last executing test programs:

2.043509671s ago: executing program 3 (id=2376):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x5, 0x7, 0x8, 0x5, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
close(r0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001e80)={&(0x7f0000000180)=@abs={0x1, 0x5c, 0x1}, 0x6e, 0x0}, 0x20000)
ioctl$TUNGETVNETLE(r0, 0x40047451, &(0x7f0000000180))

1.833783744s ago: executing program 3 (id=2382):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)='cpuset.mem_hardwall\x00', 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080))

1.572823958s ago: executing program 3 (id=2392):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r1}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bond_slave_1\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8922, &(0x7f0000000080))

1.572502978s ago: executing program 0 (id=2393):
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=@base={0x11, 0x4, 0x4, 0x1000ff, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)

1.40166604s ago: executing program 0 (id=2397):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000f5ffffff00000058110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000fcffffff000000008000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a6000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000fe0300850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.40117435s ago: executing program 3 (id=2398):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
close(r1)

1.336739721s ago: executing program 0 (id=2400):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, @void, @value}, 0x94)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000280)={'wg2\x00'})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})

1.202772543s ago: executing program 3 (id=2404):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000a700000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r1}, 0x3d)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r2}, 0x3d)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000001ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)

1.158062784s ago: executing program 0 (id=2406):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080))

1.143876694s ago: executing program 3 (id=2407):
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$can_bcm(0x1d, 0x2, 0x2)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cc2e210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba073f9a5368916b8f96ee3a4fc66ac84c849926bf8de0c718b627022d027cf18244f7975d7439581da545b4cac04ef40d90c8361519aca4cb1753d8ce98dc6b4b2d59c4ffe231a076fba9561e2bf8a640a684ef7261b3a3d79195c9b067f41d2e5f033c901e9021b", @ANYRES16], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[], 0xfc}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newsa={0x138, 0x10, 0x600, 0xfffffffd, 0x25dfdbfd, {{@in=@multicast2, @in=@local, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}, {@in6=@mcast1, 0xfffffffd, 0x6c}, @in=@broadcast, {0x0, 0x0, 0x0, 0x8, 0x0, 0x8}, {0x0, 0xfffffffffffffffd, 0x0, 0xbdf}, {0x7fffffff, 0x3, 0xb}, 0x70bd27, 0x3ffc, 0xa, 0x0, 0x0, 0x44}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5}, 0x80, 0x0}, 0x20000000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
write$vga_arbiter(0xffffffffffffffff, 0x0, 0x14)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
setitimer(0x2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
writev(r5, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x100000}], 0x1)

1.108430474s ago: executing program 0 (id=2410):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0xfffffd26)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x401c5820, &(0x7f00000001c0)=0x8)

1.033847425s ago: executing program 2 (id=2411):
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x800000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
unshare(0x28020480)
r6 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0xb, 0x6, 0x2, 0x22, 0x7fffffffffffffff, 0x3, 0x6, 0x9, 0x16, 0x40, 0x3a0, 0xffff, 0x3ff, 0x38, 0x2, 0x8000, 0x1, 0x3}, [{0x6474e551, 0x1, 0x0, 0x1, 0x288aa002, 0x0, 0x5, 0x7}, {0x60000000, 0x81, 0x1000, 0x5, 0xfffffffffffffc16, 0x4, 0x1, 0x8}], "ffd221620537b2065c92f74b1eeac48a4369d394224a691f7e66d3e86ce4691d1616cb7772d5a5912fbbc62a45eb7888cf647e5a7496e825c08c08357966dd27d94546f6a971e16a11b9f116397e070ca9f3a1f83ce654879343d165070c7fc1c10689ab30f4625a157029f9eb8551c58e9c37d70da91986996aa6be5d1522b63088457c2b1f2a2bb96430f5737150c4b07d020e294300e45a7c726e5b92f8a43a47f60bf7a1a32d08dfb06b58b036d013e278e482a107280b4206be55528acc1c442228e4a81d5acf03876a", ['\x00', '\x00', '\x00', '\x00']}, 0x57c)
fstat(r6, &(0x7f00000003c0))
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x29a83a768e447add)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd2d, 0x20000000, {0x0, 0x0, 0x0, r5, {0x5, 0x2}, {}, {0x5, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$TIOCSETD(r3, 0x5423, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x3)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x10)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000c80)=@newsa={0x188, 0x10, 0x4, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@loopback, 0x4, 0x0, 0x0, 0x8, 0x2, 0x80, 0x0, 0x5e}, {@in6=@loopback, 0x4d4, 0x32}, @in=@dev, {0xfffffffffffffffd, 0x400000000000000, 0x1, 0x0, 0x0, 0x7}, {0x3, 0x200000000, 0x0, 0x100000}, {0x0, 0x3}, 0x70bd27, 0x0, 0x2, 0x4}, [@algo_crypt={0x98, 0x2, {{'ecb(cipher_null)\x00'}, 0x280, "572070b2a25c00d9341aae959a6a3be2625ba3e75c89e40a38fe35e1de5243dcb2fb5e84babab3009fdd7dd5e084055c39e37c46089e64855b378e8dd9b7a041df6cb2c42e029dbc78108ca78545fcd5"}}]}, 0x188}, 0x1, 0x0, 0x0, 0x24000011}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')

1.022505575s ago: executing program 4 (id=2412):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

652.212921ms ago: executing program 4 (id=2416):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f00000001c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))

627.204371ms ago: executing program 0 (id=2417):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x40000030, 0x0)

586.294841ms ago: executing program 4 (id=2420):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket(0x2, 0x80805, 0x0)
socket$kcm(0x10, 0x2, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x2a, 0x2, 0x400000)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n', @ANYRES32], 0x54}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

535.759112ms ago: executing program 4 (id=2421):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080))

384.726194ms ago: executing program 4 (id=2424):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x3c1, 0x3, 0x368, 0x180, 0x940c, 0x3002, 0x180, 0x2c0, 0x298, 0x3d8, 0x3d8, 0x298, 0x3d8, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private1, [0xffffff00, 0xffffff00, 0xffffffff, 0xffffff00], [0xffffffff, 0xffffffff, 0xff000000, 0xff], 'geneve0\x00', 'veth1_to_bridge\x00', {}, {0xff}, 0x84, 0x81, 0x2, 0x1d}, 0x0, 0x120, 0x180, 0x0, {}, [@common=@hl={{0x28}, {0x1, 0x7}}, @common=@inet=@multiport={{0x50}, {0x1, 0xb, [0x4e24, 0x4e22, 0x4e23, 0x4e22, 0x4e24, 0x4e24, 0x4e21, 0x4e22, 0x4e20, 0x4e20, 0x4e23, 0x4e24, 0x4e22, 0x4e22, 0x4e21], [0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x10]}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@broadcast, [0x0, 0xff000000, 0xffffffff, 0xff], 0x4e24, 0x4e21, 0x4e22, 0x4e21, 0xf, 0x21e8, 0x9, 0x1, 0x1}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xe}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@multicast1, 'veth1_to_team\x00', {0x12}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c8)

352.451415ms ago: executing program 4 (id=2425):
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8c57, &(0x7f0000000340)=ANY=[@ANYRES8=r0], 0xf5, 0x2e6, &(0x7f0000000540)="$eJzs3ctrE18UwPGTV5O0v/6ShYiIwqWCKNKhCbhz0SItiAGlbQQrCFM71ZBpUjKhEBGbheDWtYsuXIoggjs3Im678S/wteumOwsWR6Yzk6bJGNNqX/b7WTSnOffMvZm56eO2uVm59GSuOGtp321XdFjqshaStIQlIq66nH+/9On0xLv/3M+VGhuZzGSVCovIrQcvBt5W+268/v9NXJbTt1dWs1+XT02K/Ji8V7BUwVIl21a6mi6XqyGneKZgFTWlrpuGbhmqULKMStXL69OmoWbN8vx8Temlmf7e+YphWUov1VTRqKlqWVUrNaXf1QslpWma6u8ViEi6EYXbcqFOhfnna7Ytq86Fj9fFtu2A1nU/iHm38T8bLA6SluvfsW3b5Ijs5siwF9bsaNfXH/8e9/n/+SnX/2iauDl1dSSXGx1XKiEy93ghv5B3b938xz4piCmGLI1fmFoXsRsk5Hwcu5IbHVIb0nJ2btGrX1zIu98cRma9+oyknJ9TmurFr8+49WprfUx6m+uzkpJjwfVZv17CTfU9cu5MU70mKflwR8piyow4tZv1DzNKXb6Wa+k/udEOAAAAAAAAAIDDSFMNm+v3oc0/9WpafOM/Phr5pHOv087NN9bXhyQl68Hr80OB6/tRORndv8cNAAAAAMBRYtXuF3XTNCq7E0SeJTt0ERMRJxB5NOAMpuMBj3sj7q73HhFpT0U6d7ElSF50+3s57g1MdvNE/aXAf7FGUTdf+amkBDUOb2sCDPYEnvnEnj5A6aaxJHY2seNdT63WILTu33MisI0d+v1xbN2Mba/34W09HX4ZJFpP1OAX97hmhy8a3xpLfAAAAAAOkaZfnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD7Z0eZh/r79W1PivUV8+5Zsre8Tz77/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6gnwEAAP//JZK+GA==")
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
rename(&(0x7f0000000300)='./file0\x00', &(0x7f0000000380)='./file0\x00')
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r2, @ANYBLOB="00001700000000001c0037800b0003006970768a616e00000c0002800600010000000000050027", @ANYRESOCT=r1, @ANYRESDEC=r2], 0x44}}, 0x814)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = eventfd2(0x0, 0x0)
read$eventfd(r5, &(0x7f0000000040), 0x8)

218.030567ms ago: executing program 1 (id=2428):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x4, 0x590, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x1}, 0x11442, 0x5, 0x0, 0x1, 0x9, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
creat(&(0x7f0000000300)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r3, 0x0, 0x0}, 0x10)

217.701207ms ago: executing program 1 (id=2429):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = gettid()
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r4, &(0x7f0000000200)=""/209, 0xd1)
tkill(r3, 0x7)

210.275097ms ago: executing program 2 (id=2430):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x4, 0x590, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x1}, 0x11442, 0x5, 0x0, 0x1, 0x9, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
fchdir(r2)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = gettid()
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000380)={'\x00', 0x1, 0x6, 0x4, 0xc, 0x1, r9})
write$qrtrtun(r7, &(0x7f0000000900)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8458e6f5f76e0e4e781bfca4c928c956321dd514877569805db6602f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26ce40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8356985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35c498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c1761f1322b03cc9ea586d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f9156e35424", 0x45c)
r10 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r8, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r10, 0x0, 0x0}, 0x10)
open(&(0x7f0000000280)='.\x00', 0x0, 0x8)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r11 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
writev(r11, &(0x7f0000000880)=[{&(0x7f0000001200)='0', 0x1}, {0x0}], 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

168.989897ms ago: executing program 2 (id=2431):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r3, 0x4b72, &(0x7f0000000440)={0x1, 0x0, 0x12, 0x11, 0x17b, &(0x7f0000000540)})

147.766398ms ago: executing program 2 (id=2432):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket(0x2, 0x80805, 0x0)
socket$kcm(0x10, 0x2, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x2a, 0x2, 0x400000)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080))
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

137.211778ms ago: executing program 1 (id=2433):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
close(r1)
statx(r0, &(0x7f0000000580)='./file0\x00', 0x400, 0x40, &(0x7f0000000680))
epoll_create(0x4)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@deltaction={0x44, 0x18, 0x200, 0x70bd2d, 0x25dfdbfc, {0xa}, [@TCA_ACT_TAB={0x30, 0x1, [{0x10, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0x10, &(0x7f0000000280)=ANY=[@ANYRES32=r3, @ANYRES8=r3, @ANYRESHEX=r2], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mknod$loop(0x0, 0x100000000000600d, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r6 = socket$kcm(0x2, 0x5, 0x84)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40000, 0x0, 0x0)
sendmsg$inet(r6, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0xe23, @remote}, 0x10, &(0x7f0000000680)}, 0x44864)
setsockopt$sock_attach_bpf(r6, 0x84, 0x1e, &(0x7f0000000000), 0x10)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_buf(r4, 0x1, 0x3b, 0x0, &(0x7f0000000380))
ioctl$sock_inet_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x0, @remote}})
ioctl$sock_inet_SIOCSIFADDR(r7, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @broadcast}})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10024, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x48000000000000, 0x89}, 0x9, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

82.642118ms ago: executing program 1 (id=2434):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080))

59.576759ms ago: executing program 2 (id=2435):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[], 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r3, 0x4b72, &(0x7f0000000440)={0x1, 0x0, 0x12, 0x11, 0x17b, &(0x7f0000000540)})

38.613839ms ago: executing program 1 (id=2436):
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x800000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
unshare(0x28020480)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0xb, 0x6, 0x2, 0x22, 0x7fffffffffffffff, 0x3, 0x6, 0x9, 0x16, 0x40, 0x3a0, 0xffff, 0x3ff, 0x38, 0x2, 0x8000, 0x1, 0x3}, [{0x6474e551, 0x1, 0x0, 0x1, 0x288aa002, 0x0, 0x5, 0x7}, {0x60000000, 0x81, 0x1000, 0x5, 0xfffffffffffffc16, 0x4, 0x1, 0x8}], "ffd221620537b2065c92f74b1eeac48a4369d394224a691f7e66d3e86ce4691d1616cb7772d5a5912fbbc62a45eb7888cf647e5a7496e825c08c08357966dd27d94546f6a971e16a11b9f116397e070ca9f3a1f83ce654879343d165070c7fc1c10689ab30f4625a157029f9eb8551c58e9c37d70da91986996aa6be5d1522b63088457c2b1f2a2bb96430f5737150c4b07d020e294300e45a7c726e5b92f8a43a47f60bf7a1a32d08dfb06b58b036d013e278e482a107280b4206be55528acc1c442228e4a81d5acf03876a", ['\x00', '\x00', '\x00', '\x00']}, 0x57c)
fstat(0xffffffffffffffff, &(0x7f00000003c0))
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x29a83a768e447add)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd2d, 0x20000000, {0x0, 0x0, 0x0, r3, {0x5, 0x2}, {}, {0x5, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, 0x0, 0x0, 0x0)

508.78µs ago: executing program 1 (id=2437):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
syz_read_part_table(0x60d, &(0x7f0000002240)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105002, 0xdf)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x100000}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000080)='\x00')
getrlimit(0xc, &(0x7f0000000180))
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
set_tid_address(0x0)
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000280)=<r5=>0x0)
move_pages(r5, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000000280), &(0x7f0000000240)=[0x0, 0x0, 0x0], 0x6)

0s ago: executing program 2 (id=2438):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff00, @void, @value}, 0x94)

kernel console output (not intermixed with test programs):

13429][ T6460]  do_syscall_64+0xd2/0x200
[  124.913454][ T6460]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.913479][ T6460]  ? clear_bhb_loop+0x40/0x90
[  124.913505][ T6460]  ? clear_bhb_loop+0x40/0x90
[  124.913597][ T6460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.913622][ T6460] RIP: 0033:0x7f807fdfe969
[  124.913641][ T6460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.913663][ T6460] RSP: 002b:00007f807e467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  124.913686][ T6460] RAX: ffffffffffffffda RBX: 00007f8080025fa0 RCX: 00007f807fdfe969
[  124.913701][ T6460] RDX: 0000000000002162 RSI: 0000200000000340 RDI: 0000000000000004
[  124.913779][ T6460] RBP: 00007f807e467090 R08: 0000000000000000 R09: 0000000000000000
[  124.913794][ T6460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.913809][ T6460] R13: 0000000000000000 R14: 00007f8080025fa0 R15: 00007fffa7a6c8c8
[  124.913834][ T6460]  </TASK>
[  125.187461][ T6477] loop0: detected capacity change from 0 to 512
[  125.202475][ T6477] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  125.212195][ T6477] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  125.225469][ T6477] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  125.234975][ T6477] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  125.243866][ T6477] System zones: 0-2, 18-18, 34-35
[  125.249776][ T6477] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.282495][ T6477] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1039: bg 0: block 353: padding at end of block bitmap is not set
[  125.324105][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.338183][ T6483] SELinux: syz.3.1041 (6483) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  125.358045][ T6487] loop4: detected capacity change from 0 to 512
[  125.366428][ T6487] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  125.374616][ T6487] System zones: 1-12
[  125.378907][ T6487] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 3: comm syz.4.1042: lblock 0 mapped to illegal pblock 3 (length 1)
[  125.393544][ T6487] EXT4-fs warning (device loop4): dx_probe:791: inode #2: lblock 0: comm syz.4.1042: error -117 reading directory block
[  125.406657][ T6487] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  125.415831][ T6487] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.428717][ T6487] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #2: comm syz.4.1042: corrupted xattr block 255: invalid header
[  125.455955][ T6487] SELinux: (dev loop4, type ext4) getxattr errno 117
[  125.467903][ T6487] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.501141][ T6487] netlink: 'syz.4.1042': attribute type 21 has an invalid length.
[  125.510774][ T6487] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1042'.
[  125.527381][ T6498] FAULT_INJECTION: forcing a failure.
[  125.527381][ T6498] name failslab, interval 1, probability 0, space 0, times 0
[  125.540179][ T6498] CPU: 0 UID: 0 PID: 6498 Comm: syz.0.1046 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  125.540250][ T6498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.540266][ T6498] Call Trace:
[  125.540274][ T6498]  <TASK>
[  125.540283][ T6498]  __dump_stack+0x1d/0x30
[  125.540309][ T6498]  dump_stack_lvl+0xe8/0x140
[  125.540378][ T6498]  dump_stack+0x15/0x1b
[  125.540400][ T6498]  should_fail_ex+0x265/0x280
[  125.540441][ T6498]  ? netstat_seq_show+0xa6/0xb60
[  125.540473][ T6498]  should_failslab+0x8c/0xb0
[  125.540573][ T6498]  __kmalloc_cache_noprof+0x4c/0x320
[  125.540607][ T6498]  netstat_seq_show+0xa6/0xb60
[  125.540634][ T6498]  ? __kvmalloc_node_noprof+0x39b/0x4f0
[  125.540668][ T6498]  ? seq_read_iter+0x13e/0x940
[  125.540731][ T6498]  seq_read_iter+0x316/0x940
[  125.540772][ T6498]  seq_read+0x1f7/0x240
[  125.540842][ T6498]  ? __pfx_seq_read+0x10/0x10
[  125.540873][ T6498]  proc_reg_read+0x128/0x1c0
[  125.540903][ T6498]  ? __pfx_proc_reg_read+0x10/0x10
[  125.540932][ T6498]  vfs_read+0x1a0/0x6f0
[  125.540998][ T6498]  ? __rcu_read_unlock+0x4f/0x70
[  125.541026][ T6498]  ? __fget_files+0x184/0x1c0
[  125.541055][ T6498]  ksys_read+0xda/0x1a0
[  125.541089][ T6498]  __x64_sys_read+0x40/0x50
[  125.541109][ T6498]  x64_sys_call+0x2d77/0x2fb0
[  125.541137][ T6498]  do_syscall_64+0xd2/0x200
[  125.541170][ T6498]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.541224][ T6498]  ? clear_bhb_loop+0x40/0x90
[  125.541257][ T6498]  ? clear_bhb_loop+0x40/0x90
[  125.541284][ T6498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.541310][ T6498] RIP: 0033:0x7f2b414de969
[  125.541328][ T6498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.541349][ T6498] RSP: 002b:00007f2b3fb47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  125.541401][ T6498] RAX: ffffffffffffffda RBX: 00007f2b41705fa0 RCX: 00007f2b414de969
[  125.541416][ T6498] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000003
[  125.541432][ T6498] RBP: 00007f2b3fb47090 R08: 0000000000000000 R09: 0000000000000000
[  125.541446][ T6498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.541461][ T6498] R13: 0000000000000000 R14: 00007f2b41705fa0 R15: 00007ffe65a4a218
[  125.541487][ T6498]  </TASK>
[  125.847152][ T6510] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1052'.
[  125.950219][ T6532] FAULT_INJECTION: forcing a failure.
[  125.950219][ T6532] name failslab, interval 1, probability 0, space 0, times 0
[  125.962996][ T6532] CPU: 1 UID: 0 PID: 6532 Comm: syz.4.1060 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  125.963045][ T6532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.963061][ T6532] Call Trace:
[  125.963069][ T6532]  <TASK>
[  125.963079][ T6532]  __dump_stack+0x1d/0x30
[  125.963099][ T6532]  dump_stack_lvl+0xe8/0x140
[  125.963121][ T6532]  dump_stack+0x15/0x1b
[  125.963212][ T6532]  should_fail_ex+0x265/0x280
[  125.963244][ T6532]  ? alloc_super+0x3d/0x570
[  125.963274][ T6532]  should_failslab+0x8c/0xb0
[  125.963307][ T6532]  __kmalloc_cache_noprof+0x4c/0x320
[  125.963336][ T6532]  alloc_super+0x3d/0x570
[  125.963366][ T6532]  sget_fc+0x24e/0x6e0
[  125.963398][ T6532]  ? __pfx_set_anon_super_fc+0x10/0x10
[  125.963477][ T6532]  ? __pfx_mqueue_fill_super+0x10/0x10
[  125.963512][ T6532]  get_tree_nodev+0x2a/0x100
[  125.963553][ T6532]  mqueue_get_tree+0x63/0x90
[  125.963593][ T6532]  vfs_get_tree+0x57/0x1d0
[  125.963616][ T6532]  fc_mount+0x18/0x70
[  125.963644][ T6532]  mq_init_ns+0x249/0x2f0
[  125.963672][ T6532]  copy_ipcs+0x214/0x3b0
[  125.963705][ T6532]  create_new_namespaces+0x12a/0x3d0
[  125.963820][ T6532]  unshare_nsproxy_namespaces+0xe8/0x120
[  125.963849][ T6532]  ksys_unshare+0x3d0/0x6d0
[  125.963922][ T6532]  ? ksys_write+0x192/0x1a0
[  125.963950][ T6532]  __x64_sys_unshare+0x1f/0x30
[  125.964061][ T6532]  x64_sys_call+0x2d4b/0x2fb0
[  125.964081][ T6532]  do_syscall_64+0xd2/0x200
[  125.964103][ T6532]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.964152][ T6532]  ? clear_bhb_loop+0x40/0x90
[  125.964226][ T6532]  ? clear_bhb_loop+0x40/0x90
[  125.964252][ T6532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.964271][ T6532] RIP: 0033:0x7f987e82e969
[  125.964284][ T6532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.964300][ T6532] RSP: 002b:00007f987ce97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  125.964384][ T6532] RAX: ffffffffffffffda RBX: 00007f987ea55fa0 RCX: 00007f987e82e969
[  125.964395][ T6532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c040000
[  125.964405][ T6532] RBP: 00007f987ce97090 R08: 0000000000000000 R09: 0000000000000000
[  125.964415][ T6532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.964425][ T6532] R13: 0000000000000000 R14: 00007f987ea55fa0 R15: 00007ffee7f70b28
[  125.964443][ T6532]  </TASK>
[  126.269550][ T6533] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  126.277958][ T6533] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  126.383052][ T6537] loop2: detected capacity change from 0 to 512
[  126.398240][ T6537] EXT4-fs: Ignoring removed oldalloc option
[  126.413930][ T6537] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1061: Parent and EA inode have the same ino 15
[  126.428212][ T6537] EXT4-fs (loop2): Remounting filesystem read-only
[  126.435871][ T6537] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  126.446682][ T6537] EXT4-fs (loop2): 1 orphan inode deleted
[  126.454963][ T6537] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.514112][   T29] kauditd_printk_skb: 187 callbacks suppressed
[  126.514132][   T29] audit: type=1400 audit(1748676612.716:3167): avc:  denied  { write } for  pid=6539 comm="syz.3.1063" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  126.565432][ T6542] loop4: detected capacity change from 0 to 512
[  126.582014][ T6542] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  126.619903][ T6542] EXT4-fs error (device loop4): xattr_find_entry:333: inode #15: comm syz.4.1062: corrupted xattr entries
[  126.632968][ T6542] EXT4-fs (loop4): Remounting filesystem read-only
[  126.639555][ T6542] EXT4-fs (loop4): 1 truncate cleaned up
[  126.646431][ T6542] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.690761][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.904419][ T6549] 9pnet_fd: Insufficient options for proto=fd
[  127.024340][ T6553] loop0: detected capacity change from 0 to 2048
[  127.061982][ T6553]  loop0: p1 < > p4
[  127.071729][ T6553] loop0: p4 size 8388608 extends beyond EOD, truncated
[  127.084861][   T29] audit: type=1400 audit(1748676613.286:3168): avc:  denied  { read write } for  pid=6552 comm="syz.0.1069" name="loop0p4" dev="devtmpfs" ino=912 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  127.108568][   T29] audit: type=1400 audit(1748676613.286:3169): avc:  denied  { open } for  pid=6552 comm="syz.0.1069" path="/dev/loop0p4" dev="devtmpfs" ino=912 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  127.235664][ T6557] loop0: detected capacity change from 0 to 2048
[  127.242868][   T29] audit: type=1326 audit(1748676613.386:3170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.0.1069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  127.266616][   T29] audit: type=1326 audit(1748676613.386:3171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.0.1069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  127.290430][   T29] audit: type=1326 audit(1748676613.386:3172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.0.1069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  127.313894][   T29] audit: type=1326 audit(1748676613.386:3173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.0.1069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  127.337814][   T29] audit: type=1326 audit(1748676613.386:3174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.0.1069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  127.361713][   T29] audit: type=1326 audit(1748676613.386:3175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.0.1069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  127.387578][   T29] audit: type=1326 audit(1748676613.386:3176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.0.1069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  127.422728][ T6557] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.445230][ T6557] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.465618][ T6562] loop2: detected capacity change from 0 to 128
[  127.485173][ T6557] futex_wake_op: syz.0.1070 tries to shift op by -1; fix this program
[  128.305909][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.382631][ T6573] loop2: detected capacity change from 0 to 2048
[  128.433685][ T6573] Alternate GPT is invalid, using primary GPT.
[  128.440088][ T6573]  loop2: p2 p3 p7
[  128.537159][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.570660][ T6591] loop4: detected capacity change from 0 to 512
[  128.584626][ T6591] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  128.592888][ T6591] System zones: 1-12
[  128.597003][ T6591] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 3: comm syz.4.1079: lblock 0 mapped to illegal pblock 3 (length 1)
[  128.621422][ T6591] EXT4-fs warning (device loop4): dx_probe:791: inode #2: lblock 0: comm syz.4.1079: error -117 reading directory block
[  128.631100][ T6593] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  128.634196][ T6591] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  128.651520][ T6595] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  128.660390][ T6591] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.666849][ T6595] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  128.680247][ T6591] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #2: comm syz.4.1079: corrupted xattr block 255: invalid header
[  128.701706][ T6591] SELinux: (dev loop4, type ext4) getxattr errno 117
[  128.702343][ T6591] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.711649][ T6597] loop0: detected capacity change from 0 to 512
[  128.712138][ T6597] EXT4-fs: Ignoring removed oldalloc option
[  128.728463][ T6597] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.1075: Parent and EA inode have the same ino 15
[  128.729468][ T6597] EXT4-fs (loop0): Remounting filesystem read-only
[  128.729487][ T6597] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  128.729517][ T6597] EXT4-fs (loop0): 1 orphan inode deleted
[  128.730021][ T6597] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.762294][ T6591] netlink: 'syz.4.1079': attribute type 21 has an invalid length.
[  128.763934][ T6591] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1079'.
[  128.771228][ T6600] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1082'.
[  128.771834][ T6600] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1082'.
[  128.866599][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.891046][ T6610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1085'.
[  128.901174][ T6610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1085'.
[  128.913914][ T6612] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1087'.
[  128.924389][ T6612] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1087'.
[  128.978772][ T6623] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1092'.
[  129.318012][ T6670] loop4: detected capacity change from 0 to 512
[  129.332455][ T6670] EXT4-fs: Ignoring removed oldalloc option
[  129.365523][ T6670] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.1095: Parent and EA inode have the same ino 15
[  129.380894][ T6670] EXT4-fs (loop4): Remounting filesystem read-only
[  129.388392][ T6670] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  129.401304][ T6670] EXT4-fs (loop4): 1 orphan inode deleted
[  129.415004][ T6670] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.523542][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.097863][ T6780] loop2: detected capacity change from 0 to 256
[  130.287159][ T6780] FAULT_INJECTION: forcing a failure.
[  130.287159][ T6780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.300317][ T6780] CPU: 0 UID: 0 PID: 6780 Comm: syz.2.1114 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  130.300372][ T6780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  130.300384][ T6780] Call Trace:
[  130.300391][ T6780]  <TASK>
[  130.300399][ T6780]  __dump_stack+0x1d/0x30
[  130.300422][ T6780]  dump_stack_lvl+0xe8/0x140
[  130.300446][ T6780]  dump_stack+0x15/0x1b
[  130.300468][ T6780]  should_fail_ex+0x265/0x280
[  130.300582][ T6780]  should_fail+0xb/0x20
[  130.300618][ T6780]  should_fail_usercopy+0x1a/0x20
[  130.300660][ T6780]  _copy_to_user+0x20/0xa0
[  130.300688][ T6780]  simple_read_from_buffer+0xb5/0x130
[  130.300730][ T6780]  proc_fail_nth_read+0x100/0x140
[  130.300812][ T6780]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  130.300896][ T6780]  vfs_read+0x1a0/0x6f0
[  130.300936][ T6780]  ? __rcu_read_unlock+0x4f/0x70
[  130.300959][ T6780]  ? __rcu_read_unlock+0x4f/0x70
[  130.300979][ T6780]  ? __fget_files+0x184/0x1c0
[  130.301022][ T6780]  ksys_read+0xda/0x1a0
[  130.301042][ T6780]  __x64_sys_read+0x40/0x50
[  130.301062][ T6780]  x64_sys_call+0x2d77/0x2fb0
[  130.301089][ T6780]  do_syscall_64+0xd2/0x200
[  130.301120][ T6780]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.301191][ T6780]  ? clear_bhb_loop+0x40/0x90
[  130.301213][ T6780]  ? clear_bhb_loop+0x40/0x90
[  130.301293][ T6780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.301319][ T6780] RIP: 0033:0x7f1a1262d37c
[  130.301337][ T6780] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  130.301484][ T6780] RSP: 002b:00007f1a10c97030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  130.301507][ T6780] RAX: ffffffffffffffda RBX: 00007f1a12855fa0 RCX: 00007f1a1262d37c
[  130.301523][ T6780] RDX: 000000000000000f RSI: 00007f1a10c970a0 RDI: 0000000000000007
[  130.301538][ T6780] RBP: 00007f1a10c97090 R08: 0000000000000000 R09: 0000000000000000
[  130.301553][ T6780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.301567][ T6780] R13: 0000000000000000 R14: 00007f1a12855fa0 R15: 00007fff2426a3f8
[  130.301593][ T6780]  </TASK>
[  130.644711][ T6833] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1120'.
[  130.669179][ T6835] loop2: detected capacity change from 0 to 512
[  130.679306][ T6835] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  130.684932][ T6838] netlink: 43 bytes leftover after parsing attributes in process `syz.1.1122'.
[  130.696472][ T6835] System zones: 1-12
[  130.696594][ T6835] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 3: comm syz.2.1121: lblock 0 mapped to illegal pblock 3 (length 1)
[  130.714997][ T6838] tipc: Enabled bearer <eth:vlan0>, priority 10
[  130.715593][ T6835] EXT4-fs warning (device loop2): dx_probe:791: inode #2: lblock 0: comm syz.2.1121: error -117 reading directory block
[  130.724234][ T6838] ªªªªªª: renamed from vlan0 (while UP)
[  130.735937][ T6835] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  130.748818][ T6835] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.749848][ T6838] tipc: Disabling bearer <eth:vlan0>
[  130.762470][ T6835] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #2: comm syz.2.1121: corrupted xattr block 255: invalid header
[  130.780179][ T6835] SELinux: (dev loop2, type ext4) getxattr errno 117
[  130.787584][ T6835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.798582][ T6843] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  130.807046][ T6843] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  130.821620][ T6835] netlink: 'syz.2.1121': attribute type 21 has an invalid length.
[  130.835166][ T6835] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  130.877153][ T6835] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  130.913984][ T6849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1126'.
[  130.924259][ T6849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1126'.
[  130.954034][ T6851] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1127'.
[  131.380156][ T6883] loop0: detected capacity change from 0 to 512
[  131.388022][ T6883] EXT4-fs: Ignoring removed mblk_io_submit option
[  131.395901][ T6883] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  131.408006][ T6883] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  131.417639][ T6883] System zones: 1-12
[  131.423121][ T6883] EXT4-fs (loop0): 1 truncate cleaned up
[  131.434196][ T6883] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.832181][   T29] kauditd_printk_skb: 108 callbacks suppressed
[  131.832198][   T29] audit: type=1326 audit(1748676618.036:3285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.0.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2b414dd2d0 code=0x7ffc0000
[  131.862062][   T29] audit: type=1326 audit(1748676618.036:3286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.0.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f2b414dd6b7 code=0x7ffc0000
[  131.885825][   T29] audit: type=1326 audit(1748676618.036:3287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.0.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2b414dd2d0 code=0x7ffc0000
[  131.909719][   T29] audit: type=1326 audit(1748676618.036:3288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.0.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  131.933337][   T29] audit: type=1326 audit(1748676618.036:3289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.0.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  131.995918][   T29] audit: type=1326 audit(1748676618.036:3290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.0.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  132.019302][   T29] audit: type=1326 audit(1748676618.036:3291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.0.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  132.042877][   T29] audit: type=1326 audit(1748676618.036:3292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.0.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  132.066416][   T29] audit: type=1326 audit(1748676618.036:3293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.0.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  132.089877][   T29] audit: type=1326 audit(1748676618.036:3294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6881 comm="syz.0.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  132.177024][ T6898] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1143'.
[  132.189173][ T6894] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1143'.
[  132.238682][ T6902] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1144'.
[  132.259824][ T6897] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1144'.
[  132.271456][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.323561][ T6913] 9pnet_fd: Insufficient options for proto=fd
[  132.409963][ T6918] loop2: detected capacity change from 0 to 512
[  132.424195][ T6918] EXT4-fs: Ignoring removed oldalloc option
[  132.446834][ T6918] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1153: Parent and EA inode have the same ino 15
[  132.467484][ T6918] EXT4-fs (loop2): Remounting filesystem read-only
[  132.477206][ T6918] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  132.487669][ T6935] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1158'.
[  132.499305][ T6918] EXT4-fs (loop2): 1 orphan inode deleted
[  132.527248][ T6939] loop4: detected capacity change from 0 to 512
[  132.536858][ T6918] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.547639][ T6939] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  132.574892][ T6939] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  132.583203][ T6939] System zones: 1-12
[  132.608838][ T6939] EXT4-fs (loop4): 1 truncate cleaned up
[  132.622415][ T6939] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.636656][ T6948] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.647611][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.674802][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.704703][ T6948] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.741384][ T6961] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  132.749628][ T6961] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  132.762256][ T6948] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.814775][ T6948] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.832578][ T6965] loop4: detected capacity change from 0 to 8192
[  132.882062][ T6948] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.894552][ T6948] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.906686][ T6948] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.919577][ T6948] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  133.070148][ T6973] FAULT_INJECTION: forcing a failure.
[  133.070148][ T6973] name failslab, interval 1, probability 0, space 0, times 0
[  133.082872][ T6973] CPU: 1 UID: 0 PID: 6973 Comm: syz.1.1173 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  133.082979][ T6973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  133.082993][ T6973] Call Trace:
[  133.082999][ T6973]  <TASK>
[  133.083050][ T6973]  __dump_stack+0x1d/0x30
[  133.083075][ T6973]  dump_stack_lvl+0xe8/0x140
[  133.083095][ T6973]  dump_stack+0x15/0x1b
[  133.083152][ T6973]  should_fail_ex+0x265/0x280
[  133.083192][ T6973]  ? qdisc_get_rtab+0x1a5/0x2d0
[  133.083278][ T6973]  should_failslab+0x8c/0xb0
[  133.083317][ T6973]  __kmalloc_cache_noprof+0x4c/0x320
[  133.083353][ T6973]  qdisc_get_rtab+0x1a5/0x2d0
[  133.083388][ T6973]  tcf_police_init+0x38e/0xc80
[  133.083416][ T6973]  tcf_action_init_1+0x36a/0x4a0
[  133.083460][ T6973]  tcf_action_init+0x267/0x6d0
[  133.083613][ T6973]  ? mark_reg_read+0x59/0x340
[  133.083677][ T6973]  tc_ctl_action+0x291/0x830
[  133.083721][ T6973]  ? __pfx_tc_ctl_action+0x10/0x10
[  133.083741][ T6973]  rtnetlink_rcv_msg+0x65a/0x6d0
[  133.083817][ T6973]  netlink_rcv_skb+0x123/0x220
[  133.083845][ T6973]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  133.083883][ T6973]  rtnetlink_rcv+0x1c/0x30
[  133.083912][ T6973]  netlink_unicast+0x59e/0x670
[  133.083988][ T6973]  netlink_sendmsg+0x58b/0x6b0
[  133.084036][ T6973]  ? __pfx_netlink_sendmsg+0x10/0x10
[  133.084066][ T6973]  __sock_sendmsg+0x142/0x180
[  133.084164][ T6973]  ____sys_sendmsg+0x31e/0x4e0
[  133.084193][ T6973]  ___sys_sendmsg+0x17b/0x1d0
[  133.084263][ T6973]  __x64_sys_sendmsg+0xd4/0x160
[  133.084323][ T6973]  x64_sys_call+0x2999/0x2fb0
[  133.084350][ T6973]  do_syscall_64+0xd2/0x200
[  133.084381][ T6973]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  133.084406][ T6973]  ? clear_bhb_loop+0x40/0x90
[  133.084466][ T6973]  ? clear_bhb_loop+0x40/0x90
[  133.084543][ T6973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.084570][ T6973] RIP: 0033:0x7fe105afe969
[  133.084585][ T6973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.084602][ T6973] RSP: 002b:00007fe104167038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  133.084620][ T6973] RAX: ffffffffffffffda RBX: 00007fe105d25fa0 RCX: 00007fe105afe969
[  133.084726][ T6973] RDX: 0000000000000000 RSI: 00002000000037c0 RDI: 0000000000000006
[  133.084782][ T6973] RBP: 00007fe104167090 R08: 0000000000000000 R09: 0000000000000000
[  133.084793][ T6973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  133.084816][ T6973] R13: 0000000000000000 R14: 00007fe105d25fa0 R15: 00007ffd5b020d08
[  133.084841][ T6973]  </TASK>
[  134.041521][ T7011] loop4: detected capacity change from 0 to 512
[  134.048335][ T7011] EXT4-fs: Ignoring removed i_version option
[  134.054470][ T7011] EXT4-fs: Ignoring removed mblk_io_submit option
[  134.062443][ T7011] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  134.072734][ T7011] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal
[  134.086794][ T7011] team_slave_0: left promiscuous mode
[  134.092286][ T7011] team_slave_1: left promiscuous mode
[  134.104113][ T7011] team0 (unregistering): Port device team_slave_0 removed
[  134.113973][ T7011] team0 (unregistering): Port device team_slave_1 removed
[  134.247805][ T7014] loop4: detected capacity change from 0 to 128
[  134.254588][ T7014] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  134.277309][ T7014] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  134.363629][ T7028] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7028 comm=syz.4.1187
[  134.376285][ T7028] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7028 comm=syz.4.1187
[  134.437097][ T3332] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  135.467371][ T7058] netlink: 'syz.1.1205': attribute type 21 has an invalid length.
[  136.154164][ T7087] __nla_validate_parse: 10 callbacks suppressed
[  136.154187][ T7087] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1215'.
[  136.219509][ T7087] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1215'.
[  136.367461][ T7099] netlink: 'syz.1.1221': attribute type 21 has an invalid length.
[  136.421908][ T7103] loop4: detected capacity change from 0 to 128
[  136.428879][ T7103] vfat: Unknown parameter 'ÿ'
[  136.453240][ T7103] netlink: 'syz.4.1223': attribute type 2 has an invalid length.
[  136.756674][ T7125] vlan2: entered allmulticast mode
[  136.762192][ T7125] macvtap0: entered allmulticast mode
[  136.767678][ T7125] veth0_macvtap: entered allmulticast mode
[  136.811879][ T7130] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  136.820137][ T7130] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  136.970591][ T7136] netlink: 'syz.1.1235': attribute type 21 has an invalid length.
[  136.984582][ T7136] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  137.197986][ T7140] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1234'.
[  137.212972][ T7137] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  137.457786][ T7146] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1237'.
[  137.483415][   T29] kauditd_printk_skb: 64 callbacks suppressed
[  137.483441][   T29] audit: type=1326 audit(1748676623.686:3359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7148 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  137.515309][   T29] audit: type=1326 audit(1748676623.686:3360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7148 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  137.538965][   T29] audit: type=1326 audit(1748676623.686:3361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7148 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  137.562534][   T29] audit: type=1326 audit(1748676623.686:3362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7148 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  137.586422][   T29] audit: type=1326 audit(1748676623.686:3363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7148 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  137.610198][   T29] audit: type=1326 audit(1748676623.686:3364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7148 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  137.634095][   T29] audit: type=1326 audit(1748676623.686:3365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7148 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  137.657933][   T29] audit: type=1326 audit(1748676623.686:3366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7148 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  137.682243][   T29] audit: type=1326 audit(1748676623.686:3367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7148 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  137.706023][   T29] audit: type=1326 audit(1748676623.686:3368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7148 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  138.191085][ T7173] loop4: detected capacity change from 0 to 512
[  138.200290][ T7173] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  138.212620][ T7173] System zones: 1-12
[  138.217878][ T7173] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 3: comm syz.4.1247: lblock 0 mapped to illegal pblock 3 (length 1)
[  138.242115][ T7173] EXT4-fs warning (device loop4): dx_probe:791: inode #2: lblock 0: comm syz.4.1247: error -117 reading directory block
[  138.259040][ T7173] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  138.268511][ T7173] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.282007][ T7173] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #2: comm syz.4.1247: corrupted xattr block 255: invalid header
[  138.304058][ T7173] SELinux: (dev loop4, type ext4) getxattr errno 117
[  138.331580][ T7173] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.450323][ T7184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1251'.
[  138.469759][ T7184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1251'.
[  138.617772][ T7173] netlink: 'syz.4.1247': attribute type 21 has an invalid length.
[  138.706848][ T7194] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1255'.
[  138.856939][ T7200] 9pnet_fd: Insufficient options for proto=fd
[  139.119941][ T7215] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1263'.
[  139.129322][ T7215] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1263'.
[  139.418574][ T7225] loop2: detected capacity change from 0 to 2048
[  139.537733][ T7237] xt_hashlimit: max too large, truncated to 1048576
[  139.561798][ T7238] loop0: detected capacity change from 0 to 512
[  139.568569][ T7238] EXT4-fs: Ignoring removed orlov option
[  139.575267][ T7238] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  139.585546][ T7238] EXT4-fs (loop0): orphan cleanup on readonly fs
[  139.592991][ T7238] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1266: bg 0: block 248: padding at end of block bitmap is not set
[  139.608281][ T7238] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1266: Failed to acquire dquot type 1
[  139.620138][ T7238] EXT4-fs (loop0): 1 truncate cleaned up
[  139.636012][ T7238] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  139.656076][ T7230] loop2: detected capacity change from 0 to 512
[  139.668226][ T7230] EXT4-fs: Ignoring removed oldalloc option
[  139.693413][ T7230] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1269: Parent and EA inode have the same ino 15
[  139.708396][ T7230] EXT4-fs (loop2): Remounting filesystem read-only
[  139.715850][ T7230] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  139.735741][ T7230] EXT4-fs (loop2): 1 orphan inode deleted
[  139.753917][ T7230] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.778368][ T7246] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1275'.
[  139.789233][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.811577][ T7249] loop2: detected capacity change from 0 to 128
[  139.818280][ T7249] vfat: Unknown parameter 'ÿ'
[  139.825040][ T7249] netlink: 'syz.2.1276': attribute type 2 has an invalid length.
[  139.840278][ T7251] SELinux: ebitmap: truncated map
[  139.846835][ T7251] SELinux: failed to load policy
[  139.853252][ T7251] netlink: 'syz.1.1277': attribute type 21 has an invalid length.
[  140.227631][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.250437][ T7260] tipc: Started in network mode
[  140.255542][ T7260] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  140.264377][ T7260] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  140.554894][ T7273] loop0: detected capacity change from 0 to 512
[  140.565108][ T7273] EXT4-fs: Ignoring removed oldalloc option
[  140.598800][ T7273] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.1287: Parent and EA inode have the same ino 15
[  140.613893][ T7273] EXT4-fs (loop0): Remounting filesystem read-only
[  140.621193][ T7273] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  140.633650][ T7273] EXT4-fs (loop0): 1 orphan inode deleted
[  140.645162][ T7273] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.740724][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.959258][ T7289] capability: warning: `syz.2.1292' uses 32-bit capabilities (legacy support in use)
[  140.975101][ T7304] 9pnet_fd: Insufficient options for proto=fd
[  140.993155][ T7289] FAULT_INJECTION: forcing a failure.
[  140.993155][ T7289] name failslab, interval 1, probability 0, space 0, times 0
[  141.005882][ T7289] CPU: 0 UID: 0 PID: 7289 Comm: syz.2.1292 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  141.005984][ T7289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.005996][ T7289] Call Trace:
[  141.006002][ T7289]  <TASK>
[  141.006010][ T7289]  __dump_stack+0x1d/0x30
[  141.006036][ T7289]  dump_stack_lvl+0xe8/0x140
[  141.006083][ T7289]  dump_stack+0x15/0x1b
[  141.006104][ T7289]  should_fail_ex+0x265/0x280
[  141.006135][ T7289]  ? tty_open+0x81/0xaf0
[  141.006153][ T7289]  should_failslab+0x8c/0xb0
[  141.006232][ T7289]  __kmalloc_cache_noprof+0x4c/0x320
[  141.006261][ T7289]  tty_open+0x81/0xaf0
[  141.006284][ T7289]  chrdev_open+0x2e8/0x3a0
[  141.006332][ T7289]  do_dentry_open+0x646/0xa20
[  141.006360][ T7289]  ? __pfx_chrdev_open+0x10/0x10
[  141.006383][ T7289]  vfs_open+0x37/0x1e0
[  141.006409][ T7289]  path_openat+0x1c5e/0x2170
[  141.006503][ T7289]  do_filp_open+0x109/0x230
[  141.006545][ T7289]  do_sys_openat2+0xa6/0x110
[  141.006661][ T7289]  __x64_sys_openat+0xf2/0x120
[  141.006695][ T7289]  x64_sys_call+0x1af/0x2fb0
[  141.006721][ T7289]  do_syscall_64+0xd2/0x200
[  141.006807][ T7289]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.006915][ T7289]  ? clear_bhb_loop+0x40/0x90
[  141.006935][ T7289]  ? clear_bhb_loop+0x40/0x90
[  141.007012][ T7289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.007070][ T7289] RIP: 0033:0x7f1a1262e969
[  141.007088][ T7289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.007105][ T7289] RSP: 002b:00007f1a10c97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  141.007124][ T7289] RAX: ffffffffffffffda RBX: 00007f1a12855fa0 RCX: 00007f1a1262e969
[  141.007140][ T7289] RDX: 0000000000000100 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  141.007188][ T7289] RBP: 00007f1a10c97090 R08: 0000000000000000 R09: 0000000000000000
[  141.007199][ T7289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.007211][ T7289] R13: 0000000000000000 R14: 00007f1a12855fa0 R15: 00007fff2426a3f8
[  141.007231][ T7289]  </TASK>
[  141.228296][ T7308] loop4: detected capacity change from 0 to 2048
[  141.265695][ T7312] __nla_validate_parse: 2 callbacks suppressed
[  141.265710][ T7312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1301'.
[  141.301374][ T7312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1301'.
[  141.313794][ T7308]  loop4: p1 < > p4
[  141.318098][ T7308] loop4: p4 size 8388608 extends beyond EOD, truncated
[  141.397018][ T7323] netlink: 'syz.4.1306': attribute type 2 has an invalid length.
[  141.415955][ T7319] hub 9-0:1.0: USB hub found
[  141.420816][ T7319] hub 9-0:1.0: 8 ports detected
[  141.550437][ T7335] sd 0:0:1:0: device reset
[  141.564920][ T7344] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1315'.
[  141.587677][ T7345] SELinux:  Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped).
[  141.643941][ T7348] loop2: detected capacity change from 0 to 2048
[  141.692534][ T7348]  loop2: p1 < > p4
[  141.707522][ T7348] loop2: p4 size 8388608 extends beyond EOD, truncated
[  141.739982][ T7363] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  141.795892][ T7365] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  141.813103][ T7368] FAULT_INJECTION: forcing a failure.
[  141.813103][ T7368] name failslab, interval 1, probability 0, space 0, times 0
[  141.825996][ T7368] CPU: 0 UID: 0 PID: 7368 Comm: syz.0.1324 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  141.826026][ T7368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.826072][ T7368] Call Trace:
[  141.826077][ T7368]  <TASK>
[  141.826086][ T7368]  __dump_stack+0x1d/0x30
[  141.826109][ T7368]  dump_stack_lvl+0xe8/0x140
[  141.826129][ T7368]  dump_stack+0x15/0x1b
[  141.826225][ T7368]  should_fail_ex+0x265/0x280
[  141.826260][ T7368]  should_failslab+0x8c/0xb0
[  141.826283][ T7368]  kmem_cache_alloc_noprof+0x50/0x310
[  141.826311][ T7368]  ? skb_clone+0x151/0x1f0
[  141.826418][ T7368]  skb_clone+0x151/0x1f0
[  141.826446][ T7368]  __netlink_deliver_tap+0x2c9/0x500
[  141.826480][ T7368]  netlink_unicast+0x64c/0x670
[  141.826507][ T7368]  netlink_sendmsg+0x58b/0x6b0
[  141.826580][ T7368]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.826609][ T7368]  __sock_sendmsg+0x142/0x180
[  141.826643][ T7368]  ____sys_sendmsg+0x31e/0x4e0
[  141.826690][ T7368]  ___sys_sendmsg+0x17b/0x1d0
[  141.826745][ T7368]  __x64_sys_sendmsg+0xd4/0x160
[  141.826840][ T7368]  x64_sys_call+0x2999/0x2fb0
[  141.826867][ T7368]  do_syscall_64+0xd2/0x200
[  141.826902][ T7368]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.826935][ T7368]  ? clear_bhb_loop+0x40/0x90
[  141.826961][ T7368]  ? clear_bhb_loop+0x40/0x90
[  141.827056][ T7368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.827099][ T7368] RIP: 0033:0x7f2b414de969
[  141.827119][ T7368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.827141][ T7368] RSP: 002b:00007f2b3fb47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.827165][ T7368] RAX: ffffffffffffffda RBX: 00007f2b41705fa0 RCX: 00007f2b414de969
[  141.827180][ T7368] RDX: 0000000000008000 RSI: 0000200000000780 RDI: 0000000000000006
[  141.827196][ T7368] RBP: 00007f2b3fb47090 R08: 0000000000000000 R09: 0000000000000000
[  141.827257][ T7368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.827271][ T7368] R13: 0000000000000000 R14: 00007f2b41705fa0 R15: 00007ffe65a4a218
[  141.827297][ T7368]  </TASK>
[  142.055916][ T7370] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1325'.
[  142.065277][ T7370] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1325'.
[  142.121219][ T7376] 9pnet_fd: Insufficient options for proto=fd
[  142.144513][ T7374] loop2: detected capacity change from 0 to 1024
[  142.153158][ T7374] EXT4-fs (loop2): bad geometry: block count 1310720 exceeds size of device (512 blocks)
[  142.169392][ T7374] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1327'.
[  142.188589][ T7387] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1331'.
[  142.198228][ T7388] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1328'.
[  142.208415][ T7382] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1328'.
[  142.218614][ T7381] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1331'.
[  142.344172][ T7395] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  142.344172][ T7395]    program wÞ£ÿ not setting count and/or reply_len properly
[  142.491716][   T29] kauditd_printk_skb: 145 callbacks suppressed
[  142.491733][   T29] audit: type=1326 audit(1748676628.696:3512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7430 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  142.523468][   T29] audit: type=1326 audit(1748676628.726:3513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7430 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  142.548003][   T29] audit: type=1326 audit(1748676628.726:3514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7430 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  142.598925][   T29] audit: type=1326 audit(1748676628.776:3515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7430 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  142.622888][   T29] audit: type=1326 audit(1748676628.776:3516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7430 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  142.646425][   T29] audit: type=1326 audit(1748676628.776:3517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7430 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  142.669994][   T29] audit: type=1326 audit(1748676628.776:3518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7430 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  142.693521][   T29] audit: type=1326 audit(1748676628.776:3519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7430 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  142.717352][   T29] audit: type=1326 audit(1748676628.776:3520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7430 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  142.740929][   T29] audit: type=1326 audit(1748676628.776:3521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7430 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  142.975242][ T7467] 9pnet_fd: Insufficient options for proto=fd
[  142.984712][ T7463] loop4: detected capacity change from 0 to 2048
[  143.205249][ T7497] 9pnet_fd: Insufficient options for proto=fd
[  143.448100][ T7536] 9pnet_fd: Insufficient options for proto=fd
[  143.496956][ T7542] loop2: detected capacity change from 0 to 2048
[  143.777958][ T7576] 9pnet_fd: Insufficient options for proto=fd
[  143.872288][ T7589] FAULT_INJECTION: forcing a failure.
[  143.872288][ T7589] name failslab, interval 1, probability 0, space 0, times 0
[  143.874673][ T7587] netlink: 'syz.3.1412': attribute type 21 has an invalid length.
[  143.885074][ T7589] CPU: 0 UID: 0 PID: 7589 Comm: syz.2.1413 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  143.885187][ T7589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  143.885204][ T7589] Call Trace:
[  143.885211][ T7589]  <TASK>
[  143.885221][ T7589]  __dump_stack+0x1d/0x30
[  143.885311][ T7589]  dump_stack_lvl+0xe8/0x140
[  143.885337][ T7589]  dump_stack+0x15/0x1b
[  143.885359][ T7589]  should_fail_ex+0x265/0x280
[  143.885482][ T7589]  should_failslab+0x8c/0xb0
[  143.885513][ T7589]  kmem_cache_alloc_node_noprof+0x57/0x320
[  143.885549][ T7589]  ? __alloc_skb+0x101/0x320
[  143.885580][ T7589]  __alloc_skb+0x101/0x320
[  143.885672][ T7589]  ? audit_log_start+0x365/0x6c0
[  143.885715][ T7589]  audit_log_start+0x380/0x6c0
[  143.885760][ T7589]  audit_seccomp+0x48/0x100
[  143.885866][ T7589]  ? __seccomp_filter+0x68c/0x10d0
[  143.885897][ T7589]  __seccomp_filter+0x69d/0x10d0
[  143.885929][ T7589]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  143.886033][ T7589]  ? vfs_write+0x75e/0x8e0
[  143.886066][ T7589]  __secure_computing+0x82/0x150
[  143.886095][ T7589]  syscall_trace_enter+0xcf/0x1e0
[  143.886120][ T7589]  do_syscall_64+0xac/0x200
[  143.886144][ T7589]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  143.886235][ T7589]  ? clear_bhb_loop+0x40/0x90
[  143.886269][ T7589]  ? clear_bhb_loop+0x40/0x90
[  143.886298][ T7589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.886326][ T7589] RIP: 0033:0x7f1a1262e969
[  143.886426][ T7589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.886449][ T7589] RSP: 002b:00007f1a10c97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  143.886474][ T7589] RAX: ffffffffffffffda RBX: 00007f1a12855fa0 RCX: 00007f1a1262e969
[  143.886490][ T7589] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000005
[  143.886506][ T7589] RBP: 00007f1a10c97090 R08: 0000200000000040 R09: 0000000000000000
[  143.886522][ T7589] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.886539][ T7589] R13: 0000000000000000 R14: 00007f1a12855fa0 R15: 00007fff2426a3f8
[  143.886567][ T7589]  </TASK>
[  143.919429][ T7593] openvswitch: netlink: Message has 6 unknown bytes.
[  143.982986][ T7587] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  144.139213][ T7594] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  144.241086][ T7611] loop4: detected capacity change from 0 to 128
[  144.303724][ T7611] vfat: Unknown parameter 'ÿ'
[  144.333367][ T7611] netlink: 'syz.4.1422': attribute type 2 has an invalid length.
[  144.335262][ T7619] loop2: detected capacity change from 0 to 512
[  144.335549][ T7619] EXT4-fs: Ignoring removed oldalloc option
[  144.477843][ T7619] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1420: Parent and EA inode have the same ino 15
[  144.478455][ T7619] EXT4-fs (loop2): Remounting filesystem read-only
[  144.478476][ T7619] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  144.478502][ T7619] EXT4-fs (loop2): 1 orphan inode deleted
[  144.480395][ T7619] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.617258][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.678631][ T7630] loop2: detected capacity change from 0 to 1024
[  144.694638][ T7630] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.720080][ T7630] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  144.720080][ T7630]    program wÞ£ÿ not setting count and/or reply_len properly
[  144.754282][ T7630] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm wÞ£ÿ: Allocating blocks 449-513 which overlap fs metadata
[  144.778161][ T7629] EXT4-fs (loop2): pa ffff888106a7d700: logic 48, phys. 177, len 21
[  144.786411][ T7629] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  144.803047][ T7642] netlink: 'syz.1.1432': attribute type 21 has an invalid length.
[  144.812716][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.817670][ T7642] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  144.867483][ T7647] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  144.994972][ T7656] loop2: detected capacity change from 0 to 512
[  145.007567][ T7656] EXT4-fs: Ignoring removed oldalloc option
[  145.035705][ T7656] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1438: Parent and EA inode have the same ino 15
[  145.051338][ T7656] EXT4-fs (loop2): Remounting filesystem read-only
[  145.059476][ T7656] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  145.086432][ T7656] EXT4-fs (loop2): 1 orphan inode deleted
[  145.102091][ T7656] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.153242][ T7671] loop4: detected capacity change from 0 to 2048
[  145.195623][ T7671]  loop4: p1 < > p4
[  145.206579][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.221887][ T7671] loop4: p4 size 8388608 extends beyond EOD, truncated
[  145.325365][ T7676] FAULT_INJECTION: forcing a failure.
[  145.325365][ T7676] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.338534][ T7676] CPU: 0 UID: 0 PID: 7676 Comm: syz.0.1446 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  145.338643][ T7676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  145.338657][ T7676] Call Trace:
[  145.338664][ T7676]  <TASK>
[  145.338672][ T7676]  __dump_stack+0x1d/0x30
[  145.338765][ T7676]  dump_stack_lvl+0xe8/0x140
[  145.338790][ T7676]  dump_stack+0x15/0x1b
[  145.338812][ T7676]  should_fail_ex+0x265/0x280
[  145.338848][ T7676]  should_fail+0xb/0x20
[  145.338902][ T7676]  should_fail_usercopy+0x1a/0x20
[  145.338955][ T7676]  _copy_from_iter+0xcf/0xe40
[  145.339059][ T7676]  ? __build_skb_around+0x1a0/0x200
[  145.339082][ T7676]  ? __alloc_skb+0x223/0x320
[  145.339109][ T7676]  pfkey_sendmsg+0x126/0x900
[  145.339143][ T7676]  ? avc_has_perm+0xd3/0x150
[  145.339256][ T7676]  ? selinux_socket_sendmsg+0x175/0x1b0
[  145.339296][ T7676]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  145.339328][ T7676]  __sock_sendmsg+0x142/0x180
[  145.339391][ T7676]  ____sys_sendmsg+0x31e/0x4e0
[  145.339430][ T7676]  ___sys_sendmsg+0x17b/0x1d0
[  145.339477][ T7676]  __x64_sys_sendmsg+0xd4/0x160
[  145.339540][ T7676]  x64_sys_call+0x2999/0x2fb0
[  145.339567][ T7676]  do_syscall_64+0xd2/0x200
[  145.339655][ T7676]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  145.339683][ T7676]  ? clear_bhb_loop+0x40/0x90
[  145.339704][ T7676]  ? clear_bhb_loop+0x40/0x90
[  145.339802][ T7676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.339849][ T7676] RIP: 0033:0x7f2b414de969
[  145.339866][ T7676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.339918][ T7676] RSP: 002b:00007f2b3fb47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  145.339937][ T7676] RAX: ffffffffffffffda RBX: 00007f2b41705fa0 RCX: 00007f2b414de969
[  145.339952][ T7676] RDX: 0000000000000094 RSI: 0000200000000180 RDI: 0000000000000007
[  145.339968][ T7676] RBP: 00007f2b3fb47090 R08: 0000000000000000 R09: 0000000000000000
[  145.339983][ T7676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.339998][ T7676] R13: 0000000000000000 R14: 00007f2b41705fa0 R15: 00007ffe65a4a218
[  145.340101][ T7676]  </TASK>
[  145.653597][ T7684] FAULT_INJECTION: forcing a failure.
[  145.653597][ T7684] name failslab, interval 1, probability 0, space 0, times 0
[  145.666385][ T7684] CPU: 0 UID: 0 PID: 7684 Comm: syz.2.1447 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  145.666421][ T7684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  145.666438][ T7684] Call Trace:
[  145.666446][ T7684]  <TASK>
[  145.666456][ T7684]  __dump_stack+0x1d/0x30
[  145.666483][ T7684]  dump_stack_lvl+0xe8/0x140
[  145.666509][ T7684]  dump_stack+0x15/0x1b
[  145.666554][ T7684]  should_fail_ex+0x265/0x280
[  145.666622][ T7684]  ? ftrace_profile_set_filter+0xc2/0x190
[  145.666649][ T7684]  should_failslab+0x8c/0xb0
[  145.666748][ T7684]  __kmalloc_cache_noprof+0x4c/0x320
[  145.666788][ T7684]  ftrace_profile_set_filter+0xc2/0x190
[  145.666846][ T7684]  perf_ioctl+0x7b3/0x12e0
[  145.666884][ T7684]  ? ioctl_has_perm+0x289/0x2a0
[  145.666982][ T7684]  ? do_vfs_ioctl+0xd1e/0x11d0
[  145.667014][ T7684]  ? selinux_file_ioctl+0x2e3/0x370
[  145.667044][ T7684]  ? __fget_files+0x184/0x1c0
[  145.667120][ T7684]  ? __pfx_perf_ioctl+0x10/0x10
[  145.667157][ T7684]  __se_sys_ioctl+0xce/0x140
[  145.667187][ T7684]  __x64_sys_ioctl+0x43/0x50
[  145.667264][ T7684]  x64_sys_call+0x19a8/0x2fb0
[  145.667288][ T7684]  do_syscall_64+0xd2/0x200
[  145.667312][ T7684]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  145.667347][ T7684]  ? clear_bhb_loop+0x40/0x90
[  145.667375][ T7684]  ? clear_bhb_loop+0x40/0x90
[  145.667408][ T7684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.667463][ T7684] RIP: 0033:0x7f1a1262e969
[  145.667482][ T7684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.667502][ T7684] RSP: 002b:00007f1a10c97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  145.667520][ T7684] RAX: ffffffffffffffda RBX: 00007f1a12855fa0 RCX: 00007f1a1262e969
[  145.667535][ T7684] RDX: 0000200000000340 RSI: 0000000040082406 RDI: 0000000000000007
[  145.667551][ T7684] RBP: 00007f1a10c97090 R08: 0000000000000000 R09: 0000000000000000
[  145.667568][ T7684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.667583][ T7684] R13: 0000000000000000 R14: 00007f1a12855fa0 R15: 00007fff2426a3f8
[  145.667610][ T7684]  </TASK>
[  145.932514][ T7690] netlink: 'syz.3.1452': attribute type 2 has an invalid length.
[  146.036880][ T7708] loop2: detected capacity change from 0 to 2048
[  146.102533][ T7708]  loop2: p1 < > p4
[  146.107534][ T7708] loop2: p4 size 8388608 extends beyond EOD, truncated
[  146.177110][ T7723] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  146.177110][ T7723]    program syz.4.1466 not setting count and/or reply_len properly
[  146.416556][ T7754] __nla_validate_parse: 22 callbacks suppressed
[  146.416588][ T7754] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1479'.
[  146.432820][ T7754] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1479'.
[  146.486634][ T7761] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  146.486634][ T7761]    program syz.4.1482 not setting count and/or reply_len properly
[  146.567666][ T7765] 9pnet: Could not find request transport: fd0x0000000000000006
[  146.681549][ T7768] loop4: detected capacity change from 0 to 512
[  146.693608][ T7768] EXT4-fs: Ignoring removed oldalloc option
[  146.740735][ T7768] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.1485: Parent and EA inode have the same ino 15
[  146.776943][ T7777] netlink: 'syz.3.1490': attribute type 21 has an invalid length.
[  146.819374][ T7777] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  146.827371][ T7768] EXT4-fs (loop4): Remounting filesystem read-only
[  146.834889][ T7768] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  146.868167][ T7768] EXT4-fs (loop4): 1 orphan inode deleted
[  146.896469][ T7768] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.916082][ T7782] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  147.037811][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.093911][ T7802] netlink: 'syz.3.1500': attribute type 2 has an invalid length.
[  147.128576][ T7808] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1499'.
[  147.138396][ T7801] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1499'.
[  147.292725][ T7815] loop4: detected capacity change from 0 to 512
[  147.300573][ T7822] 9pnet: Could not find request transport: fd0x0000000000000006
[  147.312902][ T7815] EXT4-fs: Ignoring removed oldalloc option
[  147.358291][ T7815] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.1507: Parent and EA inode have the same ino 15
[  147.391672][ T7815] EXT4-fs (loop4): Remounting filesystem read-only
[  147.399160][ T7815] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  147.415729][ T7815] EXT4-fs (loop4): 1 orphan inode deleted
[  147.428096][ T7815] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.543065][ T7852] 9pnet_fd: Insufficient options for proto=fd
[  147.566786][   T29] kauditd_printk_skb: 267 callbacks suppressed
[  147.566800][   T29] audit: type=1326 audit(1748676633.766:3787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7855 comm="syz.2.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a1262e969 code=0x7ffc0000
[  147.601511][   T29] audit: type=1326 audit(1748676633.766:3788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7855 comm="syz.2.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a1262e969 code=0x7ffc0000
[  147.625174][   T29] audit: type=1326 audit(1748676633.766:3789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7855 comm="syz.2.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a1262e969 code=0x7ffc0000
[  147.648731][   T29] audit: type=1326 audit(1748676633.766:3790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7855 comm="syz.2.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a1262e969 code=0x7ffc0000
[  147.672347][   T29] audit: type=1326 audit(1748676633.766:3791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7855 comm="syz.2.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a1262e969 code=0x7ffc0000
[  147.672376][   T29] audit: type=1326 audit(1748676633.766:3792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7855 comm="syz.2.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a1262e969 code=0x7ffc0000
[  147.672449][   T29] audit: type=1326 audit(1748676633.766:3793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7855 comm="syz.2.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a1262e969 code=0x7ffc0000
[  147.672483][   T29] audit: type=1326 audit(1748676633.766:3794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7855 comm="syz.2.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a1262e969 code=0x7ffc0000
[  147.672546][   T29] audit: type=1326 audit(1748676633.766:3795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7855 comm="syz.2.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a1262e969 code=0x7ffc0000
[  147.672598][   T29] audit: type=1326 audit(1748676633.766:3796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7855 comm="syz.2.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a1262e969 code=0x7ffc0000
[  147.679916][ T7859] loop2: detected capacity change from 0 to 512
[  147.680195][ T7859] EXT4-fs: Ignoring removed oldalloc option
[  147.743417][ T7859] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1526: Parent and EA inode have the same ino 15
[  147.853698][ T7859] EXT4-fs (loop2): Remounting filesystem read-only
[  147.860248][ T7859] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  147.870454][ T7859] EXT4-fs (loop2): 1 orphan inode deleted
[  147.876608][ T7859] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.907661][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.987427][ T7868] loop2: detected capacity change from 0 to 2048
[  148.093930][ T7868] Alternate GPT is invalid, using primary GPT.
[  148.100359][ T7868]  loop2: p2 p3 p7
[  148.241876][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.429438][ T7882] loop4: detected capacity change from 0 to 1024
[  148.447223][ T7882] EXT4-fs (loop4): bad geometry: block count 1310720 exceeds size of device (512 blocks)
[  148.494463][ T7882] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1536'.
[  148.581572][ T7888] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  148.581572][ T7888]    program syz.2.1538 not setting count and/or reply_len properly
[  148.607928][ T7890] netlink: 'syz.1.1539': attribute type 2 has an invalid length.
[  148.733658][ T7894] loop2: detected capacity change from 0 to 512
[  148.747278][ T7894] EXT4-fs: Ignoring removed oldalloc option
[  148.790328][ T7894] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1541: Parent and EA inode have the same ino 15
[  148.792204][ T7904] netlink: 'syz.0.1545': attribute type 21 has an invalid length.
[  148.813872][ T7894] EXT4-fs (loop2): Remounting filesystem read-only
[  148.822383][ T7894] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  148.833811][ T7894] EXT4-fs (loop2): 1 orphan inode deleted
[  148.846470][ T7894] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.879054][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.901625][ T7904] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  148.937088][ T7909] loop4: detected capacity change from 0 to 2048
[  149.012015][ T7909]  loop4: p1 < > p4
[  149.016725][ T7909] loop4: p4 size 8388608 extends beyond EOD, truncated
[  149.773844][ T7945] 9pnet_fd: Insufficient options for proto=fd
[  150.039227][ T7966] loop4: detected capacity change from 0 to 2048
[  150.072159][ T7966]  loop4: p1 < > p4
[  150.077966][ T7966] loop4: p4 size 8388608 extends beyond EOD, truncated
[  150.101419][ T7970] 9pnet_fd: Insufficient options for proto=fd
[  150.223740][ T7974] hub 9-0:1.0: USB hub found
[  150.229064][ T7974] hub 9-0:1.0: 8 ports detected
[  150.240890][ T7980] loop2: detected capacity change from 0 to 512
[  150.264831][ T7980] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  150.302636][ T7980] EXT4-fs (loop2): orphan cleanup on readonly fs
[  150.322471][ T7980] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1578: corrupted inode contents
[  150.339234][ T7980] EXT4-fs (loop2): Remounting filesystem read-only
[  150.352279][ T7980] EXT4-fs (loop2): 1 truncate cleaned up
[  150.360275][  T167] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  150.371297][  T167] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  150.385746][ T7989] netlink: 'syz.0.1581': attribute type 21 has an invalid length.
[  150.399778][ T7989] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  150.418460][  T167] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  150.429236][ T7980] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  150.450352][ T7994] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  150.480542][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.625625][ T8022] netlink: 'syz.1.1597': attribute type 2 has an invalid length.
[  150.661456][ T8026] loop2: detected capacity change from 0 to 512
[  150.677159][ T8028] hub 9-0:1.0: USB hub found
[  150.682158][ T8028] hub 9-0:1.0: 8 ports detected
[  150.688449][ T8026] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  150.697515][ T8030] loop4: detected capacity change from 0 to 2048
[  150.698929][ T8026] EXT4-fs (loop2): orphan cleanup on readonly fs
[  150.714417][ T8026] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1598: corrupted inode contents
[  150.733174][ T8034] loop4: detected capacity change from 0 to 512
[  150.739751][ T8026] EXT4-fs (loop2): Remounting filesystem read-only
[  150.742011][ T8034] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  150.754852][ T8034] System zones: 1-12
[  150.756187][ T8026] EXT4-fs (loop2): 1 truncate cleaned up
[  150.759341][ T8034] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 3: comm syz.4.1602: lblock 0 mapped to illegal pblock 3 (length 1)
[  150.779577][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  150.790517][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  150.803124][ T8034] EXT4-fs warning (device loop4): dx_probe:791: inode #2: lblock 0: comm syz.4.1602: error -117 reading directory block
[  150.803139][   T31] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  150.821407][ T8034] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  150.833548][ T8026] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  150.838796][ T8034] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.875075][ T8034] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #2: comm syz.4.1602: corrupted xattr block 255: invalid header
[  150.888859][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.899399][ T8034] SELinux: (dev loop4, type ext4) getxattr errno 117
[  150.921912][ T8034] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.950880][ T8034] netlink: 'syz.4.1602': attribute type 21 has an invalid length.
[  151.092682][ T8060] hub 9-0:1.0: USB hub found
[  151.097559][ T8060] hub 9-0:1.0: 8 ports detected
[  151.111749][ T8058] loop2: detected capacity change from 0 to 2048
[  151.166567][ T8058] Alternate GPT is invalid, using primary GPT.
[  151.173176][ T8058]  loop2: p2 p3 p7
[  151.228037][ T8071] loop2: detected capacity change from 0 to 2048
[  151.250773][ T8075] netlink: 'syz.3.1620': attribute type 21 has an invalid length.
[  151.263342][ T8075] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  151.292360][ T8071]  loop2: p1 < > p4
[  151.298858][ T8071] loop2: p4 size 8388608 extends beyond EOD, truncated
[  151.306825][ T8075] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  152.067826][ T8116] netlink: 'syz.0.1637': attribute type 21 has an invalid length.
[  152.080204][ T8116] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  152.131460][ T8117] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  152.235639][ T8121] netlink: 'syz.0.1639': attribute type 2 has an invalid length.
[  152.265668][ T8125] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1641'.
[  152.275104][ T8125] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1641'.
[  152.285449][ T8125] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1641'.
[  152.294974][ T8125] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1641'.
[  152.343697][ T8133] loop4: detected capacity change from 0 to 1024
[  152.353056][ T8133] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.371883][ T8133] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  152.371883][ T8133]    program wÞ£ÿ not setting count and/or reply_len properly
[  152.402388][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.458672][ T8145] loop2: detected capacity change from 0 to 512
[  152.465197][ T8143] loop4: detected capacity change from 0 to 1024
[  152.473281][ T8143] EXT4-fs (loop4): bad geometry: block count 1310720 exceeds size of device (512 blocks)
[  152.477765][ T8145] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  152.491388][ T8145] System zones: 1-12
[  152.495594][ T8145] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 3: comm syz.2.1649: lblock 0 mapped to illegal pblock 3 (length 1)
[  152.510050][ T8143] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1647'.
[  152.519192][ T8145] EXT4-fs warning (device loop2): dx_probe:791: inode #2: lblock 0: comm syz.2.1649: error -117 reading directory block
[  152.531864][ T8145] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  152.540575][ T8145] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.553549][ T8145] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #2: comm syz.2.1649: corrupted xattr block 255: invalid header
[  152.567168][ T8145] SELinux: (dev loop2, type ext4) getxattr errno 117
[  152.574423][ T8145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.588443][   T29] kauditd_printk_skb: 236 callbacks suppressed
[  152.588462][   T29] audit: type=1400 audit(1748676638.786:4021): avc:  denied  { read } for  pid=8144 comm="syz.2.1649" dev="nsfs" ino=4026532591 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  152.590326][ T8145] netlink: 'syz.2.1649': attribute type 21 has an invalid length.
[  152.594899][   T29] audit: type=1400 audit(1748676638.786:4022): avc:  denied  { open } for  pid=8144 comm="syz.2.1649" path="net:[4026532591]" dev="nsfs" ino=4026532591 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  152.627041][ T8145] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  152.647608][   T29] audit: type=1400 audit(1748676638.786:4023): avc:  denied  { create } for  pid=8144 comm="syz.2.1649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  152.674742][   T29] audit: type=1400 audit(1748676638.816:4024): avc:  denied  { create } for  pid=8144 comm="syz.2.1649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  152.694495][   T29] audit: type=1400 audit(1748676638.816:4025): avc:  denied  { create } for  pid=8144 comm="syz.2.1649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  152.715227][   T29] audit: type=1400 audit(1748676638.816:4026): avc:  denied  { create } for  pid=8144 comm="syz.2.1649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  152.740115][ T8150] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  152.755554][   T29] audit: type=1400 audit(1748676638.956:4027): avc:  denied  { bind } for  pid=8151 comm="syz.4.1651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  152.777986][   T29] audit: type=1400 audit(1748676638.956:4028): avc:  denied  { setopt } for  pid=8151 comm="syz.4.1651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  152.798881][   T29] audit: type=1400 audit(1748676638.956:4029): avc:  denied  { write } for  pid=8151 comm="syz.4.1651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  152.820618][   T29] audit: type=1400 audit(1748676639.016:4030): avc:  denied  { execmem } for  pid=8153 comm="syz.4.1652" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  152.920861][ T8160] loop2: detected capacity change from 0 to 2048
[  152.946612][ T8163] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1656'.
[  152.956003][ T8163] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1656'.
[  152.965551][ T8163] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1656'.
[  152.974662][ T8163] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1656'.
[  153.333600][ T8200] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1671'.
[  153.363202][ T8206] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  153.371580][ T8206] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  153.801292][ T8270] loop4: detected capacity change from 0 to 512
[  153.810098][ T8270] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  153.818973][ T8270] System zones: 1-12
[  153.823332][ T8270] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 3: comm syz.4.1698: lblock 0 mapped to illegal pblock 3 (length 1)
[  153.838671][ T8270] EXT4-fs warning (device loop4): dx_probe:791: inode #2: lblock 0: comm syz.4.1698: error -117 reading directory block
[  153.852038][ T8270] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  153.860811][ T8270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.874740][ T8270] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #2: comm syz.4.1698: corrupted xattr block 255: invalid header
[  153.888400][ T8270] SELinux: (dev loop4, type ext4) getxattr errno 117
[  153.889001][ T8270] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.900175][ T8270] netlink: 'syz.4.1698': attribute type 21 has an invalid length.
[  154.344655][ T8292] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  154.344655][ T8292]    program wÞ£ÿ not setting count and/or reply_len properly
[  154.847951][ T8323] loop2: detected capacity change from 0 to 512
[  154.874663][ T8323] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  154.884714][ T8323] EXT4-fs (loop2): orphan cleanup on readonly fs
[  154.897872][ T8323] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1720: corrupted inode contents
[  154.910386][ T8323] EXT4-fs (loop2): Remounting filesystem read-only
[  154.917179][ T8323] EXT4-fs (loop2): 1 truncate cleaned up
[  154.923128][ T3407] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  154.934256][ T3407] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  154.944884][ T3407] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  154.956019][ T8323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  154.985092][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.164918][ T8366] loop4: detected capacity change from 0 to 2048
[  155.199942][ T8369] loop2: detected capacity change from 0 to 512
[  155.213235][ T8369] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  155.221849][ T8369] EXT4-fs (loop2): orphan cleanup on readonly fs
[  155.230043][ T8369] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1737: corrupted inode contents
[  155.250361][ T8369] EXT4-fs (loop2): Remounting filesystem read-only
[  155.257219][ T8369] EXT4-fs (loop2): 1 truncate cleaned up
[  155.264490][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  155.275081][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  155.285918][   T31] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  155.296755][ T8369] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  155.319832][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.594278][ T8406] loop2: detected capacity change from 0 to 1024
[  155.613447][ T8406] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.633071][ T8406] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  155.633071][ T8406]    program wÞ£ÿ not setting count and/or reply_len properly
[  155.663092][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.705365][ T8420] loop2: detected capacity change from 0 to 512
[  155.713731][ T8420] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  155.721905][ T8420] System zones: 1-12
[  155.726274][ T8420] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 3: comm syz.2.1757: lblock 0 mapped to illegal pblock 3 (length 1)
[  155.741049][ T8420] EXT4-fs warning (device loop2): dx_probe:791: inode #2: lblock 0: comm syz.2.1757: error -117 reading directory block
[  155.754396][ T8420] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  155.763142][ T8420] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.776554][ T8420] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #2: comm syz.2.1757: corrupted xattr block 255: invalid header
[  155.790157][ T8420] SELinux: (dev loop2, type ext4) getxattr errno 117
[  155.797613][ T8420] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.812070][ T8420] netlink: 'syz.2.1757': attribute type 21 has an invalid length.
[  155.825149][ T8420] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  155.875697][ T8427] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  156.021093][ T8435] loop2: detected capacity change from 0 to 2048
[  156.065579][ T8441] loop2: detected capacity change from 0 to 512
[  156.092963][ T8441] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  156.101779][ T8441] EXT4-fs (loop2): orphan cleanup on readonly fs
[  156.109960][ T8441] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1764: corrupted inode contents
[  156.124270][ T8441] EXT4-fs (loop2): Remounting filesystem read-only
[  156.131374][ T8441] EXT4-fs (loop2): 1 truncate cleaned up
[  156.137378][ T3332] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  156.148460][ T3332] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  156.160320][ T3332] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  156.171681][ T8441] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  156.198298][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.238725][ T8459] loop2: detected capacity change from 0 to 128
[  156.245688][ T8459] vfat: Unknown parameter 'ÿ'
[  156.252095][ T8459] netlink: 'syz.2.1771': attribute type 2 has an invalid length.
[  156.465721][ T8466] loop4: detected capacity change from 0 to 2048
[  156.531907][ T8472] loop4: detected capacity change from 0 to 2048
[  156.562933][ T8472]  loop4: p1 < > p4
[  156.567973][ T8472] loop4: p4 size 8388608 extends beyond EOD, truncated
[  156.617057][ T8477] loop4: detected capacity change from 0 to 512
[  156.632444][ T8477] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  156.642836][ T8477] EXT4-fs (loop4): orphan cleanup on readonly fs
[  156.656219][ T8477] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.1779: corrupted inode contents
[  156.670212][ T8486] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  156.677157][ T8477] EXT4-fs (loop4): Remounting filesystem read-only
[  156.684148][ T8477] EXT4-fs (loop4): 1 truncate cleaned up
[  156.690070][  T167] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  156.700721][  T167] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  156.713506][  T167] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  156.725552][ T8477] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  156.742710][ T8489] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  156.763575][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.774740][ T8491] netlink: 'syz.0.1785': attribute type 21 has an invalid length.
[  156.789187][ T8491] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  156.839918][ T8500] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  156.883474][ T8505] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  156.891826][ T8505] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  156.957614][ T8510] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  156.957614][ T8510]    program wÞ£ÿ not setting count and/or reply_len properly
[  157.036805][ T8516] hub 9-0:1.0: USB hub found
[  157.041702][ T8516] hub 9-0:1.0: 8 ports detected
[  157.154387][ T8528] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  157.154438][ T8526] loop2: detected capacity change from 0 to 2048
[  157.173059][ T8526] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.185283][ T8526] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.203993][ T8531] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  157.221475][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.309878][ T8533] loop2: detected capacity change from 0 to 512
[  157.319516][ T8533] EXT4-fs: Ignoring removed oldalloc option
[  157.340210][ T8537] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  157.340210][ T8537]    program syz.0.1804 not setting count and/or reply_len properly
[  157.359713][ T8533] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1802: Parent and EA inode have the same ino 15
[  157.376915][ T8533] EXT4-fs (loop2): Remounting filesystem read-only
[  157.384613][ T8533] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  157.397214][ T8533] EXT4-fs (loop2): 1 orphan inode deleted
[  157.405457][ T8533] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.484094][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.509388][ T8543] loop2: detected capacity change from 0 to 2048
[  157.534849][ T8543] Alternate GPT is invalid, using primary GPT.
[  157.541370][ T8543]  loop2: p2 p3 p7
[  157.568796][ T8545] loop2: detected capacity change from 0 to 128
[  157.575628][ T8545] vfat: Unknown parameter 'ÿ'
[  157.581890][ T8545] netlink: 'syz.2.1807': attribute type 2 has an invalid length.
[  157.733771][ T8549] __nla_validate_parse: 30 callbacks suppressed
[  157.733787][ T8549] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1809'.
[  157.749529][ T8549] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1809'.
[  158.043638][ T8567] hub 9-0:1.0: USB hub found
[  158.048388][ T8567] hub 9-0:1.0: 8 ports detected
[  158.228089][ T8572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1820'.
[  158.237441][ T8572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1820'.
[  158.261607][ T8574] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  158.261607][ T8574]    program syz.0.1821 not setting count and/or reply_len properly
[  158.358709][   T29] kauditd_printk_skb: 228 callbacks suppressed
[  158.358729][   T29] audit: type=1326 audit(1748676644.556:4235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  158.389427][   T29] audit: type=1326 audit(1748676644.556:4236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f987e82e969 code=0x7ffc0000
[  158.413067][   T29] audit: type=1326 audit(1748676644.556:4237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8583 comm="syz.4.1826" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f987e82e969 code=0x0
[  158.436350][   T29] audit: type=1326 audit(1748676644.566:4238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8585 comm="syz.0.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  158.442498][ T8590] loop2: detected capacity change from 0 to 512
[  158.459881][   T29] audit: type=1326 audit(1748676644.566:4239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8585 comm="syz.0.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  158.470223][ T8590] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  158.489778][   T29] audit: type=1326 audit(1748676644.566:4240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8585 comm="syz.0.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  158.498643][ T8590] System zones: 
[  158.521219][   T29] audit: type=1326 audit(1748676644.566:4241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8585 comm="syz.0.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  158.521272][   T29] audit: type=1326 audit(1748676644.566:4242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8585 comm="syz.0.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  158.521299][   T29] audit: type=1326 audit(1748676644.566:4243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8585 comm="syz.0.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  158.525003][ T8590] 1-12
[  158.548714][   T29] audit: type=1326 audit(1748676644.566:4244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8585 comm="syz.0.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  158.572121][ T8590] 
[  158.572495][ T8590] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 3: comm syz.2.1829: lblock 0 mapped to illegal pblock 3 (length 1)
[  158.638968][ T8590] EXT4-fs warning (device loop2): dx_probe:791: inode #2: lblock 0: comm syz.2.1829: error -117 reading directory block
[  158.651876][ T8590] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  158.660717][ T8590] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.673511][ T8590] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #2: comm syz.2.1829: corrupted xattr block 255: invalid header
[  158.686991][ T8590] SELinux: (dev loop2, type ext4) getxattr errno 117
[  158.694600][ T8590] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.829316][ T8600] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1832'.
[  158.839182][ T8600] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1832'.
[  158.865008][ T8602] loop2: detected capacity change from 0 to 512
[  158.873311][ T8602] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  158.881417][ T8602] System zones: 1-12
[  158.885553][ T8602] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 3: comm syz.2.1833: lblock 0 mapped to illegal pblock 3 (length 1)
[  158.899783][ T8602] EXT4-fs warning (device loop2): dx_probe:791: inode #2: lblock 0: comm syz.2.1833: error -117 reading directory block
[  158.912484][ T8602] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  158.921164][ T8602] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.933932][ T8602] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #2: comm syz.2.1833: corrupted xattr block 255: invalid header
[  158.947319][ T8602] SELinux: (dev loop2, type ext4) getxattr errno 117
[  158.961843][ T8602] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.984804][ T8602] netlink: 'syz.2.1833': attribute type 21 has an invalid length.
[  159.000313][ T8602] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  159.051317][ T8620] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  159.248298][ T8644] loop4: detected capacity change from 0 to 2048
[  159.287948][ T8644] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.300983][ T8644] ext4 filesystem being mounted at /388/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.675693][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.303237][ T8694] netlink: 'syz.3.1870': attribute type 2 has an invalid length.
[  160.579112][ T8702] loop4: detected capacity change from 0 to 2048
[  160.613783][ T8702] Alternate GPT is invalid, using primary GPT.
[  160.620267][ T8702]  loop4: p2 p3 p7
[  160.666545][ T8708] hub 9-0:1.0: USB hub found
[  160.677516][ T8708] hub 9-0:1.0: 8 ports detected
[  160.880552][ T8729] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1885'.
[  160.895945][ T8729] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1885'.
[  160.929442][ T8733] netlink: 'syz.0.1887': attribute type 21 has an invalid length.
[  160.942437][ T8733] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  160.993899][ T8734] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  161.166990][ T8747] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  161.166990][ T8747]    program wÞ£ÿ not setting count and/or reply_len properly
[  161.342206][ T8772] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1905'.
[  161.352547][ T8772] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1905'.
[  161.376117][ T8775] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  161.376117][ T8775]    program wÞ£ÿ not setting count and/or reply_len properly
[  161.669218][ T8806] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  161.669218][ T8806]    program wÞ£ÿ not setting count and/or reply_len properly
[  161.836654][ T8830] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  161.836654][ T8830]    program wÞ£ÿ not setting count and/or reply_len properly
[  161.863691][ T8828] loop4: detected capacity change from 0 to 2048
[  161.881002][ T8832] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  161.891681][ T8828] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.904426][ T8828] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.931990][ T8836] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  161.950460][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.084032][ T8850] hub 9-0:1.0: USB hub found
[  162.088873][ T8850] hub 9-0:1.0: 8 ports detected
[  162.318916][ T8862] loop2: detected capacity change from 0 to 512
[  162.323477][ T8869] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  162.340040][ T8872] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  162.340040][ T8872]    program wÞ£ÿ not setting count and/or reply_len properly
[  162.357662][ T8862] EXT4-fs: Ignoring removed oldalloc option
[  162.377103][ T8877] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  162.399197][ T8862] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1946: Parent and EA inode have the same ino 15
[  162.415844][ T8862] EXT4-fs (loop2): Remounting filesystem read-only
[  162.424286][ T8862] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  162.438282][ T8862] EXT4-fs (loop2): 1 orphan inode deleted
[  162.447498][ T8862] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.528280][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.621760][ T8899] loop2: detected capacity change from 0 to 2048
[  162.721657][ T8913] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  162.721657][ T8913]    program wÞ£ÿ not setting count and/or reply_len properly
[  162.879993][ T8931] hub 9-0:1.0: USB hub found
[  162.887686][ T8931] hub 9-0:1.0: 8 ports detected
[  162.912528][ T8935] __nla_validate_parse: 2 callbacks suppressed
[  162.912548][ T8935] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1976'.
[  162.943689][ T8939] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  162.943689][ T8939]    program wÞ£ÿ not setting count and/or reply_len properly
[  162.985136][ T8944] loop2: detected capacity change from 0 to 128
[  162.991977][ T8944] vfat: Unknown parameter 'ÿ'
[  162.997996][ T8944] netlink: 'syz.2.1981': attribute type 2 has an invalid length.
[  163.529172][   T29] kauditd_printk_skb: 135 callbacks suppressed
[  163.529190][   T29] audit: type=1400 audit(1748676649.726:4380): avc:  denied  { execmem } for  pid=8959 comm="syz.0.1988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  163.623694][   T29] audit: type=1400 audit(1748676649.826:4381): avc:  denied  { create } for  pid=8959 comm="syz.0.1988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  163.643470][   T29] audit: type=1400 audit(1748676649.826:4382): avc:  denied  { bind } for  pid=8959 comm="syz.0.1988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  163.663354][   T29] audit: type=1400 audit(1748676649.826:4383): avc:  denied  { setopt } for  pid=8959 comm="syz.0.1988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  163.683371][   T29] audit: type=1400 audit(1748676649.826:4384): avc:  denied  { write } for  pid=8959 comm="syz.0.1988" path="socket:[23809]" dev="sockfs" ino=23809 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  163.859629][   T29] audit: type=1400 audit(1748676650.056:4385): avc:  denied  { allowed } for  pid=8974 comm="syz.2.1995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  163.879064][   T29] audit: type=1400 audit(1748676650.056:4386): avc:  denied  { create } for  pid=8974 comm="syz.2.1995" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  163.900626][   T29] audit: type=1400 audit(1748676650.056:4387): avc:  denied  { map } for  pid=8974 comm="syz.2.1995" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=23434 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  163.925267][   T29] audit: type=1400 audit(1748676650.056:4388): avc:  denied  { read write } for  pid=8974 comm="syz.2.1995" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=23434 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  164.015068][ T8987] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2001'.
[  164.015279][ T8983] loop2: detected capacity change from 0 to 2048
[  164.072495][ T8983]  loop2: p1 < > p4
[  164.079066][ T8983] loop2: p4 size 8388608 extends beyond EOD, truncated
[  164.088478][ T8991] netlink: 'syz.1.2003': attribute type 2 has an invalid length.
[  164.101227][   T29] audit: type=1400 audit(1748676650.296:4389): avc:  denied  { read write } for  pid=8982 comm="syz.2.1999" name="loop2p4" dev="devtmpfs" ino=948 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  164.246506][ T9010] loop2: detected capacity change from 0 to 128
[  164.253306][ T9010] vfat: Unknown parameter 'ÿ'
[  164.259283][ T9010] netlink: 'syz.2.2012': attribute type 2 has an invalid length.
[  164.282958][ T9012] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2013'.
[  164.323609][ T9017] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2015'.
[  164.351193][ T9019] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  164.351193][ T9019]    program wÞ£ÿ not setting count and/or reply_len properly
[  164.631328][   T36] page_pool_release_retry() stalled pool shutdown: id 52, 1 inflight 61 sec
[  164.892338][ T9027] loop4: detected capacity change from 0 to 2048
[  164.931822][ T9027]  loop4: p1 < > p4
[  164.936295][ T9027] loop4: p4 size 8388608 extends beyond EOD, truncated
[  164.978554][ T9035] hub 9-0:1.0: USB hub found
[  164.983807][ T9035] hub 9-0:1.0: 8 ports detected
[  165.050461][ T9039] loop4: detected capacity change from 0 to 8192
[  165.161701][ T9058] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2034'.
[  165.202068][ T9060] netlink: 'syz.0.2035': attribute type 21 has an invalid length.
[  165.214142][ T9060] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  165.253358][ T9062] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  165.253358][ T9062]    program wÞ£ÿ not setting count and/or reply_len properly
[  165.285730][ T9063] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  165.548389][ T9091] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  165.548389][ T9091]    program wÞ£ÿ not setting count and/or reply_len properly
[  165.649144][ T9094] loop2: detected capacity change from 0 to 128
[  165.661834][ T9094] vfat: Unknown parameter 'ÿ'
[  165.792226][ T9094] netlink: 'syz.2.2050': attribute type 2 has an invalid length.
[  165.955941][ T9102] hub 9-0:1.0: USB hub found
[  165.961213][ T9102] hub 9-0:1.0: 8 ports detected
[  166.317484][ T9129] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  166.325786][ T9129] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  166.665367][ T9144] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2069'.
[  166.675086][ T9144] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2069'.
[  166.952074][ T9162] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2078'.
[  167.004309][ T9172] hub 9-0:1.0: USB hub found
[  167.010069][ T9172] hub 9-0:1.0: 8 ports detected
[  167.068353][ T9178] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2084'.
[  167.078067][ T9178] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2084'.
[  167.929658][ T9241] hub 9-0:1.0: USB hub found
[  167.935348][ T9241] hub 9-0:1.0: 8 ports detected
[  168.297376][ T9262] loop4: detected capacity change from 0 to 2048
[  168.353956][ T9262] Alternate GPT is invalid, using primary GPT.
[  168.360548][ T9262]  loop4: p2 p3 p7
[  168.395595][ T9270] netlink: 'syz.0.2126': attribute type 2 has an invalid length.
[  168.555523][ T9275] loop4: detected capacity change from 0 to 2048
[  168.601647][ T9277] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  168.602224][ T9275]  loop4: p1 < > p4
[  168.613180][ T9275] loop4: p4 size 8388608 extends beyond EOD, truncated
[  168.651975][ T9278] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  168.652700][ T9280] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  168.652700][ T9280]    program wÞ£ÿ not setting count and/or reply_len properly
[  168.748535][ T9290] netlink: 'syz.3.2135': attribute type 2 has an invalid length.
[  169.247603][ T9310] __nla_validate_parse: 2 callbacks suppressed
[  169.247623][ T9310] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2143'.
[  169.341933][   T29] kauditd_printk_skb: 16 callbacks suppressed
[  169.341948][   T29] audit: type=1326 audit(1748676655.546:4406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9313 comm="syz.0.2145" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x0
[  169.715447][ T9334] hub 9-0:1.0: USB hub found
[  169.720194][ T9334] hub 9-0:1.0: 8 ports detected
[  169.787208][ T9340] netlink: 'syz.3.2154': attribute type 2 has an invalid length.
[  169.805156][ T9342] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  169.856513][ T9343] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  169.897666][ T9345] loop4: detected capacity change from 0 to 2048
[  169.944628][ T9351] loop4: detected capacity change from 0 to 128
[  169.951693][ T9351] vfat: Unknown parameter 'ÿ'
[  169.957712][ T9351] netlink: 'syz.4.2158': attribute type 2 has an invalid length.
[  170.824522][ T9373] loop4: detected capacity change from 0 to 2048
[  171.008759][ T9379] loop4: detected capacity change from 0 to 2048
[  171.074264][ T9379] Alternate GPT is invalid, using primary GPT.
[  171.080702][ T9379]  loop4: p2 p3 p7
[  171.167780][ T9381] loop4: detected capacity change from 0 to 1024
[  171.184969][ T9381] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.205708][ T9381] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  171.205708][ T9381]    program wÞ£ÿ not setting count and/or reply_len properly
[  171.273926][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.337972][ T9390] loop4: detected capacity change from 0 to 2048
[  171.405205][ T9390]  loop4: p1 < > p4
[  171.414180][ T9390] loop4: p4 size 8388608 extends beyond EOD, truncated
[  171.514241][ T9398] loop4: detected capacity change from 0 to 2048
[  171.534895][ T9398] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.548409][ T9398] ext4 filesystem being mounted at /453/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.664524][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.689051][ T9404] loop4: detected capacity change from 0 to 128
[  171.701580][ T9404] vfat: Unknown parameter 'ÿ'
[  171.716062][ T9404] netlink: 'syz.4.2179': attribute type 2 has an invalid length.
[  171.725621][ T9406] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  171.725621][ T9406]    program wÞ£ÿ not setting count and/or reply_len properly
[  171.883187][ T9413] hub 9-0:1.0: USB hub found
[  171.887912][ T9413] hub 9-0:1.0: 8 ports detected
[  172.123673][ T9425] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  172.174087][ T9426] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  172.271561][ T9434] netlink: 'syz.1.2193': attribute type 2 has an invalid length.
[  172.306416][ T9438] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2195'.
[  172.316688][ T9438] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2195'.
[  172.409566][ T9442] loop2: detected capacity change from 0 to 512
[  172.418399][ T9442] EXT4-fs: Ignoring removed oldalloc option
[  172.432300][ T9442] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.2197: Parent and EA inode have the same ino 15
[  172.446042][ T9442] EXT4-fs (loop2): Remounting filesystem read-only
[  172.453391][ T9442] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  172.464082][ T9442] EXT4-fs (loop2): 1 orphan inode deleted
[  172.476312][ T9442] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.555914][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.620325][ T9457] loop4: detected capacity change from 0 to 2048
[  172.648494][ T9459] loop4: detected capacity change from 0 to 512
[  172.656501][ T9459] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  172.664633][ T9459] System zones: 1-12
[  172.668774][ T9459] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 3: comm syz.4.2204: lblock 0 mapped to illegal pblock 3 (length 1)
[  172.684642][ T9459] EXT4-fs warning (device loop4): dx_probe:791: inode #2: lblock 0: comm syz.4.2204: error -117 reading directory block
[  172.703770][ T9459] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  172.712496][ T9459] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.714592][ T9466] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2207'.
[  172.726159][ T9459] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #2: comm syz.4.2204: corrupted xattr block 255: invalid header
[  172.740674][ T9466] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2207'.
[  172.749318][ T9459] SELinux: (dev loop4, type ext4) getxattr errno 117
[  172.763976][ T9459] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.784843][ T9459] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  172.828045][ T9459] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  172.920508][ T9482] hub 9-0:1.0: USB hub found
[  172.925499][ T9482] hub 9-0:1.0: 8 ports detected
[  173.142036][ T9495] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2220'.
[  173.156214][ T9495] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2220'.
[  173.190146][   T29] audit: type=1400 audit(1748676659.386:4407): avc:  denied  { create } for  pid=9496 comm="syz.1.2221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  173.307143][ T9508] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  173.368098][ T9509] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  173.486550][ T9513] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2225'.
[  173.795291][ T9523] netlink: 'syz.3.2230': attribute type 2 has an invalid length.
[  173.854556][   T29] audit: type=1326 audit(1748676660.056:4408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9528 comm="syz.2.2233" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1a1262e969 code=0x0
[  173.886177][ T9531] xt_hashlimit: max too large, truncated to 1048576
[  173.894009][ T9532] xt_hashlimit: max too large, truncated to 1048576
[  173.906187][ T9531] hsr0: entered promiscuous mode
[  173.908300][ T9533] usb usb7: usbfs: process 9533 (syz.2.2233) did not claim interface 8 before use
[  173.920519][   T29] audit: type=1400 audit(1748676660.106:4409): avc:  denied  { name_bind } for  pid=9528 comm="syz.2.2233" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  173.942269][   T29] audit: type=1400 audit(1748676660.106:4410): avc:  denied  { node_bind } for  pid=9528 comm="syz.2.2233" saddr=224.0.0.2 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  173.964481][   T29] audit: type=1400 audit(1748676660.106:4411): avc:  denied  { append } for  pid=9528 comm="syz.2.2233" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  174.109443][   T29] audit: type=1326 audit(1748676660.306:4412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9548 comm="syz.0.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  174.133859][   T29] audit: type=1326 audit(1748676660.336:4413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9548 comm="syz.0.2241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  174.157876][   T29] audit: type=1326 audit(1748676660.336:4414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9548 comm="syz.0.2241" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x0
[  174.320228][ T9564] hub 9-0:1.0: USB hub found
[  174.325136][ T9564] hub 9-0:1.0: 8 ports detected
[  174.551024][   T29] audit: type=1400 audit(1748676660.746:4415): avc:  denied  { setopt } for  pid=9579 comm="syz.1.2255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  174.571089][   T29] audit: type=1400 audit(1748676660.746:4416): avc:  denied  { write } for  pid=9579 comm="syz.1.2255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  174.596311][   T29] audit: type=1400 audit(1748676660.796:4417): avc:  denied  { ioctl } for  pid=9579 comm="syz.1.2255" path="socket:[26698]" dev="sockfs" ino=26698 ioctlcmd=0x9432 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  174.685144][ T9590] hub 9-0:1.0: USB hub found
[  174.690065][ T9590] hub 9-0:1.0: 8 ports detected
[  174.727720][ T9592] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  174.736037][ T9592] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  175.005232][ T9622] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  175.086605][   T29] audit: type=1400 audit(1748676661.276:4418): avc:  denied  { mount } for  pid=9621 comm="+}[@" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  175.138265][ T9626] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  175.138265][ T9626]    program wÞ£ÿ not setting count and/or reply_len properly
[  175.189927][ T9630] loop4: detected capacity change from 0 to 2048
[  175.286524][ T9630] Alternate GPT is invalid, using primary GPT.
[  175.292893][ T9630]  loop4: p2 p3 p7
[  175.379595][   T29] audit: type=1326 audit(1748676661.566:4419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9647 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  175.403131][   T29] audit: type=1326 audit(1748676661.566:4420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9647 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  175.426585][   T29] audit: type=1326 audit(1748676661.566:4421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9647 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  175.449981][   T29] audit: type=1326 audit(1748676661.566:4422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9647 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  175.473497][   T29] audit: type=1326 audit(1748676661.566:4423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9647 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  175.496933][   T29] audit: type=1326 audit(1748676661.576:4424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9647 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b414de969 code=0x7ffc0000
[  175.553059][ T9646] loop4: detected capacity change from 0 to 2048
[  175.590294][ T9658] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  175.590294][ T9658]    program wÞ£ÿ not setting count and/or reply_len properly
[  175.654020][ T9646]  loop4: p1 < > p4
[  175.671429][ T9665] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  175.679994][ T9665] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  175.689981][ T9646] loop4: p4 size 8388608 extends beyond EOD, truncated
[  175.830554][ T9674] loop4: detected capacity change from 0 to 2048
[  175.904117][ T9674] Alternate GPT is invalid, using primary GPT.
[  175.910568][ T9674]  loop4: p2 p3 p7
[  176.027732][ T9688] loop4: detected capacity change from 0 to 2048
[  176.078913][ T9694] loop2: detected capacity change from 0 to 2048
[  176.122700][ T9694]  loop2: p1 < > p4
[  176.128403][ T9694] loop2: p4 size 8388608 extends beyond EOD, truncated
[  176.140323][ T9700] loop4: detected capacity change from 0 to 128
[  176.147002][ T9700] vfat: Unknown parameter 'ÿ'
[  176.152790][ T9700] netlink: 'syz.4.2307': attribute type 2 has an invalid length.
[  176.224044][ T9706] loop2: detected capacity change from 0 to 2048
[  176.232152][ T9704] FAULT_INJECTION: forcing a failure.
[  176.232152][ T9704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.245331][ T9704] CPU: 0 UID: 0 PID: 9704 Comm: syz.4.2309 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  176.245366][ T9704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  176.245454][ T9704] Call Trace:
[  176.245460][ T9704]  <TASK>
[  176.245505][ T9704]  __dump_stack+0x1d/0x30
[  176.245526][ T9704]  dump_stack_lvl+0xe8/0x140
[  176.245545][ T9704]  dump_stack+0x15/0x1b
[  176.245565][ T9704]  should_fail_ex+0x265/0x280
[  176.245611][ T9704]  should_fail+0xb/0x20
[  176.245699][ T9704]  should_fail_usercopy+0x1a/0x20
[  176.245723][ T9704]  _copy_from_iter+0xcf/0xe40
[  176.245746][ T9704]  ? __build_skb_around+0x1a0/0x200
[  176.245808][ T9704]  ? __alloc_skb+0x223/0x320
[  176.245832][ T9704]  netlink_sendmsg+0x471/0x6b0
[  176.245871][ T9704]  ? __pfx_netlink_sendmsg+0x10/0x10
[  176.245930][ T9704]  __sock_sendmsg+0x142/0x180
[  176.245968][ T9704]  ____sys_sendmsg+0x31e/0x4e0
[  176.246032][ T9704]  ___sys_sendmsg+0x17b/0x1d0
[  176.246086][ T9704]  __x64_sys_sendmsg+0xd4/0x160
[  176.246190][ T9704]  x64_sys_call+0x2999/0x2fb0
[  176.246216][ T9704]  do_syscall_64+0xd2/0x200
[  176.246272][ T9704]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  176.246297][ T9704]  ? clear_bhb_loop+0x40/0x90
[  176.246333][ T9704]  ? clear_bhb_loop+0x40/0x90
[  176.246360][ T9704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.246386][ T9704] RIP: 0033:0x7f987e82e969
[  176.246404][ T9704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.246463][ T9704] RSP: 002b:00007f987ce97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  176.246529][ T9704] RAX: ffffffffffffffda RBX: 00007f987ea55fa0 RCX: 00007f987e82e969
[  176.246544][ T9704] RDX: 0000000000000084 RSI: 00002000000003c0 RDI: 0000000000000008
[  176.246559][ T9704] RBP: 00007f987ce97090 R08: 0000000000000000 R09: 0000000000000000
[  176.246574][ T9704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.246595][ T9704] R13: 0000000000000000 R14: 00007f987ea55fa0 R15: 00007ffee7f70b28
[  176.246622][ T9704]  </TASK>
[  176.512184][ T9706] Alternate GPT is invalid, using primary GPT.
[  176.518571][ T9706]  loop2: p2 p3 p7
[  176.673902][ T9729] pim6reg1: entered promiscuous mode
[  176.679301][ T9729] pim6reg1: entered allmulticast mode
[  176.828227][ T9749] pim6reg1: entered promiscuous mode
[  176.833662][ T9749] pim6reg1: entered allmulticast mode
[  177.326432][ T9783] bond_slave_1: mtu less than device minimum
[  177.469807][ T9797] pim6reg1: entered promiscuous mode
[  177.475258][ T9797] pim6reg1: entered allmulticast mode
[  177.950028][ T9835] bond_slave_1: mtu less than device minimum
[  178.048464][ T9838] wg2: entered promiscuous mode
[  178.053397][ T9838] wg2: entered allmulticast mode
[  178.102160][ T9837] pim6reg1: entered promiscuous mode
[  178.109538][ T9837] pim6reg1: entered allmulticast mode
[  178.190799][ T9848] pim6reg1: entered promiscuous mode
[  178.196242][ T9848] pim6reg1: entered allmulticast mode
[  178.496072][ T9871] pim6reg1: entered promiscuous mode
[  178.501585][ T9871] pim6reg1: entered allmulticast mode
[  178.646858][ T9886] bond_slave_1: mtu less than device minimum
[  178.845658][ T9901] bond_slave_1: mtu less than device minimum
[  178.916376][ T9904] wg2: entered promiscuous mode
[  178.921326][ T9904] wg2: entered allmulticast mode
[  178.945326][ T9906] wg2: entered promiscuous mode
[  178.950409][ T9906] wg2: entered allmulticast mode
[  179.041638][ T9916] bond_slave_1: mtu less than device minimum
[  179.106588][ T9923] hub 9-0:1.0: USB hub found
[  179.116532][ T9923] hub 9-0:1.0: 8 ports detected
[  179.682520][   T29] kauditd_printk_skb: 107 callbacks suppressed
[  179.682540][   T29] audit: type=1400 audit(1748676665.886:4532): avc:  denied  { name_bind } for  pid=9952 comm="syz.0.2417" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  179.734796][ T9960] bridge0: port 3(bond0) entered blocking state
[  179.741182][ T9960] bridge0: port 3(bond0) entered disabled state
[  179.747669][ T9960] bond0: entered allmulticast mode
[  179.752870][ T9960] bond_slave_0: entered allmulticast mode
[  179.758690][ T9960] bond_slave_1: entered allmulticast mode
[  179.765927][ T9960] bond0: entered promiscuous mode
[  179.771137][ T9960] bond_slave_0: entered promiscuous mode
[  179.777035][ T9960] bond_slave_1: entered promiscuous mode
[  179.783225][ T9960] bridge0: port 3(bond0) entered blocking state
[  179.789621][ T9960] bridge0: port 3(bond0) entered forwarding state
[  179.800453][ T9960] bond0: left allmulticast mode
[  179.805387][ T9960] bond_slave_0: left allmulticast mode
[  179.810898][ T9960] bond_slave_1: left allmulticast mode
[  179.816413][ T9960] bond0: left promiscuous mode
[  179.821348][ T9960] bond_slave_0: left promiscuous mode
[  179.826961][ T9960] bond_slave_1: left promiscuous mode
[  179.832664][ T9960] bridge0: port 3(bond0) entered disabled state
[  179.875802][ T9965] loop4: detected capacity change from 0 to 128
[  179.877289][ T9967] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  179.877289][ T9967]    program wÞ£ÿ not setting count and/or reply_len properly
[  179.884787][ T9965] vfat: Unknown parameter 'ÿ'
[  179.919334][ T9965] netlink: 'syz.4.2425': attribute type 2 has an invalid length.
[  180.015033][ T9975] loop2: detected capacity change from 0 to 2048
[  180.078132][ T9980] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2432'.
[  180.100357][ T9980] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2432'.
[  180.232395][ T9995] loop2: detected capacity change from 0 to 2048
[  180.259004][ T9928] ==================================================================
[  180.267140][ T9928] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  180.274995][ T9928] 
[  180.277327][ T9928] write to 0xffffea00046e7198 of 8 bytes by task 9745 on cpu 0:
[  180.284953][ T9928]  __filemap_remove_folio+0x1a5/0x2a0
[  180.290353][ T9928]  filemap_remove_folio+0x6d/0x1d0
[  180.295513][ T9928]  truncate_inode_folio+0x42/0x50
[  180.300549][ T9928]  shmem_undo_range+0x244/0xa80
[  180.305423][ T9928]  shmem_evict_inode+0x134/0x520
[  180.310379][ T9928]  evict+0x2e3/0x550
[  180.314324][ T9928]  iput+0x447/0x5b0
[  180.318136][ T9928]  dentry_unlink_inode+0x24f/0x260
[  180.323261][ T9928]  __dentry_kill+0x18d/0x4b0
[  180.327853][ T9928]  dput+0x5e/0xd0
[  180.331486][ T9928]  __fput+0x444/0x650
[  180.335468][ T9928]  ____fput+0x1c/0x30
[  180.339453][ T9928]  task_work_run+0x12e/0x1a0
[  180.344140][ T9928]  do_exit+0x5dd/0x16f0
[  180.348300][ T9928]  do_group_exit+0xff/0x140
[  180.352864][ T9928]  get_signal+0xe59/0xf70
[  180.357218][ T9928]  arch_do_signal_or_restart+0x96/0x480
[  180.362765][ T9928]  irqentry_exit_to_user_mode+0x5e/0xa0
[  180.368323][ T9928]  irqentry_exit+0x12/0x50
[  180.372757][ T9928]  asm_exc_page_fault+0x26/0x30
[  180.377627][ T9928] 
[  180.379955][ T9928] read to 0xffffea00046e7198 of 8 bytes by task 9928 on cpu 1:
[  180.387507][ T9928]  folio_mapping+0xa1/0x120
[  180.392026][ T9928]  evict_folios+0xdb9/0x33d0
[  180.396625][ T9928]  try_to_shrink_lruvec+0x45a/0x7e0
[  180.401832][ T9928]  shrink_lruvec+0x22e/0x1a40
[  180.406512][ T9928]  shrink_node+0x686/0x2110
[  180.411024][ T9928]  do_try_to_free_pages+0x3f6/0xcd0
[  180.416297][ T9928]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  180.422296][ T9928]  try_charge_memcg+0x3ab/0x870
[  180.427163][ T9928]  obj_cgroup_charge_pages+0xb7/0x1a0
[  180.432571][ T9928]  __memcg_kmem_charge_page+0x9f/0x170
[  180.438055][ T9928]  __alloc_frozen_pages_noprof+0x188/0x360
[  180.443883][ T9928]  alloc_pages_mpol+0xb3/0x250
[  180.448663][ T9928]  alloc_pages_noprof+0x90/0x130
[  180.453637][ T9928]  __vmalloc_node_range_noprof+0x6d5/0xe40
[  180.459494][ T9928]  __kvmalloc_node_noprof+0x312/0x4f0
[  180.464878][ T9928]  ip_set_alloc+0x1f/0x30
[  180.469305][ T9928]  hash_netiface_create+0x282/0x740
[  180.474513][ T9928]  ip_set_create+0x3c9/0x960
[  180.479135][ T9928]  nfnetlink_rcv_msg+0x4c6/0x590
[  180.484441][ T9928]  netlink_rcv_skb+0x123/0x220
[  180.489302][ T9928]  nfnetlink_rcv+0x16b/0x1690
[  180.494099][ T9928]  netlink_unicast+0x59e/0x670
[  180.498868][ T9928]  netlink_sendmsg+0x58b/0x6b0
[  180.503639][ T9928]  __sock_sendmsg+0x142/0x180
[  180.508346][ T9928]  ____sys_sendmsg+0x31e/0x4e0
[  180.513123][ T9928]  ___sys_sendmsg+0x17b/0x1d0
[  180.517828][ T9928]  __x64_sys_sendmsg+0xd4/0x160
[  180.522704][ T9928]  x64_sys_call+0x2999/0x2fb0
[  180.527391][ T9928]  do_syscall_64+0xd2/0x200
[  180.531923][ T9928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.537834][ T9928] 
[  180.540159][ T9928] value changed: 0xffff888125462d88 -> 0x0000000000000000
[  180.547267][ T9928] 
[  180.549589][ T9928] Reported by Kernel Concurrency Sanitizer on:
[  180.555736][ T9928] CPU: 1 UID: 0 PID: 9928 Comm: syz.3.2407 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(voluntary) 
[  180.567897][ T9928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  180.578063][ T9928] ==================================================================
[  180.613510][ T9995] Alternate GPT is invalid, using primary GPT.
[  180.619965][ T9995]  loop2: p2 p3 p7