=1326 audit(1764012891.946:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   52.615579][   T29] audit: type=1326 audit(1764012891.946:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   52.619853][ T4291] EXT4-fs: Ignoring removed orlov option
[   52.685102][   T29] audit: type=1326 audit(1764012891.996:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   52.708492][   T29] audit: type=1326 audit(1764012891.996:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   52.731972][   T29] audit: type=1326 audit(1764012891.996:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   52.755512][   T29] audit: type=1326 audit(1764012892.046:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   52.779010][   T29] audit: type=1326 audit(1764012892.046:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   52.779363][ T4291] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   52.818166][ T4291] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.241: corrupted in-inode xattr: e_value size too large
[   52.834046][ T4291] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.241: couldn't read orphan inode 15 (err -117)
[   52.868957][ T4303] bond5: up delay (1005383197) is not a multiple of miimon (100), value rounded to 1005383100 ms
[   52.879684][ T4303] bond5: entered promiscuous mode
[   52.894656][ T4303] lo speed is unknown, defaulting to 1000
[   52.900901][ T4303] lo speed is unknown, defaulting to 1000
[   52.907083][ T4303] lo speed is unknown, defaulting to 1000
[   52.913462][ T4303] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   52.921339][ T4303] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   52.932715][ T4303] lo speed is unknown, defaulting to 1000
[   52.940840][ T4303] lo speed is unknown, defaulting to 1000
[   52.947472][ T4303] lo speed is unknown, defaulting to 1000
[   52.957241][ T4303] lo speed is unknown, defaulting to 1000
[   52.963598][ T4303] lo speed is unknown, defaulting to 1000
[   52.975868][ T4307] loop2: detected capacity change from 0 to 512
[   52.989360][ T4307] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   53.001108][ T4307] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   53.011526][ T4307] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.249: Corrupt directory, running e2fsck is recommended
[   53.025014][ T4307] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   53.033985][ T4307] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.249: corrupted in-inode xattr: invalid ea_ino
[   53.051054][ T4307] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.249: couldn't read orphan inode 15 (err -117)
[   53.066927][ T4307] bond2: entered promiscuous mode
[   53.120000][ T4316] loop0: detected capacity change from 0 to 512
[   53.131383][ T4316] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   53.143013][ T4316] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   53.147775][ T4307] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   53.153269][ T4316] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.252: Corrupt directory, running e2fsck is recommended
[   53.160460][ T4316] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   53.165292][ T4307] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   53.178991][ T4316] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.252: corrupted in-inode xattr: invalid ea_ino
[   53.186911][ T4307] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.249: Corrupt directory, running e2fsck is recommended
[   53.197685][ T4316] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.252: couldn't read orphan inode 15 (err -117)
[   53.211035][ T4307] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.249: path /48/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   53.238826][ T4316] bond6: entered promiscuous mode
[   53.256648][ T4307] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 64: comm syz.2.249: path /48/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   53.336930][ T4316] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   53.348785][ T4316] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   53.359101][ T4316] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.252: Corrupt directory, running e2fsck is recommended
[   53.385278][ T4316] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.252: path /58/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   53.405908][ T4316] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 64: comm syz.0.252: path /58/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   53.534847][ T4333] loop3: detected capacity change from 0 to 1024
[   53.551763][ T4333] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   53.568275][ T4333] EXT4-fs (loop3): mount failed
[   53.600730][ T4337] FAULT_INJECTION: forcing a failure.
[   53.600730][ T4337] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.614110][ T4337] CPU: 0 UID: 0 PID: 4337 Comm: syz.1.258 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.614135][ T4337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   53.614147][ T4337] Call Trace:
[   53.614155][ T4337]  <TASK>
[   53.614165][ T4337]  __dump_stack+0x1d/0x30
[   53.614248][ T4337]  dump_stack_lvl+0xe8/0x140
[   53.614278][ T4337]  dump_stack+0x15/0x1b
[   53.614297][ T4337]  should_fail_ex+0x265/0x280
[   53.614333][ T4337]  should_fail+0xb/0x20
[   53.614351][ T4337]  should_fail_usercopy+0x1a/0x20
[   53.614428][ T4337]  _copy_to_user+0x20/0xa0
[   53.614455][ T4337]  simple_read_from_buffer+0xb5/0x130
[   53.614551][ T4337]  proc_fail_nth_read+0x10e/0x150
[   53.614651][ T4337]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   53.614682][ T4337]  vfs_read+0x1a8/0x770
[   53.614787][ T4337]  ? __rcu_read_unlock+0x4f/0x70
[   53.614815][ T4337]  ? __fget_files+0x184/0x1c0
[   53.614853][ T4337]  ksys_read+0xda/0x1a0
[   53.614908][ T4337]  __x64_sys_read+0x40/0x50
[   53.614931][ T4337]  x64_sys_call+0x27c0/0x3000
[   53.614951][ T4337]  do_syscall_64+0xd2/0x200
[   53.614974][ T4337]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.615048][ T4337]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   53.615158][ T4337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.615181][ T4337] RIP: 0033:0x7fe79c0fe15c
[   53.615198][ T4337] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   53.615217][ T4337] RSP: 002b:00007fe79ab3e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   53.615239][ T4337] RAX: ffffffffffffffda RBX: 00007fe79c356090 RCX: 00007fe79c0fe15c
[   53.615254][ T4337] RDX: 000000000000000f RSI: 00007fe79ab3e0a0 RDI: 0000000000000006
[   53.615267][ T4337] RBP: 00007fe79ab3e090 R08: 0000000000000000 R09: 0000000000000000
[   53.615303][ T4337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.615314][ T4337] R13: 00007fe79c356128 R14: 00007fe79c356090 R15: 00007ffc28378218
[   53.615331][ T4337]  </TASK>
[   53.910342][ T4347] loop3: detected capacity change from 0 to 512
[   53.917110][ T4347] EXT4-fs: Ignoring removed orlov option
[   53.951938][ T4351] loop4: detected capacity change from 0 to 1024
[   53.977268][ T4351] EXT4-fs: Ignoring removed oldalloc option
[   53.983320][ T4351] EXT4-fs: Ignoring removed bh option
[   54.005390][ T4347] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   54.023585][ T4347] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.260: corrupted in-inode xattr: e_value size too large
[   54.040942][ T4347] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.260: couldn't read orphan inode 15 (err -117)
[   54.114197][ T4361] netlink: 12 bytes leftover after parsing attributes in process `syz.2.264'.
[   54.147282][ T4363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.269'.
[   54.178130][ T4363] netlink: 12 bytes leftover after parsing attributes in process `syz.3.269'.
[   54.187044][ T4363] netlink: 'syz.3.269': attribute type 1 has an invalid length.
[   54.222507][ T4363] FAULT_INJECTION: forcing a failure.
[   54.222507][ T4363] name failslab, interval 1, probability 0, space 0, times 0
[   54.235232][ T4363] CPU: 0 UID: 0 PID: 4363 Comm: syz.3.269 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.235264][ T4363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   54.235335][ T4363] Call Trace:
[   54.235414][ T4363]  <TASK>
[   54.235423][ T4363]  __dump_stack+0x1d/0x30
[   54.235444][ T4363]  dump_stack_lvl+0xe8/0x140
[   54.235467][ T4363]  dump_stack+0x15/0x1b
[   54.235539][ T4363]  should_fail_ex+0x265/0x280
[   54.235618][ T4363]  ? audit_log_d_path+0x8d/0x150
[   54.235644][ T4363]  should_failslab+0x8c/0xb0
[   54.235670][ T4363]  __kmalloc_cache_noprof+0x4c/0x4a0
[   54.235704][ T4363]  audit_log_d_path+0x8d/0x150
[   54.235829][ T4363]  audit_log_d_path_exe+0x42/0x70
[   54.235895][ T4363]  audit_log_task+0x1e9/0x250
[   54.235987][ T4363]  ? kstrtouint+0x76/0xc0
[   54.236022][ T4363]  audit_seccomp+0x61/0x100
[   54.236057][ T4363]  ? __seccomp_filter+0x82d/0x1250
[   54.236169][ T4363]  __seccomp_filter+0x83e/0x1250
[   54.236200][ T4363]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   54.236302][ T4363]  ? vfs_write+0x7e8/0x960
[   54.236331][ T4363]  __secure_computing+0x82/0x150
[   54.236361][ T4363]  syscall_trace_enter+0xcf/0x1e0
[   54.236387][ T4363]  do_syscall_64+0xac/0x200
[   54.236414][ T4363]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   54.236442][ T4363]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   54.236475][ T4363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.236577][ T4363] RIP: 0033:0x7f70a1bef749
[   54.236594][ T4363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.236613][ T4363] RSP: 002b:00007f70a064f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.236637][ T4363] RAX: ffffffffffffffda RBX: 00007f70a1e45fa0 RCX: 00007f70a1bef749
[   54.236653][ T4363] RDX: 0000000000000840 RSI: 0000200000000280 RDI: 0000000000000009
[   54.236665][ T4363] RBP: 00007f70a064f090 R08: 0000000000000000 R09: 0000000000000000
[   54.236751][ T4363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.236765][ T4363] R13: 00007f70a1e46038 R14: 00007f70a1e45fa0 R15: 00007fffc16e4678
[   54.236787][ T4363]  </TASK>
[   54.460543][ T4368] loop4: detected capacity change from 0 to 2048
[   54.655587][ T4373] loop0: detected capacity change from 0 to 512
[   54.692244][ T4373] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   54.734020][ T4373] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.271: invalid indirect mapped block 4294967295 (level 0)
[   54.778379][ T4373] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.271: invalid indirect mapped block 4294967295 (level 1)
[   54.811483][ T4373] EXT4-fs (loop0): 1 orphan inode deleted
[   54.817408][ T4373] EXT4-fs (loop0): 1 truncate cleaned up
[   54.855181][ T4368] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.270: bg 0: block 234: padding at end of block bitmap is not set
[   54.870868][ T4368] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   54.883647][ T4368] EXT4-fs (loop4): This should not happen!! Data will be lost
[   54.883647][ T4368] 
[   54.893399][ T4368] EXT4-fs (loop4): Total free blocks count 0
[   54.899508][ T4368] EXT4-fs (loop4): Free/Dirty block details
[   54.905560][ T4368] EXT4-fs (loop4): free_blocks=0
[   54.910599][ T4368] EXT4-fs (loop4): dirty_blocks=8192
[   54.915997][ T4368] EXT4-fs (loop4): Block reservation details
[   54.922190][ T4368] EXT4-fs (loop4): i_reserved_data_blocks=512
[   54.973479][   T38] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   54.986644][   T38] EXT4-fs (loop4): This should not happen!! Data will be lost
[   54.986644][   T38] 
[   55.187182][ T4395] loop0: detected capacity change from 0 to 512
[   55.198111][ T4398] net_ratelimit: 12 callbacks suppressed
[   55.198130][ T4398] openvswitch: netlink: Message has 8 unknown bytes.
[   55.247798][ T4395] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   55.259414][ T4395] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   55.269544][ T4395] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.279: Corrupt directory, running e2fsck is recommended
[   55.284687][ T4406] SELinux:  Context system_u:object is not valid (left unmapped).
[   55.292932][ T4395] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   55.295488][ T4406] netlink: 20 bytes leftover after parsing attributes in process `syz.3.284'.
[   55.301453][ T4395] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.279: corrupted in-inode xattr: invalid ea_ino
[   55.324196][ T4395] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.279: couldn't read orphan inode 15 (err -117)
[   55.351746][ T4395] bond7: entered promiscuous mode
[   55.362206][ T4408] loop2: detected capacity change from 0 to 512
[   55.377226][ T4408] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   55.399505][ T4408] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.283: invalid indirect mapped block 4294967295 (level 0)
[   55.413899][ T4408] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.283: invalid indirect mapped block 4294967295 (level 1)
[   55.428927][ T4408] EXT4-fs (loop2): 1 orphan inode deleted
[   55.434681][ T4408] EXT4-fs (loop2): 1 truncate cleaned up
[   55.463378][ T4417] FAULT_INJECTION: forcing a failure.
[   55.463378][ T4417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.464950][ T4395] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   55.476839][ T4417] CPU: 0 UID: 0 PID: 4417 Comm: syz.3.289 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.476876][ T4417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   55.476900][ T4417] Call Trace:
[   55.476989][ T4417]  <TASK>
[   55.476997][ T4417]  __dump_stack+0x1d/0x30
[   55.477067][ T4417]  dump_stack_lvl+0xe8/0x140
[   55.477088][ T4417]  dump_stack+0x15/0x1b
[   55.477106][ T4417]  should_fail_ex+0x265/0x280
[   55.477139][ T4417]  should_fail+0xb/0x20
[   55.477184][ T4417]  should_fail_usercopy+0x1a/0x20
[   55.477205][ T4417]  _copy_from_iter+0x390/0xe80
[   55.477233][ T4417]  raw_send_hdrinc+0x5db/0xa80
[   55.477260][ T4417]  raw_sendmsg+0xbe8/0xe60
[   55.477340][ T4417]  ? __pfx_raw_sendmsg+0x10/0x10
[   55.477432][ T4417]  inet_sendmsg+0xc5/0xd0
[   55.477455][ T4417]  __sock_sendmsg+0x102/0x180
[   55.477480][ T4417]  ____sys_sendmsg+0x345/0x4e0
[   55.477502][ T4417]  ___sys_sendmsg+0x17b/0x1d0
[   55.477532][ T4417]  __sys_sendmmsg+0x178/0x300
[   55.477596][ T4417]  __x64_sys_sendmmsg+0x57/0x70
[   55.477616][ T4417]  x64_sys_call+0x1c4a/0x3000
[   55.477689][ T4417]  do_syscall_64+0xd2/0x200
[   55.477790][ T4417]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.477904][ T4417]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   55.478011][ T4417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.478096][ T4417] RIP: 0033:0x7f70a1bef749
[   55.478114][ T4417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.478136][ T4417] RSP: 002b:00007f70a064f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   55.478224][ T4417] RAX: ffffffffffffffda RBX: 00007f70a1e45fa0 RCX: 00007f70a1bef749
[   55.478237][ T4417] RDX: 0000000000000001 RSI: 0000200000000a40 RDI: 0000000000000003
[   55.478250][ T4417] RBP: 00007f70a064f090 R08: 0000000000000000 R09: 0000000000000000
[   55.478262][ T4417] R10: 0000000004004040 R11: 0000000000000246 R12: 0000000000000001
[   55.478340][ T4417] R13: 00007f70a1e46038 R14: 00007f70a1e45fa0 R15: 00007fffc16e4678
[   55.478358][ T4417]  </TASK>
[   55.692560][ T4395] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   55.702716][ T4395] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.279: Corrupt directory, running e2fsck is recommended
[   55.719176][ T4395] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.279: path /68/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   55.739141][ T4424] netlink: 56 bytes leftover after parsing attributes in process `syz.3.291'.
[   55.745063][ T4395] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 64: comm syz.0.279: path /68/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   55.847820][ T4428] loop4: detected capacity change from 0 to 8192
[   55.871262][ T4434] wireguard0: entered promiscuous mode
[   55.876860][ T4434] wireguard0: entered allmulticast mode
[   55.908572][ T4428]  loop4: p1 < > p2 < > p3 p4 < >
[   55.913728][ T4428] loop4: partition table partially beyond EOD, truncated
[   55.921388][ T4428] loop4: p1 start 67108864 is beyond EOD, truncated
[   55.931266][ T4428] loop4: p3 start 100859904 is beyond EOD, truncated
[   56.507327][ T4448] netlink: 12 bytes leftover after parsing attributes in process `syz.0.296'.
[   56.733235][ T4446] loop3: detected capacity change from 0 to 8192
[   56.844225][ T4450] loop4: detected capacity change from 0 to 1024
[   57.058446][ T4450] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   57.112458][ T4450] EXT4-fs (loop4): mount failed
[   57.221801][ T4455] loop3: detected capacity change from 0 to 512
[   57.258250][ T4455] EXT4-fs: Ignoring removed orlov option
[   57.274630][ T4455] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   57.304362][ T4455] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.299: corrupted in-inode xattr: e_value size too large
[   57.338165][ T4455] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.299: couldn't read orphan inode 15 (err -117)
[   57.582511][   T29] kauditd_printk_skb: 222 callbacks suppressed
[   57.582548][   T29] audit: type=1326 audit(1764012896.956:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4457 comm="syz.3.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   57.612225][   T29] audit: type=1326 audit(1764012896.956:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4457 comm="syz.3.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   57.678051][   T29] audit: type=1326 audit(1764012897.016:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4457 comm="syz.3.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   57.701572][   T29] audit: type=1326 audit(1764012897.016:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4457 comm="syz.3.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   57.725092][   T29] audit: type=1326 audit(1764012897.016:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4457 comm="syz.3.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   57.748757][   T29] audit: type=1326 audit(1764012897.016:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4457 comm="syz.3.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   57.761546][ T4460] loop4: detected capacity change from 0 to 8192
[   57.772355][   T29] audit: type=1326 audit(1764012897.016:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4457 comm="syz.3.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   57.802592][   T29] audit: type=1326 audit(1764012897.016:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4457 comm="syz.3.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   57.826132][   T29] audit: type=1326 audit(1764012897.016:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4457 comm="syz.3.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   57.849580][   T29] audit: type=1326 audit(1764012897.016:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4457 comm="syz.3.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a1bef749 code=0x7ffc0000
[   57.894164][ T4466] loop3: detected capacity change from 0 to 1024
[   57.920034][ T4466] EXT4-fs: Ignoring removed nobh option
[   57.925705][ T4466] EXT4-fs: Ignoring removed bh option
[   57.945511][ T4460]  loop4: p1 < > p2 < > p3 p4 < >
[   57.950812][ T4460] loop4: partition table partially beyond EOD, truncated
[   57.961475][ T4460] loop4: p1 start 67108864 is beyond EOD, truncated
[   57.962995][ T4469] loop2: detected capacity change from 0 to 512
[   57.975046][ T4460] loop4: p3 start 100859904 is beyond EOD, truncated
[   57.978216][ T4469] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   57.999200][ T4469] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.305: invalid indirect mapped block 4294967295 (level 0)
[   58.016671][ T4469] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.305: invalid indirect mapped block 4294967295 (level 1)
[   58.034060][ T4469] EXT4-fs (loop2): 1 orphan inode deleted
[   58.039885][ T4469] EXT4-fs (loop2): 1 truncate cleaned up
[   58.116755][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   58.134528][ T3297] udevd[3297]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   58.176111][ T4476] bond8: entered promiscuous mode
[   58.189723][ T4479] loop2: detected capacity change from 0 to 512
[   58.214344][ T4479] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   58.226368][ T4479] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   58.236664][ T4479] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.307: Corrupt directory, running e2fsck is recommended
[   58.305930][ T4479] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   58.314261][ T4479] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.307: corrupted in-inode xattr: invalid ea_ino
[   58.337798][ T4479] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.307: couldn't read orphan inode 15 (err -117)
[   58.345716][ T4474] netlink: 12 bytes leftover after parsing attributes in process `syz.3.304'.
[   58.377143][ T4474] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[   58.396959][ T4479] bond3: entered promiscuous mode
[   58.439917][ T4487] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4487 comm=syz.0.309
[   58.476499][ T4479] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   58.488186][ T4479] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   58.498394][ T4479] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.307: Corrupt directory, running e2fsck is recommended
[   58.511233][ T4479] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.307: path /55/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   58.531234][ T4479] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 64: comm syz.2.307: path /55/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   58.551966][ T4493] FAULT_INJECTION: forcing a failure.
[   58.551966][ T4493] name failslab, interval 1, probability 0, space 0, times 0
[   58.564649][ T4493] CPU: 0 UID: 0 PID: 4493 Comm: syz.0.312 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.564679][ T4493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.564706][ T4493] Call Trace:
[   58.564713][ T4493]  <TASK>
[   58.564720][ T4493]  __dump_stack+0x1d/0x30
[   58.564744][ T4493]  dump_stack_lvl+0xe8/0x140
[   58.564766][ T4493]  dump_stack+0x15/0x1b
[   58.564784][ T4493]  should_fail_ex+0x265/0x280
[   58.564913][ T4493]  ? sctp_add_bind_addr+0x71/0x1e0
[   58.564943][ T4493]  should_failslab+0x8c/0xb0
[   58.565038][ T4493]  __kmalloc_cache_noprof+0x4c/0x4a0
[   58.565120][ T4493]  sctp_add_bind_addr+0x71/0x1e0
[   58.565138][ T4493]  sctp_copy_local_addr_list+0x199/0x220
[   58.565205][ T4493]  sctp_copy_one_addr+0x7f/0x280
[   58.565306][ T4493]  sctp_bind_addr_copy+0x79/0x290
[   58.565358][ T4493]  sctp_assoc_set_bind_addr_from_ep+0xce/0xe0
[   58.565433][ T4493]  sctp_connect_new_asoc+0x1c3/0x3a0
[   58.565465][ T4493]  __sctp_connect+0x424/0x7a0
[   58.565544][ T4493]  ? selinux_sctp_bind_connect+0x20d/0x250
[   58.565585][ T4493]  sctp_getsockopt_connectx3+0x220/0x300
[   58.565606][ T4493]  sctp_getsockopt+0x910/0xaa0
[   58.565683][ T4493]  sock_common_getsockopt+0x60/0x70
[   58.565715][ T4493]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   58.565794][ T4493]  do_sock_getsockopt+0x200/0x240
[   58.565833][ T4493]  __x64_sys_getsockopt+0x11e/0x1a0
[   58.565871][ T4493]  x64_sys_call+0x2bca/0x3000
[   58.565915][ T4493]  do_syscall_64+0xd2/0x200
[   58.565998][ T4493]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.566039][ T4493]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.566150][ T4493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.566175][ T4493] RIP: 0033:0x7f4320b8f749
[   58.566194][ T4493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.566214][ T4493] RSP: 002b:00007f431f5f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   58.566237][ T4493] RAX: ffffffffffffffda RBX: 00007f4320de5fa0 RCX: 00007f4320b8f749
[   58.566251][ T4493] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[   58.566266][ T4493] RBP: 00007f431f5f7090 R08: 0000200000000180 R09: 0000000000000000
[   58.566279][ T4493] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002
[   58.566366][ T4493] R13: 00007f4320de6038 R14: 00007f4320de5fa0 R15: 00007fffd73fd248
[   58.566387][ T4493]  </TASK>
[   58.810849][ T4496] loop4: detected capacity change from 0 to 1024
[   58.835903][ T4496] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.855692][ T4496] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 3: comm syz.4.313: lblock 3 mapped to illegal pblock 3 (length 3)
[   58.876049][ T4496] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[   58.888409][ T4496] EXT4-fs (loop4): This should not happen!! Data will be lost
[   58.888409][ T4496] 
[   58.939885][   T38] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:2: lblock 8 mapped to illegal pblock 8 (length 8)
[   58.963899][   T38] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[   58.963964][   T38] EXT4-fs (loop4): This should not happen!! Data will be lost
[   58.963964][   T38] 
[   58.964367][   T38] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 112: padding at end of block bitmap is not set
[   58.964558][   T38] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 48 with max blocks 20 with error 117
[   58.964580][   T38] EXT4-fs (loop4): This should not happen!! Data will be lost
[   58.964580][   T38] 
[   59.063151][ T4508] loop3: detected capacity change from 0 to 512
[   59.064202][ T4508] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   59.064250][ T4508] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   59.103292][ T3589] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[   59.127759][ T4513] loop3: detected capacity change from 0 to 512
[   59.181170][ T4513] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   59.192888][ T4513] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   59.192914][ T4513] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.318: Corrupt directory, running e2fsck is recommended
[   59.225473][ T4513] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   59.252285][ T4513] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.318: corrupted in-inode xattr: invalid ea_ino
[   59.273840][ T4513] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.318: couldn't read orphan inode 15 (err -117)
[   59.296311][ T4525] SELinux:  Context system_u:object_r:lost_found_t:s0 is not valid (left unmapped).
[   59.308142][ T4525] netlink: 104 bytes leftover after parsing attributes in process `syz.0.323'.
[   59.333021][ T4513] bond4: entered promiscuous mode
[   59.375936][ T4513] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   59.387660][ T4513] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   59.397884][ T4513] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.318: Corrupt directory, running e2fsck is recommended
[   59.411170][ T4513] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.318: path /64/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   59.431135][ T4513] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 64: comm syz.3.318: path /64/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   59.555232][ T4545] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.328'.
[   59.567683][ T4545] netlink: zone id is out of range
[   59.572913][ T4545] netlink: zone id is out of range
[   59.581099][ T4545] netlink: zone id is out of range
[   59.586457][ T4545] netlink: zone id is out of range
[   59.587203][ T4545] netlink: zone id is out of range
[   59.587215][ T4545] netlink: zone id is out of range
[   59.587347][ T4545] netlink: zone id is out of range
[   59.587355][ T4545] netlink: zone id is out of range
[   59.803426][ T4558] netlink: 24 bytes leftover after parsing attributes in process `syz.3.335'.
[   59.820170][ T4558] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4558 comm=syz.3.335
[   59.892349][ T4566] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=48847 sclass=netlink_route_socket pid=4566 comm=syz.3.339
[   59.946599][ T4571] loop3: detected capacity change from 0 to 512
[   59.956876][ T4571] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   59.968878][ T4571] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   59.979215][ T4571] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.341: Corrupt directory, running e2fsck is recommended
[   59.992456][ T4571] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   60.000832][ T4571] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.341: corrupted in-inode xattr: invalid ea_ino
[   60.014717][ T4571] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.341: couldn't read orphan inode 15 (err -117)
[   60.036813][ T4571] bond5: entered promiscuous mode
[   60.085388][ T4571] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   60.096946][ T4571] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[   60.107333][ T4571] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.341: Corrupt directory, running e2fsck is recommended
[   60.120520][ T4571] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.341: path /73/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   60.142255][ T4571] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 64: comm syz.3.341: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   60.245524][ T4589] loop4: detected capacity change from 0 to 512
[   60.254083][ T4589] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   60.270865][ T4589] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.346: invalid indirect mapped block 4294967295 (level 0)
[   60.275752][ T4592] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4592 comm=syz.0.347
[   60.300439][ T4592] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=4592 comm=syz.0.347
[   60.306386][ T4589] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.346: invalid indirect mapped block 4294967295 (level 1)
[   60.329759][ T4595] netlink: 24 bytes leftover after parsing attributes in process `syz.3.348'.
[   60.339162][ T4592] netlink: 8 bytes leftover after parsing attributes in process `syz.0.347'.
[   60.362339][ T4589] EXT4-fs (loop4): 1 orphan inode deleted
[   60.368205][ T4589] EXT4-fs (loop4): 1 truncate cleaned up
[   60.375992][ T4595] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4595 comm=syz.3.348
[   60.395482][ T4597] bridge: RTM_NEWNEIGH with invalid ether address
[   60.512013][ T4608] loop2: detected capacity change from 0 to 512
[   60.526318][ T4608] EXT4-fs: Ignoring removed orlov option
[   60.547458][ T4608] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   60.552661][ T4613] loop4: detected capacity change from 0 to 512
[   60.557845][ T4608] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.352: corrupted in-inode xattr: e_value size too large
[   60.576298][ T4608] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.352: couldn't read orphan inode 15 (err -117)
[   60.577074][ T4613] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   60.600717][ T4613] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   60.611159][ T4613] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.355: Corrupt directory, running e2fsck is recommended
[   60.624676][ T4613] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   60.633535][ T4613] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.355: corrupted in-inode xattr: invalid ea_ino
[   60.647949][ T4613] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.355: couldn't read orphan inode 15 (err -117)
[   60.690993][ T4613] bond3: entered promiscuous mode
[   60.736911][ T4625] netlink: 8 bytes leftover after parsing attributes in process `syz.3.359'.
[   60.746364][ T4623] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   60.753835][ T4623] batman_adv: batadv0: Removing interface: batadv_slave_0
[   60.802289][ T4613] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   60.813988][ T4613] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   60.824154][ T4613] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.355: Corrupt directory, running e2fsck is recommended
[   60.839632][ T4623] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   60.847062][ T4623] batman_adv: batadv0: Removing interface: batadv_slave_1
[   60.854937][ T4613] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.355: path /83/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   60.874925][ T4613] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 64: comm syz.4.355: path /83/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   60.921079][ T4631] FAULT_INJECTION: forcing a failure.
[   60.921079][ T4631] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   60.934477][ T4631] CPU: 1 UID: 0 PID: 4631 Comm: syz.3.361 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.934509][ T4631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.934523][ T4631] Call Trace:
[   60.934530][ T4631]  <TASK>
[   60.934538][ T4631]  __dump_stack+0x1d/0x30
[   60.934562][ T4631]  dump_stack_lvl+0xe8/0x140
[   60.934584][ T4631]  dump_stack+0x15/0x1b
[   60.934671][ T4631]  should_fail_ex+0x265/0x280
[   60.934709][ T4631]  should_fail_alloc_page+0xf2/0x100
[   60.934832][ T4631]  __alloc_frozen_pages_noprof+0xff/0x360
[   60.934955][ T4631]  alloc_pages_mpol+0xb3/0x260
[   60.935042][ T4631]  vma_alloc_folio_noprof+0x1aa/0x300
[   60.935067][ T4631]  handle_mm_fault+0xec2/0x2be0
[   60.935150][ T4631]  ? vma_start_read+0x141/0x1f0
[   60.935229][ T4631]  do_user_addr_fault+0x630/0x1080
[   60.935262][ T4631]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   60.935304][ T4631]  exc_page_fault+0x62/0xa0
[   60.935339][ T4631]  asm_exc_page_fault+0x26/0x30
[   60.935411][ T4631] RIP: 0033:0x7f70a1ab0943
[   60.935429][ T4631] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   60.935449][ T4631] RSP: 002b:00007f70a064e4a0 EFLAGS: 00010206
[   60.935515][ T4631] RAX: 0000000000002000 RBX: 00007f70a064e540 RCX: 00007f709822f000
[   60.935528][ T4631] RDX: 00007f70a064e6e0 RSI: 0000000000000017 RDI: 00007f70a064e5e0
[   60.935541][ T4631] RBP: 000000000000000f R08: 0000000000000009 R09: 00000000000001ac
[   60.935555][ T4631] R10: 00000000000001b4 R11: 00007f70a064e540 R12: 0000000000000001
[   60.935568][ T4631] R13: 00007f70a1c8fc40 R14: 00000000000000ed R15: 00007f70a064e5e0
[   60.935588][ T4631]  </TASK>
[   60.935599][ T4631] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   61.115694][ T4631] loop3: detected capacity change from 0 to 512
[   61.132403][ T4631] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.361: bg 0: block 393: padding at end of block bitmap is not set
[   61.156066][ T4631] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   61.183918][ T4631] EXT4-fs (loop3): 2 truncates cleaned up
[   61.190637][ T4634] netlink: 8 bytes leftover after parsing attributes in process `syz.4.362'.
[   61.215140][ T4636] netlink: 24 bytes leftover after parsing attributes in process `syz.2.363'.
[   61.229770][ T4634] FAULT_INJECTION: forcing a failure.
[   61.229770][ T4634] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.244252][ T4634] CPU: 1 UID: 0 PID: 4634 Comm: syz.4.362 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.244356][ T4634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   61.244379][ T4634] Call Trace:
[   61.244386][ T4634]  <TASK>
[   61.244394][ T4634]  __dump_stack+0x1d/0x30
[   61.244418][ T4634]  dump_stack_lvl+0xe8/0x140
[   61.244441][ T4634]  dump_stack+0x15/0x1b
[   61.244462][ T4634]  should_fail_ex+0x265/0x280
[   61.244552][ T4634]  should_fail+0xb/0x20
[   61.244569][ T4634]  should_fail_usercopy+0x1a/0x20
[   61.244591][ T4634]  _copy_from_iter+0xd2/0xe80
[   61.244614][ T4634]  ? __build_skb_around+0x1ab/0x200
[   61.244699][ T4634]  ? __alloc_skb+0x223/0x320
[   61.244797][ T4634]  netlink_sendmsg+0x471/0x6b0
[   61.244819][ T4634]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.244864][ T4634]  __sock_sendmsg+0x145/0x180
[   61.244972][ T4634]  ____sys_sendmsg+0x31e/0x4e0
[   61.244994][ T4634]  ___sys_sendmsg+0x17b/0x1d0
[   61.245022][ T4634]  __x64_sys_sendmsg+0xd4/0x160
[   61.245042][ T4634]  x64_sys_call+0x191e/0x3000
[   61.245076][ T4634]  do_syscall_64+0xd2/0x200
[   61.245099][ T4634]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   61.245127][ T4634]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   61.245188][ T4634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.245285][ T4634] RIP: 0033:0x7f886704f749
[   61.245373][ T4634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.245393][ T4634] RSP: 002b:00007f8865aaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.245416][ T4634] RAX: ffffffffffffffda RBX: 00007f88672a5fa0 RCX: 00007f886704f749
[   61.245430][ T4634] RDX: 000000002000c800 RSI: 0000200000000380 RDI: 0000000000000006
[   61.245446][ T4634] RBP: 00007f8865aaf090 R08: 0000000000000000 R09: 0000000000000000
[   61.245461][ T4634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.245527][ T4634] R13: 00007f88672a6038 R14: 00007f88672a5fa0 R15: 00007ffeee6c98c8
[   61.245543][ T4634]  </TASK>
[   61.508042][ T4636] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4636 comm=syz.2.363
[   61.583803][ T4645] loop3: detected capacity change from 0 to 1024
[   61.627044][ T4645] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.750824][ T4669] program syz.4.375 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   61.764450][ T4667] netlink: 48 bytes leftover after parsing attributes in process `syz.0.374'.
[   61.801326][ T4664] FAULT_INJECTION: forcing a failure.
[   61.801326][ T4664] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.814575][ T4664] CPU: 0 UID: 0 PID: 4664 Comm: syz.3.373 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.814603][ T4664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   61.814614][ T4664] Call Trace:
[   61.814621][ T4664]  <TASK>
[   61.814628][ T4664]  __dump_stack+0x1d/0x30
[   61.814649][ T4664]  dump_stack_lvl+0xe8/0x140
[   61.814703][ T4664]  dump_stack+0x15/0x1b
[   61.814723][ T4664]  should_fail_ex+0x265/0x280
[   61.814759][ T4664]  should_fail+0xb/0x20
[   61.814792][ T4664]  should_fail_usercopy+0x1a/0x20
[   61.814815][ T4664]  _copy_from_user+0x1c/0xb0
[   61.814871][ T4664]  ___sys_sendmsg+0xc1/0x1d0
[   61.814904][ T4664]  __x64_sys_sendmsg+0xd4/0x160
[   61.814930][ T4664]  x64_sys_call+0x191e/0x3000
[   61.814955][ T4664]  do_syscall_64+0xd2/0x200
[   61.814988][ T4664]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   61.815094][ T4664]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   61.815131][ T4664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.815153][ T4664] RIP: 0033:0x7f70a1bef749
[   61.815174][ T4664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.815191][ T4664] RSP: 002b:00007f70a064f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.815211][ T4664] RAX: ffffffffffffffda RBX: 00007f70a1e45fa0 RCX: 00007f70a1bef749
[   61.815223][ T4664] RDX: 0000000000000090 RSI: 00002000000002c0 RDI: 0000000000000009
[   61.815235][ T4664] RBP: 00007f70a064f090 R08: 0000000000000000 R09: 0000000000000000
[   61.815285][ T4664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.815299][ T4664] R13: 00007f70a1e46038 R14: 00007f70a1e45fa0 R15: 00007fffc16e4678
[   61.815320][ T4664]  </TASK>
[   61.823208][ T4673] netlink: 'syz.0.377': attribute type 5 has an invalid length.
[   61.918732][ T4677] FAULT_INJECTION: forcing a failure.
[   61.918732][ T4677] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   62.010988][ T4677] CPU: 0 UID: 0 PID: 4677 Comm: syz.4.378 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.011016][ T4677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   62.011027][ T4677] Call Trace:
[   62.011034][ T4677]  <TASK>
[   62.011042][ T4677]  __dump_stack+0x1d/0x30
[   62.011097][ T4677]  dump_stack_lvl+0xe8/0x140
[   62.011116][ T4677]  dump_stack+0x15/0x1b
[   62.011206][ T4677]  should_fail_ex+0x265/0x280
[   62.011241][ T4677]  should_fail+0xb/0x20
[   62.011259][ T4677]  should_fail_usercopy+0x1a/0x20
[   62.011282][ T4677]  _copy_from_user+0x1c/0xb0
[   62.011368][ T4677]  kstrtouint_from_user+0x69/0xf0
[   62.011386][ T4677]  ? 0xffffffff81000000
[   62.011399][ T4677]  ? selinux_file_permission+0x1e4/0x320
[   62.011469][ T4677]  proc_fail_nth_write+0x50/0x160
[   62.011500][ T4677]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   62.011528][ T4677]  vfs_write+0x269/0x960
[   62.011553][ T4677]  ? __rcu_read_unlock+0x4f/0x70
[   62.011611][ T4677]  ? __fget_files+0x184/0x1c0
[   62.011641][ T4677]  ksys_write+0xda/0x1a0
[   62.011749][ T4677]  __x64_sys_write+0x40/0x50
[   62.011776][ T4677]  x64_sys_call+0x2802/0x3000
[   62.011797][ T4677]  do_syscall_64+0xd2/0x200
[   62.011817][ T4677]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   62.011846][ T4677]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   62.011887][ T4677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.011911][ T4677] RIP: 0033:0x7f886704e1ff
[   62.011929][ T4677] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   62.011946][ T4677] RSP: 002b:00007f8865aaf030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   62.011979][ T4677] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f886704e1ff
[   62.011991][ T4677] RDX: 0000000000000001 RSI: 00007f8865aaf0a0 RDI: 0000000000000007
[   62.012003][ T4677] RBP: 00007f8865aaf090 R08: 0000000000000000 R09: 0000000000000000
[   62.012016][ T4677] R10: 0000000000000009 R11: 0000000000000293 R12: 0000000000000001
[   62.012027][ T4677] R13: 00007f88672a6038 R14: 00007f88672a5fa0 R15: 00007ffeee6c98c8
[   62.012046][ T4677]  </TASK>
[   62.290248][ T4690] loop3: detected capacity change from 0 to 1024
[   62.299559][ T4692] loop4: detected capacity change from 0 to 256
[   62.325557][ T4692] FAT-fs (loop4): Directory bread(block 1285) failed
[   62.351560][ T4690] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.383744][ T4699] netlink: 48 bytes leftover after parsing attributes in process `syz.0.388'.
[   62.479054][ T4710] FAULT_INJECTION: forcing a failure.
[   62.479054][ T4710] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   62.492436][ T4710] CPU: 1 UID: 0 PID: 4710 Comm: syz.4.391 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.492466][ T4710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   62.492483][ T4710] Call Trace:
[   62.492489][ T4710]  <TASK>
[   62.492496][ T4710]  __dump_stack+0x1d/0x30
[   62.492525][ T4710]  dump_stack_lvl+0xe8/0x140
[   62.492547][ T4710]  dump_stack+0x15/0x1b
[   62.492566][ T4710]  should_fail_ex+0x265/0x280
[   62.492603][ T4710]  should_fail+0xb/0x20
[   62.492621][ T4710]  should_fail_usercopy+0x1a/0x20
[   62.492643][ T4710]  _copy_from_user+0x1c/0xb0
[   62.492670][ T4710]  ___sys_sendmsg+0xc1/0x1d0
[   62.492717][ T4710]  __x64_sys_sendmsg+0xd4/0x160
[   62.492743][ T4710]  x64_sys_call+0x191e/0x3000
[   62.492766][ T4710]  do_syscall_64+0xd2/0x200
[   62.492788][ T4710]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   62.492819][ T4710]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   62.492879][ T4710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.492915][ T4710] RIP: 0033:0x7f886704f749
[   62.492956][ T4710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.492977][ T4710] RSP: 002b:00007f8865aaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   62.493001][ T4710] RAX: ffffffffffffffda RBX: 00007f88672a5fa0 RCX: 00007f886704f749
[   62.493015][ T4710] RDX: 0000000004048000 RSI: 0000200000000200 RDI: 0000000000000003
[   62.493028][ T4710] RBP: 00007f8865aaf090 R08: 0000000000000000 R09: 0000000000000000
[   62.493047][ T4710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.493059][ T4710] R13: 00007f88672a6038 R14: 00007f88672a5fa0 R15: 00007ffeee6c98c8
[   62.493075][ T4710]  </TASK>
[   62.710045][ T4722] FAULT_INJECTION: forcing a failure.
[   62.710045][ T4722] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   62.723215][ T4722] CPU: 1 UID: 0 PID: 4722 Comm: syz.3.395 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.723246][ T4722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   62.723266][ T4722] Call Trace:
[   62.723274][ T4722]  <TASK>
[   62.723283][ T4722]  __dump_stack+0x1d/0x30
[   62.723309][ T4722]  dump_stack_lvl+0xe8/0x140
[   62.723353][ T4722]  dump_stack+0x15/0x1b
[   62.723372][ T4722]  should_fail_ex+0x265/0x280
[   62.723441][ T4722]  should_fail+0xb/0x20
[   62.723458][ T4722]  should_fail_usercopy+0x1a/0x20
[   62.723497][ T4722]  _copy_to_user+0x20/0xa0
[   62.723523][ T4722]  simple_read_from_buffer+0xb5/0x130
[   62.723549][ T4722]  proc_fail_nth_read+0x10e/0x150
[   62.723596][ T4722]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   62.723627][ T4722]  vfs_read+0x1a8/0x770
[   62.723654][ T4722]  ? putname+0xda/0x100
[   62.723761][ T4722]  ksys_read+0xda/0x1a0
[   62.723788][ T4722]  __x64_sys_read+0x40/0x50
[   62.723814][ T4722]  x64_sys_call+0x27c0/0x3000
[   62.723845][ T4722]  do_syscall_64+0xd2/0x200
[   62.723943][ T4722]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   62.723974][ T4722]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   62.724012][ T4722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.724059][ T4722] RIP: 0033:0x7f70a1bee15c
[   62.724077][ T4722] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   62.724123][ T4722] RSP: 002b:00007f70a064f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   62.724145][ T4722] RAX: ffffffffffffffda RBX: 00007f70a1e45fa0 RCX: 00007f70a1bee15c
[   62.724159][ T4722] RDX: 000000000000000f RSI: 00007f70a064f0a0 RDI: 0000000000000004
[   62.724239][ T4722] RBP: 00007f70a064f090 R08: 0000000000000000 R09: 0000000000000000
[   62.724254][ T4722] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001
[   62.724267][ T4722] R13: 00007f70a1e46038 R14: 00007f70a1e45fa0 R15: 00007fffc16e4678
[   62.724352][ T4722]  </TASK>
[   63.001140][ T4734] loop3: detected capacity change from 0 to 1024
[   63.039602][ T4734] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.081628][ T4747] loop4: detected capacity change from 0 to 2048
[   63.108276][ T4754] loop1: detected capacity change from 0 to 512
[   63.128114][ T4754] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   63.132810][ T4760] loop2: detected capacity change from 0 to 512
[   63.139767][ T4754] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   63.156795][ T4754] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.408: Corrupt directory, running e2fsck is recommended
[   63.159703][ T4756] loop3: detected capacity change from 0 to 512
[   63.191935][ T4760] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   63.203783][ T4760] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   63.213944][ T4760] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.407: Corrupt directory, running e2fsck is recommended
[   63.237675][ T4754] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   63.267711][ T4760] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   63.272971][ T4754] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.408: corrupted in-inode xattr: invalid ea_ino
[   63.276334][ T4760] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.407: corrupted in-inode xattr: invalid ea_ino
[   63.310160][ T4756] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   63.320773][ T4767] FAULT_INJECTION: forcing a failure.
[   63.320773][ T4767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.333992][ T4767] CPU: 1 UID: 0 PID: 4767 Comm: syz.0.411 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.334022][ T4767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   63.334035][ T4767] Call Trace:
[   63.334043][ T4767]  <TASK>
[   63.334119][ T4767]  __dump_stack+0x1d/0x30
[   63.334145][ T4767]  dump_stack_lvl+0xe8/0x140
[   63.334168][ T4767]  dump_stack+0x15/0x1b
[   63.334188][ T4767]  should_fail_ex+0x265/0x280
[   63.334225][ T4767]  should_fail+0xb/0x20
[   63.334325][ T4767]  should_fail_usercopy+0x1a/0x20
[   63.334349][ T4767]  _copy_to_user+0x20/0xa0
[   63.334376][ T4767]  simple_read_from_buffer+0xb5/0x130
[   63.334466][ T4767]  proc_fail_nth_read+0x10e/0x150
[   63.334502][ T4767]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   63.334538][ T4767]  vfs_read+0x1a8/0x770
[   63.334576][ T4767]  ? __rcu_read_unlock+0x4f/0x70
[   63.334602][ T4767]  ? __fget_files+0x184/0x1c0
[   63.334677][ T4767]  ksys_read+0xda/0x1a0
[   63.334706][ T4767]  __x64_sys_read+0x40/0x50
[   63.334776][ T4767]  x64_sys_call+0x27c0/0x3000
[   63.334810][ T4767]  do_syscall_64+0xd2/0x200
[   63.334835][ T4767]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   63.334864][ T4767]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   63.334972][ T4767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.334997][ T4767] RIP: 0033:0x7f4320b8e15c
[   63.335016][ T4767] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   63.335037][ T4767] RSP: 002b:00007f431f5d6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   63.335061][ T4767] RAX: ffffffffffffffda RBX: 00007f4320de6090 RCX: 00007f4320b8e15c
[   63.335097][ T4767] RDX: 000000000000000f RSI: 00007f431f5d60a0 RDI: 0000000000000006
[   63.335111][ T4767] RBP: 00007f431f5d6090 R08: 0000000000000000 R09: 0000000000000000
[   63.335191][ T4767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.335204][ T4767] R13: 00007f4320de6128 R14: 00007f4320de6090 R15: 00007fffd73fd248
[   63.335221][ T4767]  </TASK>
[   63.337306][ T4760] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.407: couldn't read orphan inode 15 (err -117)
[   63.384092][ T4754] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.408: couldn't read orphan inode 15 (err -117)
[   63.390125][ T4756] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.406: invalid indirect mapped block 4294967295 (level 0)
[   63.422146][ T4754] bond3: entered promiscuous mode
[   63.425422][ T4756] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.406: invalid indirect mapped block 4294967295 (level 1)
[   63.438925][ T4760] bond4: entered promiscuous mode
[   63.444490][ T4756] EXT4-fs (loop3): 1 orphan inode deleted
[   63.451239][ T4754] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   63.455645][ T4756] EXT4-fs (loop3): 1 truncate cleaned up
[   63.461551][ T4754] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   63.557824][ T4775] loop4: detected capacity change from 0 to 512
[   63.561312][ T4754] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.408: Corrupt directory, running e2fsck is recommended
[   63.576066][ T4776] netlink: 48 bytes leftover after parsing attributes in process `syz.3.406'.
[   63.584069][ T4754] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 3: comm syz.1.408: path /45/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   63.657089][ T4779] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   63.686990][ T4754] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 64: comm syz.1.408: path /45/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   63.692250][ T4779] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   63.722639][ T4779] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.407: Corrupt directory, running e2fsck is recommended
[   63.735920][ T4775] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   63.735948][ T4775] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   63.736026][ T4779] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.407: path /70/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   63.736037][ T4775] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.412: Corrupt directory, running e2fsck is recommended
[   63.736222][ T4775] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   63.736474][ T4775] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.412: corrupted in-inode xattr: invalid ea_ino
[   63.743427][ T4775] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.412: couldn't read orphan inode 15 (err -117)
[   63.748496][ T4779] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 64: comm syz.2.407: path /70/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   63.788384][ T4774] bond4: entered promiscuous mode
[   63.909417][ T4785] FAULT_INJECTION: forcing a failure.
[   63.909417][ T4785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.922711][ T4785] CPU: 1 UID: 0 PID: 4785 Comm: syz.0.414 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.922742][ T4785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   63.922760][ T4785] Call Trace:
[   63.922768][ T4785]  <TASK>
[   63.922777][ T4785]  __dump_stack+0x1d/0x30
[   63.922811][ T4785]  dump_stack_lvl+0xe8/0x140
[   63.922835][ T4785]  dump_stack+0x15/0x1b
[   63.922856][ T4785]  should_fail_ex+0x265/0x280
[   63.922959][ T4785]  should_fail+0xb/0x20
[   63.923035][ T4785]  should_fail_usercopy+0x1a/0x20
[   63.923058][ T4785]  _copy_from_iter+0xd2/0xe80
[   63.923081][ T4785]  ? __build_skb_around+0x1ab/0x200
[   63.923114][ T4785]  ? __alloc_skb+0x223/0x320
[   63.923224][ T4785]  netlink_sendmsg+0x471/0x6b0
[   63.923248][ T4785]  ? __pfx_netlink_sendmsg+0x10/0x10
[   63.923271][ T4785]  __sock_sendmsg+0x145/0x180
[   63.923297][ T4785]  ____sys_sendmsg+0x31e/0x4e0
[   63.923318][ T4785]  ___sys_sendmsg+0x17b/0x1d0
[   63.923410][ T4785]  __x64_sys_sendmsg+0xd4/0x160
[   63.923433][ T4785]  x64_sys_call+0x191e/0x3000
[   63.923499][ T4785]  do_syscall_64+0xd2/0x200
[   63.923518][ T4785]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   63.923545][ T4785]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   63.923582][ T4785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.923680][ T4785] RIP: 0033:0x7f4320b8f749
[   63.923698][ T4785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.923717][ T4785] RSP: 002b:00007f431f5f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   63.923759][ T4785] RAX: ffffffffffffffda RBX: 00007f4320de5fa0 RCX: 00007f4320b8f749
[   63.923839][ T4785] RDX: 0000000000000810 RSI: 0000200000000280 RDI: 0000000000000004
[   63.923851][ T4785] RBP: 00007f431f5f7090 R08: 0000000000000000 R09: 0000000000000000
[   63.923862][ T4785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.923872][ T4785] R13: 00007f4320de6038 R14: 00007f4320de5fa0 R15: 00007fffd73fd248
[   63.923888][ T4785]  </TASK>
[   63.925119][ T4774] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   63.972805][   T29] kauditd_printk_skb: 213 callbacks suppressed
[   63.972821][   T29] audit: type=1400 audit(1764012903.296:2075): avc:  denied  { connect } for  pid=4786 comm="syz.1.413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   63.974198][ T4774] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   63.979461][   T29] audit: type=1326 audit(1764012903.316:2076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4786 comm="syz.1.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   63.984120][ T4774] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.412: Corrupt directory, running e2fsck is recommended
[   63.989378][   T29] audit: type=1326 audit(1764012903.316:2077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4786 comm="syz.1.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   63.994382][ T4774] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.412: path /94/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   63.999049][   T29] audit: type=1326 audit(1764012903.316:2078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4786 comm="syz.1.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   64.004893][ T4774] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 64: comm syz.4.412: path /94/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   64.009026][   T29] audit: type=1326 audit(1764012903.316:2079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4786 comm="syz.1.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   64.009057][   T29] audit: type=1326 audit(1764012903.316:2080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4786 comm="syz.1.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   64.009125][   T29] audit: type=1326 audit(1764012903.316:2081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4786 comm="syz.1.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   64.370583][   T29] audit: type=1326 audit(1764012903.316:2082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4786 comm="syz.1.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   64.394112][   T29] audit: type=1326 audit(1764012903.316:2083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4786 comm="syz.1.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   64.417935][   T29] audit: type=1326 audit(1764012903.326:2084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4786 comm="syz.1.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79c0ff749 code=0x7ffc0000
[   64.475787][ T4790] loop3: detected capacity change from 0 to 1024
[   64.492272][ T4790] EXT4-fs: Ignoring removed bh option
[   64.512669][ T4790] EXT4-fs: inline encryption not supported
[   64.530641][ T4794] loop4: detected capacity change from 0 to 1024
[   64.541418][ T4790] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   64.553702][ T4790] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   64.563719][ T4790] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.415: lblock 2 mapped to illegal pblock 2 (length 1)
[   64.587564][ T4790] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.415: lblock 0 mapped to illegal pblock 48 (length 1)
[   64.610908][ T4794] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.632052][ T4790] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.415: Failed to acquire dquot type 0
[   64.651063][ T4790] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   64.661518][ T4790] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.415: mark_inode_dirty error
[   64.674086][ T4790] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   64.685626][ T4790] EXT4-fs (loop3): 1 orphan inode deleted
[   64.698267][ T3589] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:11: lblock 1 mapped to illegal pblock 1 (length 1)
[   64.709799][ T4798] loop2: detected capacity change from 0 to 512
[   64.719160][ T3589] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:11: Failed to release dquot type 0
[   64.748203][ T4798] EXT4-fs: Ignoring removed orlov option
[   64.760565][ T4790] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 16: comm syz.3.415: lblock 0 mapped to illegal pblock 16 (length 1)
[   64.775286][ T4798] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   64.785221][ T4790] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 16: comm syz.3.415: lblock 0 mapped to illegal pblock 16 (length 1)
[   64.801456][ T4798] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.419: corrupted in-inode xattr: e_value size too large
[   64.825476][ T4816] netlink: 24 bytes leftover after parsing attributes in process `syz.4.423'.
[   64.828476][ T4798] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.419: couldn't read orphan inode 15 (err -117)
[   64.839216][ T4790] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   64.881377][ T4816] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4816 comm=syz.4.423
[   64.917715][ T4818] loop2: detected capacity change from 0 to 512
[   64.948766][ T4818] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   64.960830][ T4818] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   64.971308][ T4818] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.424: Corrupt directory, running e2fsck is recommended
[   64.985552][ T4818] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   64.994683][ T4818] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.424: corrupted in-inode xattr: invalid ea_ino
[   65.008719][ T4825] loop4: detected capacity change from 0 to 512
[   65.008758][ T4818] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.424: couldn't read orphan inode 15 (err -117)
[   65.034455][ T4825] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   65.046658][ T4825] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   65.057103][ T4825] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.427: Corrupt directory, running e2fsck is recommended
[   65.074294][ T4825] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   65.081894][ T4827] loop3: detected capacity change from 0 to 512
[   65.087897][ T4818] bond5: entered promiscuous mode
[   65.094207][ T4825] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.427: corrupted in-inode xattr: invalid ea_ino
[   65.108055][ T4827] EXT4-fs: Ignoring removed oldalloc option
[   65.110658][ T4818] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   65.118685][ T4825] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.427: couldn't read orphan inode 15 (err -117)
[   65.125977][ T4818] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   65.144235][ T4827] EXT4-fs (loop3): 1 truncate cleaned up
[   65.148160][ T4818] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.424: Corrupt directory, running e2fsck is recommended
[   65.160434][ T4825] bond5: entered promiscuous mode
[   65.170380][ T4818] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.424: path /73/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   65.207128][ T4818] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 64: comm syz.2.424: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   65.250791][ T4825] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   65.262354][ T4825] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   65.272499][ T4825] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.427: Corrupt directory, running e2fsck is recommended
[   65.285952][ T4825] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.427: path /98/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   65.310016][ T4825] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 64: comm syz.4.427: path /98/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   65.336465][ T4836] loop3: detected capacity change from 0 to 1024
[   65.363050][ T4839] netlink: 24 bytes leftover after parsing attributes in process `syz.0.432'.
[   65.393612][ T4836] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.415461][ T4839] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4839 comm=syz.0.432
[   65.507017][ T4854] loop4: detected capacity change from 0 to 512
[   65.533004][ T4854] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.643652][ T4866] loop3: detected capacity change from 0 to 1024
[   65.659363][ T4860] xt_TPROXY: Can be used only with -p tcp or -p udp
[   65.689808][ T4866] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.716657][ T4868] bond9: entered promiscuous mode
[   65.743192][ T4875] program syz.4.442 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   65.793842][ T4866] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.438: lblock 3 mapped to illegal pblock 3 (length 3)
[   65.809884][ T4866] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[   65.822445][ T4866] EXT4-fs (loop3): This should not happen!! Data will be lost
[   65.822445][ T4866] 
[   65.870010][   T60] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:4: lblock 8 mapped to illegal pblock 8 (length 8)
[   65.891059][   T60] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[   65.903725][   T60] EXT4-fs (loop3): This should not happen!! Data will be lost
[   65.903725][   T60] 
[   65.933354][ T4891] loop3: detected capacity change from 0 to 1024
[   65.944962][ T4891] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   65.960738][ T4891] EXT4-fs (loop3): mount failed
[   66.039973][ T4898] capability: warning: `syz.1.450' uses deprecated v2 capabilities in a way that may be insecure
[   66.282190][ T4902] loop2: detected capacity change from 0 to 512
[   66.289037][ T4902] EXT4-fs: Ignoring removed orlov option
[   66.295490][ T4902] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   66.304815][ T4902] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.451: corrupted in-inode xattr: e_value size too large
[   66.319287][ T4902] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.451: couldn't read orphan inode 15 (err -117)
[   66.426358][ T4909] loop2: detected capacity change from 0 to 512
[   66.439462][ T4909] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   66.451221][ T4909] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   66.461450][ T4909] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.454: Corrupt directory, running e2fsck is recommended
[   66.474481][ T4909] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   66.483087][ T4909] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.454: corrupted in-inode xattr: invalid ea_ino
[   66.496746][ T4909] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.454: couldn't read orphan inode 15 (err -117)
[   66.516799][ T4909] bond6: entered promiscuous mode
[   66.558127][ T4909] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   66.569719][ T4909] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   66.580115][ T4909] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.454: Corrupt directory, running e2fsck is recommended
[   66.593333][ T4909] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.454: path /78/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[   66.615777][ T4909] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 64: comm syz.2.454: path /78/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   66.673991][ T4919] vlan2: entered allmulticast mode
[   66.702789][ T4922] loop2: detected capacity change from 0 to 1024
[   66.723788][ T4922] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.849488][ T4933] ==================================================================
[   66.857624][ T4933] BUG: KCSAN: data-race in fsnotify_detach_mark / inotify_handle_inode_event
[   66.866592][ T4933] 
[   66.868923][ T4933] write to 0xffff888104394a94 of 4 bytes by task 4929 on cpu 1:
[   66.876641][ T4933]  fsnotify_detach_mark+0xba/0x160
[   66.881770][ T4933]  fsnotify_clear_marks_by_group+0x2f9/0x4b0
[   66.887773][ T4933]  fsnotify_destroy_group+0x53/0x180
[   66.893064][ T4933]  inotify_release+0x1f/0x30
[   66.897755][ T4933]  __fput+0x29b/0x650
[   66.901773][ T4933]  ____fput+0x1c/0x30
[   66.905849][ T4933]  task_work_run+0x131/0x1a0
[   66.910535][ T4933]  exit_to_user_mode_loop+0xed/0x110
[   66.916007][ T4933]  do_syscall_64+0x1d6/0x200
[   66.920603][ T4933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.926501][ T4933] 
[   66.928834][ T4933] read to 0xffff888104394a94 of 4 bytes by task 4933 on cpu 0:
[   66.936380][ T4933]  inotify_handle_inode_event+0x34e/0x3d0
[   66.942110][ T4933]  fsnotify_handle_inode_event+0x1c0/0x220
[   66.948023][ T4933]  fsnotify+0x1296/0x14b0
[   66.952588][ T4933]  __fsnotify_parent+0x29e/0x330
[   66.957532][ T4933]  vfs_open+0x19c/0x1e0
[   66.962063][ T4933]  path_openat+0x1c5e/0x2170
[   66.966746][ T4933]  do_filp_open+0x109/0x230
[   66.971256][ T4933]  do_sys_openat2+0xa6/0x110
[   66.975846][ T4933]  __x64_sys_open+0xe6/0x110
[   66.980441][ T4933]  x64_sys_call+0x1457/0x3000
[   66.985132][ T4933]  do_syscall_64+0xd2/0x200
[   66.989657][ T4933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.995578][ T4933] 
[   66.998079][ T4933] value changed: 0x00000033 -> 0x00000030
[   67.003796][ T4933] 
[   67.006125][ T4933] Reported by Kernel Concurrency Sanitizer on:
[   67.012273][ T4933] CPU: 0 UID: 0 PID: 4933 Comm: syz.2.461 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.022097][ T4933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   67.032260][ T4933] ==================================================================