last executing test programs:

2.601753743s ago: executing program 3 (id=1235):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x84)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000180)={[{@resuid}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@grpquota}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000300)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x23, 0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x105d0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x9, 0x0, 0x7, 0x5, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000280)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(r1, 0xfffffff8)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES16=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
removexattr(&(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000000)=@known='security.apparmor\x00')
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000000)=0x40000)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000007000000080000000900000001000000", @ANYRES32=r2], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xd, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x50)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0x4004743d, 0x110e22fff6)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2c, &(0x7f00000002c0)=""/243, &(0x7f00000000c0)=0xf3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000000c0))
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000640)=0x401800, 0x4b)
r5 = socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_TIMESTAMP(r6, 0x1, 0x23, &(0x7f0000000040)=0x5, 0x4)
getsockopt$SO_TIMESTAMP(r6, 0x1, 0x40, 0x0, &(0x7f0000000400))
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)

1.564225446s ago: executing program 3 (id=1255):
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x8)
flock(r0, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000180)='syzkaller\x00', 0x200, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0)

1.542022777s ago: executing program 3 (id=1257):
r0 = gettid()
r1 = socket(0x40000000015, 0x5, 0x0)
recvmmsg(r1, &(0x7f0000003c40)=[{{0x0, 0x0, 0x0}, 0x80000000}], 0x1, 0x60010002, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000940)={[{@barrier_val}, {@resuid}, {@block_validity}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000000180)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x18, 0x5, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x0, 0x1}, @ldst={0x3, 0x0, 0x3, 0xa, 0x0, 0xffffffffffffffe0}]}, &(0x7f0000000100)='GPL\x00', 0x4}, 0x94)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000300))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
r3 = syz_io_uring_setup(0x3380, &(0x7f0000000180)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
r9 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r9, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_DEL(r10, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x40030000000000}, 0x4000)
write$UHID_CREATE2(r6, &(0x7f0000000040)=ANY=[@ANYBLOB='5'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.471676683s ago: executing program 4 (id=1260):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000440)=""/183}, 0x20)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)='cpuset.mem_hardwall\x00', 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@quota}, {@debug}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
accept$phonet_pipe(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000380)=0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000700)=ANY=[@ANYBLOB="000000004c900200050000000300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000000000000000000000000004000"/192])
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x210})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r4, @ANYRESDEC=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001000000000000000000e0000001000000000008000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000001000000000000004400050020010000000000000000000000000002000000002b"], 0xfc}}, 0x200408c0)
syz_emit_ethernet(0x4e, &(0x7f0000000780)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00 \x00', 0x18, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @local, {[], @mld={0x187, 0x0, 0x0, 0x0, 0x0, @local}}}}}}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89f1, &(0x7f0000000080))

1.103074682s ago: executing program 0 (id=1269):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1.054518097s ago: executing program 4 (id=1271):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a'], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000e00)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x200010, &(0x7f0000000000)={[{@data_err_ignore}, {@errors_remount}]}, 0xfe, 0x591, &(0x7f0000000440)="$eJzs3c9rHFUcAPDvbJL+SrUplKIeJNCDldpNk/ijgod6FC0G9F5Dsg0lm27JbkoTC7YHe/EiRRCxIP4B3j0W/wEvQv+CghaKllAPXlZmM5tusrvZNN022+7nA9O+N/N237yZ+b68l7dhA+hbo+k/uYhXI+LbJOJQw7HByA6OrpVbfXB1Jt2SqFY/+zuJJNtXL59k/w9nmVci4revI07kmustL6/MTxeLhcUsP1ZZuDRWXl45eWFheq4wV7g4MTl5+p3Jifffe7f5xXtbt6XN7nVvTv37w6e3Pzr9zbHV73+5d/hmEmfiYHassR1P4FpjZjRGs2syFGc2FRzvQmW9JNntE2BHBrI4H4q0DzgUA1nUAy++ryKiurWpzkWA51MiuKFP1ccB9bn9lvPg6os3y7v/4doEqLn9ydrvRmJfbW50YDXZMDNKr8RIF+pP6/j1r1s30y2693sIgI6uXY+IU4ODG/q/l6Oh/9u5U9sos7kO/R88O7fT8c9be1uMf3Lr459oMf4ZbhG7O9E5/nP3ulBNW+n474OW49/1RauRgSz3Um3MN5Scv1AspH1b2k0ej6G9aX6r9ZzTq3erDdmBxmON4790S+uvjwWz87g3uGlha3a6Mv2k7a67fz3itQ7j36TF/U+vx9SW7/xo0e9o4dbr7UptbH/yT3P7n67qzxFvtLz/j+Y6SeP6ZNqsjeuTY7XnYaz+VDR7eOPo7+3q73z/n670/h/Yuv0jSeN6bfnx6/hp33+FdsdGk2zR9DGf/z3J57X0nmzflelKZXE8Yk/ySfP+iUevrefr5dP2Hz/WOv6bn/+H6++zPyK+2Gb7bxy50bZoL9z/2ce6/60TI9Wk3aHi3Y+//LFd/dvr/96upY5ne7bT/7U/042JJ7l2AAAAAAAA0GtyEXEwklx+PZ3L5fNrn+84EgdyxVK5cuJ8aenibNT+VnYkhnL1le7hhs9DjGefh63nJzblJyPicER8N7C/ls/PlIqzu914AAAAAAAAAAAAAAAAAAAA6BHDbf7+P/XnwG6fHfDU+cpv6F8d478b3/QE9CQ//6F/iX/oX+If+pf4h/4l/qF/iX/oX+If+pf4BwAAAAAAAAAAAAAAAAAAAAAAAAAAgK6aOns23aqrD67OpPnZy8tL86XLJ2cL5fn8wtJMfqa0eCk/VyrNFQv5mdJCp/crlkqXxidi6cpYpZBUxsrLK+cWSksXK+cuLEzPFc4Vhp5JqwAAAAAAAAAAAAAAAAAAAOD5Ul5emZ8uFguLEjtI3Mmu4uU7f8QOXp5ERA+0Yj2xbyfnM9gjJy/R3cQud0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OD/AAAA///ScyxD")
setxattr$incfs_metadata(0x0, &(0x7f00000000c0), &(0x7f0000000e00)="2abfe1a934d5a5b04ed9753331a28f4978f42a48f00e27bb88141b7fdc2ddc22727eef9e88addefbd32bb17bea881298c37e0d345a7d6a15b0cd0d9c95c82c30d86a2b1fcc66d5c7c1f52d75ffd15e8d66acdc9861a138b0b9db6dd024c71eb0872cd3000046e428ac2366cc681dd2c44f3c583aea7e356fb6badae1ab508d3fde8f7b06fc01c24c13113fc593182580b896b5db80785556dc7039b46e9aab407489a69737b0734ce25de93ec2d58c12056e75ea61c2729ee797def35128b3cf97b0b3e4c01f591471fe99d6c6e4de14aa2bc75fcca4ffb80594c94cb5ce2b14fea3b33e0e35d8ae723685cd4bd3f2b52b3d9a811f92604a63e607adb14e69c403d7101f55647cbdc96252358406f1b5c11b23b26c52b32e9f99f95de054e143060afba9ee454d2e6b4d297d31867f2ee854e72aa6a3ff7fdcbb1e613060e1e32894cc59590d63c524a69b11ee43509a360021f8c6430b05a381bb5f222ded6b1d484edc0102022b50e6c6e75d3958cdff54d0ca062a26fc135c1bf1abc1ac00000000000000cce0c0f675ac74ccaaf246039a9989588a991bbbe511e7ceb5378bcb99c5b947934f46701211d463e8c43ce368ab783f634f519157c1fc72dbc635e4889277db672a99494e92d40fc245cb55b1074236923adddedfb3fe39b41233cf5db354c23d8faa435ab8ae239639b7f6a99adcc9a3e68a0ee7f2a3db2cf9216cc85cfd4a76af69a2475ff624a93bca82f0cf1f9d96a3b8367bd1472df80ec457f4a6ef77b287829e23ba03ebe542d5bf6c095f6fc9e2620225822d8a74e6718d480dcc8b9988f47ff984b7927fcb929fe17bf89d389a0ed919a71bdaaf7b5a17aa56cd6cf359df18b4ed01b276656047913eea29be8b406b65a214395bcb4beff25978e526f928c5d80579be5aa1d66eafb283da8fa6587cadcd930b74a1fd835d722366ff5e204c8e4830e5e2455c1ce46764fa66f1f84c2bb44137d8f21470f00fe468f25c681073b75dc0dece372a028e1e7210ac4a1ee5742afae2624fa0d4475bad080582a54b1ca372cb24b96ca8e8abde2caa1819ffe3f8c95259630ac25d8ee14b4f168543744ca9c830ee316897572a1f70e85e4747959887a9f440eb7d67b1ef79b207a2520c41b52642a23a8bb7c14bef30b81c4cebd9892effe3e688fe7a3e381e3b18e8cf7155203f9f240c0e689f2cd6fd6efc2daad2215783a2a2be37e0755b02fd600f9dad0c9070977dc916a9819a92f3d8769541e3f57d7035", 0x384, 0x0)

1.053964526s ago: executing program 0 (id=1272):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00'}, 0x10)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {&(0x7f00000000c0)=""/160, 0xa0}, &(0x7f0000000340)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xfffffffefffffffe}}], 0x48, 0x8004}, 0x0) (fail_nth: 3)

993.677381ms ago: executing program 0 (id=1273):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/notes', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x104) (fail_nth: 8)

963.273254ms ago: executing program 0 (id=1274):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x3, 0x10004, 0x5}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000cf00000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000007c0)={0xa, 0x2, 0x0, @empty, 0x80000001}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @rand_addr, 0x8}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e24, 0x0, @loopback, 0x1}}, 0x0, 0x0, 0x2, 0x0, "10baa70a93289349d889de25b87376f64276337642b890d33cb5b592266c5b98fb19402835fee1b3871b7ef6619db5b2a94edb6f73ea08b02aa3b47debd38b6d889a8c986b33eb49c3157f1f370dfd67"}, 0xd8)
r4 = dup(r3)
sendto$inet6(r4, &(0x7f0000000000)="18dc90a7a6d153e64b11c1970b533764780ef498fc0b69ab8110f93aec588508c8e9dc88402776ca5e8648df03b3b488a72231acda5a5c8019d612e76f446530baffdd8262b9e13efe0d09c862804aacc80858d764f118890fe3c8d58da7e971465104700b372067b36f0573aecba20520ff09d0212c420647d7b176cc77727334cb17a6937959000000000000000000", 0xfffffcef, 0x90, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)
r7 = syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x8, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r8=>0x0, &(0x7f0000000340)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
io_uring_enter(r7, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r10 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
r11 = dup2(r10, r10)
ioctl$BLKTRACESETUP(r11, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1})
ioctl$BLKTRACESETUP(r11, 0x1276, 0x0)

833.650104ms ago: executing program 2 (id=1276):
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r1, 0x3, 0x300000000000000)

830.719624ms ago: executing program 2 (id=1278):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
dup(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x10000, 0x1}, 0x8002, 0x0, 0x1003, 0x2, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'wlc\x00', 0x15, 0x88, 0xc000067}, 0x2c)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
r4 = shmget$private(0x0, 0x4000, 0x1000, &(0x7f0000ffb000/0x4000)=nil)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
shmctl$SHM_LOCK(r4, 0xb)

795.119047ms ago: executing program 4 (id=1279):
pipe2(&(0x7f0000001cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r2}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

720.425573ms ago: executing program 2 (id=1282):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}, {0x0}], 0x2}, 0x0, 0x40000000})
r2 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x11f8, 0x800, 0x1000, 0x5cc}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r2})
io_uring_enter(r2, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

704.537884ms ago: executing program 4 (id=1283):
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r0}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}, {0x0}], 0x2}, 0x0, 0x40000000})
r1 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x11f8, 0x800, 0x1000, 0x5cc}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newlink={0x20, 0x10, 0x705}, 0x20}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r1})
io_uring_enter(r1, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

657.460948ms ago: executing program 3 (id=1284):
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301)
ioctl$USBDEVFS_CLAIMINTERFACE(r0, 0x8004550f, &(0x7f0000000740))
r1 = socket$nl_audit(0x10, 0x3, 0x9)
bind$netlink(r1, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r3 = inotify_init1(0x800)
dup3(r3, r2, 0x0)
ioctl$HIDIOCGFEATURE(r2, 0xc0404807, &(0x7f0000000000)={0x9, "a192d584518ad5997f3f15f291980eeb86a552f7b37f89cdb9a92ed8e9a633ab73d637e92059236683fc72702ae2d25ddbbc784ecfc58b70e06b152f377c2274"})
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, 0x0, &(0x7f0000000080))

654.428788ms ago: executing program 2 (id=1285):
pipe2(&(0x7f0000001cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r2}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}}) (fail_nth: 2)

587.979064ms ago: executing program 4 (id=1287):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/protocols\x00')
pread64(r1, &(0x7f0000000280)=""/86, 0x56, 0x4000000000000f3)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00'}, 0x10)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2c, 0x0, 0x0)
getsockname$packet(r1, 0x0, &(0x7f0000000340))
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={r2}, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="00e6ffc165915b6021c5a826030000007f941e3a5d040000", @ANYRES16, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0x0)
write$selinux_load(r7, &(0x7f0000000000)=ANY=[], 0x2000)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x18)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x44}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b355e0007000000c2f50000080000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r4}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)

282.080428ms ago: executing program 2 (id=1289):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
prlimit64(0x0, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
gettid()
io_pgetevents(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={[0x4000000000000000]}, 0x8})
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
ioctl$TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000340)=0xe)
fsetxattr$trusted_overlay_origin(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x2, 0x1)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x110, 0x0, 0x0, 0x0, 0x2, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[], 0x2c}}, 0x800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a010200000000000000000100000009000100"], 0xfc}, 0x1, 0x0, 0x0, 0x204c000}, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@usrquota}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")

281.691648ms ago: executing program 3 (id=1290):
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x408, 0xcd, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000080000000000000000000001811", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0x0, 0x7, 0x8, 0x20005, 0x80, 0x0, 0x0, 0x0, 0x20000009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

279.334778ms ago: executing program 4 (id=1291):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
prlimit64(0x0, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
gettid()
io_pgetevents(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={[0x4000000000000000]}, 0x8})
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
ioctl$TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000340)=0xe)
fsetxattr$trusted_overlay_origin(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x2, 0x1)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x110, 0x0, 0x0, 0x0, 0x2, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[], 0x2c}}, 0x800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a010200000000000000000100000009000100"], 0xfc}, 0x1, 0x0, 0x0, 0x204c000}, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@usrquota}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")

273.217658ms ago: executing program 1 (id=1292):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x29379cb3d4da50b7, 0x5, &(0x7f0000000040)=ANY=[@ANYRESOCT=r0], &(0x7f0000000400)='GPL\x00', 0x40, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000b40)=@o_path={&(0x7f0000000b00)='./file0\x00', 0x0, 0x4000}, 0x18)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000b80)=r4, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
prlimit64(0x0, 0xe, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x2b, 0xf, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffff5}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0x4, 0x1000, &(0x7f0000000ec0)=""/4096, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x8, 0x2}, 0x8, 0x10, &(0x7f00000003c0)={0x2, 0x1000e, 0x10, 0xee5}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000500)=[0x1, r5, 0x1], &(0x7f0000000540)=[{0x2, 0x2, 0x0, 0x1}], 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000180)='net_dev_xmit\x00', r6, 0x0, 0x6}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b73f8ff00000000415c00000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095546a325e8ba3bacfb8617b6ac6eefb8f0717075d2f2903da7b2860091401ac9ea3cb148890e278d104a1458abd246e4ad14f49ee608998124878b445df4d5f76f71050a3dec27b86bd9e765b01161c4f65a98be8aec86f4c98bbca884a532b558b2e5e3e36f55de0bf9aee533e04b5c31b0d849abdcf0756dd0b209ad674ed97c3ee7fc3aa8a"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r7, 0x0, 0xe}, 0x18)
setrlimit(0x9, &(0x7f0000000380))
io_setup(0x2004, &(0x7f0000000680))
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x7c2)
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4044d, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_bp={0x0, 0x1}, 0x100410, 0x200, 0x2, 0x7, 0x9, 0xd, 0xf18, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_emit_ethernet(0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="ffffffffff0800459800280000000000069078000000000000000000004e22000000000000003b063059946770440cd68fea9e387ba637e8f1c2f1869b7a7e118503f366b388d0f5", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5010000090780000"], 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
dup2(r8, r8)
unshare(0x2a020400)
r9 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
flistxattr(r9, 0x0, 0x0)

172.954537ms ago: executing program 1 (id=1293):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
dup(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x10000, 0x1}, 0x8002, 0x0, 0x1003, 0x2, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'wlc\x00', 0x15, 0x88, 0xc000067}, 0x2c)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
r4 = shmget$private(0x0, 0x4000, 0x1000, &(0x7f0000ffb000/0x4000)=nil)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
shmctl$SHM_LOCK(r4, 0xb)

160.658088ms ago: executing program 1 (id=1294):
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
sendmsg$NFC_CMD_ACTIVATE_TARGET(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(0x0, r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000040)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
pwritev(r0, &(0x7f0000000cc0)=[{&(0x7f0000000b40)="ab566dcaac16f5df7b0e2ff29dd3d8cb80d408ce46537ab80ca6d965c0fa52fe65c995c98a9947d1272512a3aa372b162ae1dbbffe7a0a8298166d2d574d7d8a1ddf7b642928e32434610f8fba2555c87a7b3375a01e8d44fd8bfe32670efc9fb0d6e74b15236cb32b2723a76e930aae6cf618aa8df57f990797c99478b7b151948b78a524d0632f55c30777ef68327d6d7f1ca725c66ddd34484694b97152925a88389813ca0133661126ccd0ae2556a5d6d1273f38a0b6238b6f2c5a571bbb97c49d99b284044c7a52e496d0c27afbe74a6c1ee8a4786bb6aff7f20ce121b7b37fa4a054cb05e5f4e761aaeab37cecc302feb75364", 0xf6}, {&(0x7f0000000c40)="09f4c1ff6ecdf2e7a2e1432d23e9ddf65aece846e4f5c74d5c8ff8e7e42e042fb7070f86e7a4709dcc74afb9502243b0e10af3527e121fa17da44046d2d2bc350fd16790135ee6f1a0e019bc46669eaf07af5d", 0x53}], 0x2, 0x9, 0x4)

141.643669ms ago: executing program 1 (id=1295):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}, {0x0}], 0x2}, 0x0, 0x40000000})
r2 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x11f8, 0x800, 0x1000, 0x5cc}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r2})
io_uring_enter(r2, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

71.896855ms ago: executing program 0 (id=1296):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000400396f7b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kfree\x00', r0, 0x0, 0x8000000000}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a2d0000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073f97a310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f5"], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

71.092645ms ago: executing program 1 (id=1297):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}, {0x0}], 0x2}, 0x0, 0x40000000})
r2 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x11f8, 0x800, 0x1000, 0x5cc}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newlink={0x20, 0x10, 0x705}, 0x20}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r2})
io_uring_enter(r2, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

58.465516ms ago: executing program 3 (id=1298):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = fsopen(&(0x7f0000000040)='debugfs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000140)='uid', &(0x7f00000001c0)='(', 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040), 0x10)
listen(0xffffffffffffffff, 0x5)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r4, &(0x7f0000000040)={0x24, @short={0x2, 0x3, 0xffff}}, 0x14)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0xffffffff}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8f7ffffb702000008000000b703000000000000a5000000eeffffff95"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000005c0)={0x0, 0x9, 0x10}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x3, &(0x7f0000000300)=@raw=[@alu={0x7, 0x0, 0xd, 0x2, 0x5, 0xffffffffffffffc0}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @ldst={0x0, 0x2, 0x4, 0x0, 0xb, 0xffffffffffffffff, 0x4}], &(0x7f00000003c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000400)={0xa}, 0x8, 0x10, &(0x7f0000000580)={0x3, 0x10, 0x8, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000600)=[r7, r3, r9, r7], 0x0, 0x10, 0xca7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sys_enter\x00', r8}, 0x10)
rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x5]}}, 0x0, 0x8, &(0x7f0000000000))
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010814)
r10 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x2000000000000032, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r11}, 0x10)
close(r0)

51.475816ms ago: executing program 2 (id=1299):
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00')
sendmmsg$unix(r0, 0x0, 0x0, 0x400c814)
preadv(r0, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r3, &(0x7f0000019200)=""/102400, 0x19000, 0xc)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x1, @remote}, 0xa}}, 0x26)
getsockname(r4, 0x0, 0x0)

17.895749ms ago: executing program 0 (id=1300):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48)
r1 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x29, 0x3c, 0x0, 0x0) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r0}, &(0x7f0000000140), &(0x7f0000000680)}, 0x20) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x106, '\x00', 0x0, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e1850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x64, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000a40)={0x0, 0x40, 0x4})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r6, 0x4) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r9, 0x114, 0x8, &(0x7f00000008c0), 0x4)
bind$inet6(r9, &(0x7f0000000000)={0xa, 0x4e20, 0x2000000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xb851}, 0x1c) (async)
sendmsg$unix(r5, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'netpci0\x00', 0x10}) (async)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=") (async)
r10 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3800000, 0x11012, r10, 0x2000) (async)
lsetxattr$security_ima(&(0x7f0000000300)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)=@sha1={0x1, "ca46bb42f431c3e0a36fd25058505cb8e13b6aee"}, 0xfd3f, 0x0) (async)
unshare(0x4000400) (async)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009) (async)
chdir(&(0x7f0000000000)='./file0\x00')
lsetxattr$security_ima(&(0x7f0000000300)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)=@sha1={0x1, "ca46bb42f431c3e0a36fd25058505cb8e13b6aee"}, 0xfd3f, 0x0) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r11, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x200, 0x70bd2c, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008000}, 0x20040000)

0s ago: executing program 1 (id=1301):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000000)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0], <r0=>0x0, 0x9a, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000100), &(0x7f0000000180), 0x8, 0xbd, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0xd, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x20000000, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8001, 0x8001, @empty, 0x1}, 0x1c)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r4, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4)
listen(r4, 0x2)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r5, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4)
listen(r5, 0x2)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e24, @local}]}, &(0x7f0000000140)=0x10)

kernel console output (not intermixed with test programs):

13] loop1: detected capacity change from 0 to 1024
[   97.863532][ T5510] lo speed is unknown, defaulting to 1000
[   97.867042][ T5513] EXT4-fs: Ignoring removed orlov option
[   97.878302][ T5514] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   97.957133][ T5521] netlink: 388 bytes leftover after parsing attributes in process `syz.0.611'.
[   97.976722][ T5520] netlink: 32 bytes leftover after parsing attributes in process `syz.3.612'.
[   98.228818][ T5536] loop0: detected capacity change from 0 to 1024
[   98.229394][ T5531] netlink: 12 bytes leftover after parsing attributes in process `syz.3.616'.
[   98.245611][ T5536] EXT4-fs: Ignoring removed orlov option
[   98.252346][ T5538] loop4: detected capacity change from 0 to 1024
[   98.257101][ T5531] netlink: 8 bytes leftover after parsing attributes in process `syz.3.616'.
[   98.270122][ T5538] EXT4-fs: Ignoring removed orlov option
[   98.299823][ T5538] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   98.333651][ T5548] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   98.409505][ T5553] lo speed is unknown, defaulting to 1000
[   98.429246][ T5556] netlink: 388 bytes leftover after parsing attributes in process `syz.4.624'.
[   98.717483][ T5569] netlink: 76 bytes leftover after parsing attributes in process `syz.0.626'.
[   98.739543][ T5569] loop0: detected capacity change from 0 to 2048
[   98.780101][ T5570] netlink: 12 bytes leftover after parsing attributes in process `syz.3.631'.
[   98.791263][ T5570] netlink: 8 bytes leftover after parsing attributes in process `syz.3.631'.
[   98.792761][ T5577] loop0: detected capacity change from 0 to 1024
[   98.815042][ T5579] loop4: detected capacity change from 0 to 1024
[   98.820236][ T5577] EXT4-fs: Ignoring removed orlov option
[   98.822361][ T5579] EXT4-fs: Ignoring removed orlov option
[   98.840221][ T5581] loop3: detected capacity change from 0 to 1024
[   98.849470][ T5581] EXT4-fs: Ignoring removed orlov option
[   98.857108][ T5581] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   98.898191][ T5587] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   98.930991][ T5592] netlink: 388 bytes leftover after parsing attributes in process `syz.0.637'.
[   99.066816][ T5603] loop0: detected capacity change from 0 to 1024
[   99.096576][ T5603] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.642: bg 0: block 280: padding at end of block bitmap is not set
[   99.167927][ T5603] EXT4-fs (loop0): Remounting filesystem read-only
[   99.178921][ T5614] loop1: detected capacity change from 0 to 1024
[   99.183302][ T5603] EXT4-fs warning (device loop0): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.0.642: cleanup dec ref error -117
[   99.188808][ T5614] EXT4-fs: Ignoring removed orlov option
[   99.216962][ T5611] netlink: 12 bytes leftover after parsing attributes in process `syz.2.645'.
[   99.419290][ T5627] loop0: detected capacity change from 0 to 1024
[   99.473837][ T5627] EXT4-fs: Ignoring removed orlov option
[   99.494149][ T5627] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   99.537222][ T5628] loop4: detected capacity change from 0 to 2048
[   99.542021][ T3389] IPVS: starting estimator thread 0...
[   99.546660][ T5623] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   99.643245][ T5636] IPVS: using max 2880 ests per chain, 144000 per kthread
[   99.662732][ T5647] loop1: detected capacity change from 0 to 1024
[   99.674596][ T5647] EXT4-fs: Ignoring removed orlov option
[   99.683894][ T5649] loop3: detected capacity change from 0 to 1024
[   99.685027][ T5647] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   99.729275][ T5649] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.658: bg 0: block 280: padding at end of block bitmap is not set
[   99.763130][ T5649] EXT4-fs (loop3): Remounting filesystem read-only
[   99.770384][ T5657] loop4: detected capacity change from 0 to 2048
[   99.792694][ T5649] EXT4-fs warning (device loop3): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.3.658: cleanup dec ref error -117
[   99.820759][ T5657] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.657: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   99.843063][ T5657] EXT4-fs (loop4): Remounting filesystem read-only
[   99.910577][ T5666] loop1: detected capacity change from 0 to 1024
[   99.918648][ T5666] EXT4-fs: Ignoring removed orlov option
[   99.951887][   T29] kauditd_printk_skb: 1685 callbacks suppressed
[   99.951908][   T29] audit: type=1326 audit(1755356683.637:6437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.2.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bdda0ebe9 code=0x7ffc0000
[   99.990975][   T29] audit: type=1326 audit(1755356683.637:6438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5622 comm="syz.2.651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bdda0ebe9 code=0x7ffc0000
[  100.052410][ T3301] EXT4-fs unmount: 86 callbacks suppressed
[  100.052430][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.091344][   T29] audit: type=1326 audit(1755356683.777:6439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5669 comm="syz.3.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  100.116342][   T29] audit: type=1326 audit(1755356683.777:6440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5669 comm="syz.3.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  100.143667][   T29] audit: type=1326 audit(1755356683.837:6441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5669 comm="syz.3.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  100.163227][ T5673] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  100.169728][   T29] audit: type=1326 audit(1755356683.837:6442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5669 comm="syz.3.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  100.188506][ T5673] SELinux: failed to load policy
[  100.201837][   T29] audit: type=1326 audit(1755356683.837:6443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5669 comm="syz.3.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  100.260995][   T29] audit: type=1326 audit(1755356683.837:6444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5669 comm="syz.3.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  100.285106][   T29] audit: type=1326 audit(1755356683.837:6445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5669 comm="syz.3.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  100.310176][   T29] audit: type=1326 audit(1755356683.837:6446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5669 comm="syz.3.662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  100.351862][ T5680] siw: device registration error -23
[  100.364705][ T5680] loop3: detected capacity change from 0 to 1024
[  100.377795][ T5680] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.392447][ T5680] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.405228][ T5684] loop2: detected capacity change from 0 to 2048
[  100.526273][ T5694] loop1: detected capacity change from 0 to 2048
[  100.533320][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.544535][ T5693] loop0: detected capacity change from 0 to 1024
[  100.552486][ T5693] EXT4-fs: Ignoring removed orlov option
[  100.558863][ T5692] loop3: detected capacity change from 0 to 1024
[  100.567404][ T5693] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  100.581449][ T5692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.596897][ T5694] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  100.606425][ T5692] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.672: bg 0: block 280: padding at end of block bitmap is not set
[  100.625669][ T5693] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.634909][ T5692] EXT4-fs (loop3): Remounting filesystem read-only
[  100.645035][ T5692] EXT4-fs warning (device loop3): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.3.672: cleanup dec ref error -117
[  100.645453][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  100.685230][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.710771][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.723581][ T5708] loop1: detected capacity change from 0 to 1024
[  100.732644][ T5710] loop3: detected capacity change from 0 to 1024
[  100.740516][ T5708] EXT4-fs: Ignoring removed orlov option
[  100.753472][ T5710] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.767865][ T5710] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.685: bg 0: block 280: padding at end of block bitmap is not set
[  100.785178][ T5710] EXT4-fs (loop3): Remounting filesystem read-only
[  100.792857][ T5710] EXT4-fs warning (device loop3): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.3.685: cleanup dec ref error -117
[  100.807696][ T5708] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.822312][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.856966][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.869556][ T5718] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  100.885487][ T5718] SELinux: failed to load policy
[  100.936704][ T5727] lo speed is unknown, defaulting to 1000
[  101.102909][ T5740] loop1: detected capacity change from 0 to 1024
[  101.223928][ T5745] loop3: detected capacity change from 0 to 1024
[  101.232126][ T5745] EXT4-fs: Ignoring removed orlov option
[  101.332393][ T5747] loop2: detected capacity change from 0 to 1024
[  101.341991][ T5740] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  101.458776][ T5740] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  101.467723][ T5740] EXT4-fs (loop1): orphan cleanup on readonly fs
[  101.488708][ T5753] siw: device registration error -23
[  101.492207][ T5745] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  101.494649][ T5740] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  101.513739][ T5755] loop4: detected capacity change from 0 to 1024
[  101.520883][ T5740] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  101.536355][ T5740] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.679: Freeing blocks not in datazone - block = 0, count = 4096
[  101.536597][ T5753] loop2: detected capacity change from 0 to 1024
[  101.558818][ T5740] EXT4-fs (loop1): 1 orphan inode deleted
[  101.559652][ T5755] EXT4-fs: Ignoring removed orlov option
[  101.565733][ T5740] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.609451][ T5755] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.624442][ T5729] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.679: iget: bad extended attribute block 6
[  101.638939][ T5745] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.655599][ T5760] lo speed is unknown, defaulting to 1000
[  101.714374][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.724240][ T5741] loop0: detected capacity change from 0 to 2048
[  101.732325][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.749745][ T5741] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  101.783445][ T5769] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  101.795904][ T5769] SELinux: failed to load policy
[  101.845739][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  101.857729][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.009833][ T5791] SELinux:  policydb table sizes (-89009921,-1362487853) do not match mine (8,7)
[  102.020624][ T5791] SELinux: failed to load policy
[  102.279536][ T5808] loop0: detected capacity change from 0 to 1024
[  102.396293][ T5808] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  102.516493][ T5808] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  102.525350][ T5808] EXT4-fs (loop0): orphan cleanup on readonly fs
[  102.533587][ T5808] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  102.550444][ T5808] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  102.557940][ T5808] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.705: Freeing blocks not in datazone - block = 0, count = 4096
[  102.572316][ T5808] EXT4-fs (loop0): 1 orphan inode deleted
[  102.579086][ T5808] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.646390][ T5800] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.705: iget: bad extended attribute block 6
[  102.848464][ T5817] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  102.928024][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.937987][ T5817] SELinux: failed to load policy
[  102.972795][ T5818] loop3: detected capacity change from 0 to 1024
[  102.982480][ T5818] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  102.997606][ T5809] loop4: detected capacity change from 0 to 2048
[  103.006398][ T5818] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  103.014561][ T5818] EXT4-fs (loop3): orphan cleanup on readonly fs
[  103.021516][ T5818] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  103.038004][ T5818] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  103.048071][ T5818] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.711: Freeing blocks not in datazone - block = 0, count = 4096
[  103.068187][ T5818] EXT4-fs (loop3): 1 orphan inode deleted
[  103.074909][ T5818] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  103.091436][ T5818] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.711: iget: bad extended attribute block 6
[  103.308490][ T5826] __nla_validate_parse: 15 callbacks suppressed
[  103.308515][ T5826] netlink: 12 bytes leftover after parsing attributes in process `syz.0.714'.
[  103.331718][ T5792] loop2: detected capacity change from 0 to 2048
[  103.344456][ T5826] netlink: 8 bytes leftover after parsing attributes in process `syz.0.714'.
[  103.371704][ T5809] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  103.504339][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  103.558108][ T5844] SELinux:  policydb table sizes (-89009921,-1362487853) do not match mine (8,7)
[  103.582944][ T5844] SELinux: failed to load policy
[  103.591337][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.617290][ T5847] loop0: detected capacity change from 0 to 2048
[  103.635302][ T5847] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.649116][ T5847] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.720: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  103.670065][ T5847] EXT4-fs (loop0): Remounting filesystem read-only
[  103.761616][ T5861] loop4: detected capacity change from 0 to 2048
[  103.775149][ T5862] netlink: 12 bytes leftover after parsing attributes in process `syz.1.726'.
[  103.787873][ T5862] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  103.809078][ T5861] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.861501][ T5861] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.724: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  103.888815][ T5861] EXT4-fs (loop4): Remounting filesystem read-only
[  103.938534][ T4292] nci: nci_rx_work: unknown MT 0x5
[  103.953855][ T5849] loop3: detected capacity change from 0 to 2048
[  103.980162][ T5849] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  104.385044][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.525491][ T5849] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  104.545005][ T5849] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1954 with error 28
[  104.558392][ T5849] EXT4-fs (loop3): This should not happen!! Data will be lost
[  104.558392][ T5849] 
[  104.560894][ T5885] netlink: 76 bytes leftover after parsing attributes in process `syz.0.731'.
[  104.568641][ T5849] EXT4-fs (loop3): Total free blocks count 0
[  104.568666][ T5849] EXT4-fs (loop3): Free/Dirty block details
[  104.568680][ T5849] EXT4-fs (loop3): free_blocks=2415919104
[  104.568695][ T5849] EXT4-fs (loop3): dirty_blocks=1968
[  104.604973][ T5849] EXT4-fs (loop3): Block reservation details
[  104.611297][ T5849] EXT4-fs (loop3): i_reserved_data_blocks=123
[  104.658261][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  104.722701][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.760663][ T5891] lo speed is unknown, defaulting to 1000
[  104.996515][ T5901] loop4: detected capacity change from 0 to 1024
[  105.006667][ T5901] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  105.055743][ T5901] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  105.065033][ T5901] EXT4-fs (loop4): orphan cleanup on readonly fs
[  105.072755][ T5901] __quota_error: 96 callbacks suppressed
[  105.072846][ T5901] Quota error (device loop4): v2_read_file_info: Block with free entry 1283 out of range (1, 6).
[  105.091599][ T5901] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  105.107563][ T5901] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  105.137656][ T5901] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.733: Freeing blocks not in datazone - block = 0, count = 4096
[  105.153355][ T5901] EXT4-fs (loop4): 1 orphan inode deleted
[  105.160063][ T5901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  105.178952][ T5901] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.733: iget: bad extended attribute block 6
[  105.335685][   T29] audit: type=1326 audit(1755356689.027:6540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5886 comm="syz.3.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  105.361913][   T29] audit: type=1326 audit(1755356689.027:6541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5886 comm="syz.3.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  105.386614][ T5907] netlink: 12 bytes leftover after parsing attributes in process `syz.2.738'.
[  105.388311][   T29] audit: type=1326 audit(1755356689.027:6542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5886 comm="syz.3.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  105.422909][   T29] audit: type=1326 audit(1755356689.027:6543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5886 comm="syz.3.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  105.448378][   T29] audit: type=1326 audit(1755356689.027:6544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5886 comm="syz.3.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  105.478137][   T29] audit: type=1326 audit(1755356689.027:6545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5886 comm="syz.3.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  105.509087][   T29] audit: type=1326 audit(1755356689.027:6546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5886 comm="syz.3.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  105.537430][   T29] audit: type=1326 audit(1755356689.027:6547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5886 comm="syz.3.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  105.563858][   T29] audit: type=1326 audit(1755356689.027:6548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5886 comm="syz.3.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  105.635751][ T5884] loop0: detected capacity change from 0 to 2048
[  105.664612][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.695663][ T5913] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  105.861460][ T5918] loop4: detected capacity change from 0 to 2048
[  105.948099][ T5925] loop2: detected capacity change from 0 to 1024
[  106.042001][ T5884] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  106.069905][ T5918] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.086506][ T5918] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.742: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  106.104205][ T5918] EXT4-fs (loop4): Remounting filesystem read-only
[  106.132039][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  106.145619][ T5931] loop1: detected capacity change from 0 to 2048
[  106.159947][ T5933] netlink: 388 bytes leftover after parsing attributes in process `syz.0.746'.
[  106.171335][ T5931] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.185260][ T5931] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.745: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  106.192664][ T5937] netlink: 4 bytes leftover after parsing attributes in process `syz.0.747'.
[  106.212523][ T5931] EXT4-fs (loop1): Remounting filesystem read-only
[  106.232144][ T5937] netlink: 32 bytes leftover after parsing attributes in process `syz.0.747'.
[  106.348015][ T5943] netlink: 4 bytes leftover after parsing attributes in process `syz.3.750'.
[  106.376412][ T5945] SELinux:  policydb version 16776981 does not match my version range 15-35
[  106.386326][ T5945] SELinux: failed to load policy
[  106.511981][ T5952] lo speed is unknown, defaulting to 1000
[  106.583662][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.626049][ T5956] loop2: detected capacity change from 0 to 2048
[  106.675069][ T5958] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  106.682266][ T3389] IPVS: starting estimator thread 0...
[  106.721345][   T56] nci: nci_rx_work: unknown MT 0x5
[  106.793894][ T5965] IPVS: using max 2880 ests per chain, 144000 per kthread
[  106.917188][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.034077][ T5982] SELinux:  policydb version 16776981 does not match my version range 15-35
[  107.044525][ T5982] SELinux: failed to load policy
[  107.583682][ T6001] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  107.628964][ T6003] loop3: detected capacity change from 0 to 2048
[  107.643672][ T3425] nci: nci_rx_work: unknown MT 0x5
[  107.656559][ T6003] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  107.943075][ T6024] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  108.053168][ T6003] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  108.072348][ T6003] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  108.086329][ T6003] EXT4-fs (loop3): This should not happen!! Data will be lost
[  108.086329][ T6003] 
[  108.096666][ T6003] EXT4-fs (loop3): Total free blocks count 0
[  108.103055][ T6003] EXT4-fs (loop3): Free/Dirty block details
[  108.109619][ T6003] EXT4-fs (loop3): free_blocks=2415919104
[  108.115593][ T6003] EXT4-fs (loop3): dirty_blocks=8208
[  108.121105][ T6003] EXT4-fs (loop3): Block reservation details
[  108.127632][ T6003] EXT4-fs (loop3): i_reserved_data_blocks=513
[  108.173125][  T407] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  108.311747][ T3389] IPVS: starting estimator thread 0...
[  108.416871][ T6039] IPVS: using max 2592 ests per chain, 129600 per kthread
[  108.462011][ T6047] loop1: detected capacity change from 0 to 1024
[  108.484312][ T6047] EXT4-fs: Ignoring removed orlov option
[  108.527654][ T6047] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  108.555703][ T6047] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.583846][   T51] nci: nci_rx_work: unknown MT 0x5
[  108.665639][ T6063] loop2: detected capacity change from 0 to 1024
[  108.878512][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.978527][ T6067] lo speed is unknown, defaulting to 1000
[  109.133563][ T6071] loop4: detected capacity change from 0 to 2048
[  109.212362][ T6071] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.236440][ T6075] lo speed is unknown, defaulting to 1000
[  109.237092][ T6071] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.792: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  109.264137][ T6071] EXT4-fs (loop4): Remounting filesystem read-only
[  109.330372][ T6084] loop1: detected capacity change from 0 to 1024
[  109.364921][ T6084] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.393375][ T6084] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.796: bg 0: block 280: padding at end of block bitmap is not set
[  110.468590][   T29] kauditd_printk_skb: 1154 callbacks suppressed
[  110.468692][   T29] audit: type=1326 audit(1755356694.117:7703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0bdda05ba7 code=0x7ffc0000
[  110.476644][ T6096] loop0: detected capacity change from 0 to 1024
[  110.505927][   T29] audit: type=1326 audit(1755356694.117:7704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bdd9aadd9 code=0x7ffc0000
[  110.546071][   T29] audit: type=1326 audit(1755356694.117:7705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0bdda05ba7 code=0x7ffc0000
[  110.571641][   T29] audit: type=1326 audit(1755356694.117:7706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bdd9aadd9 code=0x7ffc0000
[  110.599278][   T29] audit: type=1326 audit(1755356694.117:7707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0bdda05ba7 code=0x7ffc0000
[  110.602117][ T6096] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  110.624942][   T29] audit: type=1326 audit(1755356694.117:7708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bdd9aadd9 code=0x7ffc0000
[  110.637882][ T6084] EXT4-fs (loop1): Remounting filesystem read-only
[  110.661842][   T29] audit: type=1326 audit(1755356694.117:7709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0bdda05ba7 code=0x7ffc0000
[  110.692886][   T29] audit: type=1326 audit(1755356694.117:7710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bdd9aadd9 code=0x7ffc0000
[  110.703468][ T6096] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  110.720002][   T29] audit: type=1326 audit(1755356694.117:7711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0bdda05ba7 code=0x7ffc0000
[  110.728814][ T6096] EXT4-fs (loop0): orphan cleanup on readonly fs
[  110.755337][   T29] audit: type=1326 audit(1755356694.117:7712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bdd9aadd9 code=0x7ffc0000
[  110.765573][ T6096] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  110.789621][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.804634][ T6096] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  110.816909][ T6084] EXT4-fs warning (device loop1): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.1.796: cleanup dec ref error -117
[  110.847972][ T6096] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.799: Freeing blocks not in datazone - block = 0, count = 4096
[  110.862098][ T6096] EXT4-fs (loop0): 1 orphan inode deleted
[  110.868462][ T6096] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  110.943300][ T6093] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.799: iget: bad extended attribute block 6
[  110.962453][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.047259][ T6104] loop2: detected capacity change from 0 to 1024
[  111.069721][ T6104] EXT4-fs: Ignoring removed orlov option
[  111.070640][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.184807][ T6116] lo speed is unknown, defaulting to 1000
[  111.242057][ T6124] loop3: detected capacity change from 0 to 1024
[  111.276125][ T6124] EXT4-fs: Ignoring removed orlov option
[  111.303923][ T6124] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.379949][ T6133] loop4: detected capacity change from 0 to 1024
[  111.444368][ T6133] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  111.456728][   T51] nci: nci_rx_work: unknown MT 0x5
[  111.465768][ T6133] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  111.475069][ T6133] EXT4-fs (loop4): orphan cleanup on readonly fs
[  111.483269][ T6133] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  111.499179][ T6133] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  111.507849][ T6133] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.809: Freeing blocks not in datazone - block = 0, count = 4096
[  111.523801][ T6133] EXT4-fs (loop4): 1 orphan inode deleted
[  111.531678][ T6133] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  111.552294][ T6133] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.809: iget: bad extended attribute block 6
[  111.699022][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.845345][ T6113] loop2: detected capacity change from 0 to 2048
[  111.894527][ T6148] loop2: detected capacity change from 0 to 1024
[  112.021027][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.053105][ T6157] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=6157 comm=syz.2.816
[  112.127590][ T6166] loop0: detected capacity change from 0 to 1024
[  112.135602][ T6166] EXT4-fs: Ignoring removed orlov option
[  112.186678][ T6168] lo speed is unknown, defaulting to 1000
[  112.201979][ T4457] nci: nci_rx_work: unknown MT 0x5
[  112.206156][ T6166] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  112.369616][ T6166] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.422155][ T6174] lo speed is unknown, defaulting to 1000
[  112.492156][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.758329][ T6181] loop3: detected capacity change from 0 to 1024
[  112.817108][ T6181] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.009082][ T6181] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.826: bg 0: block 280: padding at end of block bitmap is not set
[  113.088333][ T6189] loop2: detected capacity change from 0 to 1024
[  113.212658][ T6187] lo speed is unknown, defaulting to 1000
[  113.250847][ T6181] EXT4-fs (loop3): Remounting filesystem read-only
[  113.296300][ T6181] EXT4-fs warning (device loop3): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.3.826: cleanup dec ref error -117
[  113.311588][ T6190] __nla_validate_parse: 3 callbacks suppressed
[  113.311656][ T6190] netlink: 76 bytes leftover after parsing attributes in process `syz.1.825'.
[  113.432724][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.489359][ T6195] netlink: 4 bytes leftover after parsing attributes in process `syz.3.828'.
[  113.499625][ T6195] netlink: 32 bytes leftover after parsing attributes in process `syz.3.828'.
[  113.583047][ T6204] loop0: detected capacity change from 0 to 1024
[  113.591898][ T6204] EXT4-fs: Ignoring removed orlov option
[  113.599454][ T4338] nci: nci_rx_work: unknown MT 0x5
[  113.608026][ T6204] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.637421][ T6208] loop3: detected capacity change from 0 to 2048
[  113.679905][ T6208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.710865][ T6208] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.832: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  113.769227][ T6208] EXT4-fs (loop3): Remounting filesystem read-only
[  113.866232][ T6179] loop1: detected capacity change from 0 to 2048
[  113.922105][ T6218] netlink: 4 bytes leftover after parsing attributes in process `syz.2.835'.
[  113.934136][ T6218] netlink: 32 bytes leftover after parsing attributes in process `syz.2.835'.
[  114.012382][ T6179] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  114.042768][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.065042][ T6226] SELinux:  policydb version -65515 does not match my version range 15-35
[  114.074592][ T6226] SELinux: failed to load policy
[  114.418790][ T6236] lo speed is unknown, defaulting to 1000
[  114.421601][ T6238] netlink: 4 bytes leftover after parsing attributes in process `syz.4.841'.
[  114.488924][ T6238] netlink: 32 bytes leftover after parsing attributes in process `syz.4.841'.
[  114.776845][ T6249] loop3: detected capacity change from 0 to 1024
[  114.824737][ T6249] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  114.873713][ T6249] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  114.882212][ T6249] EXT4-fs (loop3): orphan cleanup on readonly fs
[  114.890860][ T6249] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  114.906886][ T6249] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  114.916956][ T6249] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.843: Freeing blocks not in datazone - block = 0, count = 4096
[  114.933252][ T6249] EXT4-fs (loop3): 1 orphan inode deleted
[  114.945756][ T6249] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.843: iget: bad extended attribute block 6
[  115.616496][ T6261] loop2: detected capacity change from 0 to 1024
[  115.743997][ T6262] loop4: detected capacity change from 0 to 1024
[  115.754243][ T6262] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  115.775375][ T6262] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  115.784395][ T6262] EXT4-fs (loop4): orphan cleanup on readonly fs
[  115.791793][ T6262] __quota_error: 690 callbacks suppressed
[  115.791811][ T6262] Quota error (device loop4): v2_read_file_info: Block with free entry 1283 out of range (1, 6).
[  115.810318][ T6262] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  115.825814][ T6262] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  115.833780][ T6262] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.847: Freeing blocks not in datazone - block = 0, count = 4096
[  115.848128][ T6262] EXT4-fs (loop4): 1 orphan inode deleted
[  115.869334][ T6260] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.847: iget: bad extended attribute block 6
[  116.112588][   T29] audit: type=1326 audit(1755356699.797:8400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6266 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3b286ebe9 code=0x7ffc0000
[  116.215895][   T29] audit: type=1326 audit(1755356699.797:8401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6266 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa3b286ebe9 code=0x7ffc0000
[  116.242043][   T29] audit: type=1326 audit(1755356699.797:8402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6266 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3b286ebe9 code=0x7ffc0000
[  116.268230][   T29] audit: type=1326 audit(1755356699.797:8403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6266 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fa3b286ebe9 code=0x7ffc0000
[  116.293756][   T29] audit: type=1326 audit(1755356699.797:8404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6266 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3b286ebe9 code=0x7ffc0000
[  116.319579][   T29] audit: type=1326 audit(1755356699.797:8405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6266 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3b286ebe9 code=0x7ffc0000
[  116.343957][   T29] audit: type=1326 audit(1755356699.797:8406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6266 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa3b286ebe9 code=0x7ffc0000
[  116.368014][   T29] audit: type=1326 audit(1755356699.797:8407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6266 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3b286ebe9 code=0x7ffc0000
[  116.392628][   T29] audit: type=1326 audit(1755356699.797:8408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6266 comm="syz.0.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3b286ebe9 code=0x7ffc0000
[  116.486142][ T6278] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  116.537064][ T3322] nci: nci_rx_work: unknown MT 0x5
[  116.586992][ T6282] loop0: detected capacity change from 0 to 2048
[  116.654656][ T6282] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.853: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  116.675037][ T6282] EXT4-fs (loop0): Remounting filesystem read-only
[  116.870627][ T6271] loop2: detected capacity change from 0 to 2048
[  116.891432][ T6271] ext4: Unknown parameter 'usrqˆ'
[  117.043156][ T6304] loop3: detected capacity change from 0 to 1024
[  117.117971][ T6304] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  117.130358][ T6304] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  117.139338][ T6304] EXT4-fs (loop3): orphan cleanup on readonly fs
[  117.153653][ T6304] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  117.169657][ T6304] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  117.178830][ T6304] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.860: Freeing blocks not in datazone - block = 0, count = 4096
[  117.194532][ T6304] EXT4-fs (loop3): 1 orphan inode deleted
[  117.211767][ T6304] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.860: iget: bad extended attribute block 6
[  117.450026][ T6312] loop0: detected capacity change from 0 to 1024
[  117.457001][ T6312] EXT4-fs: Ignoring removed orlov option
[  117.461784][ T6307] lo speed is unknown, defaulting to 1000
[  117.693047][ T6328] netlink: 12 bytes leftover after parsing attributes in process `syz.1.865'.
[  117.825146][ T6335] loop1: detected capacity change from 0 to 512
[  117.843376][ T6338] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  117.859703][ T6335] EXT4-fs: Ignoring removed nobh option
[  117.875997][ T6335] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.869: corrupted inode contents
[  117.890458][ T6335] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.869: mark_inode_dirty error
[  117.906504][ T6335] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.869: corrupted inode contents
[  117.921215][ T6335] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.869: mark_inode_dirty error
[  117.934817][ T6335] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.869: Failed to acquire dquot type 0
[  117.949344][ T6335] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.869: corrupted inode contents
[  117.964908][ T6348] loop0: detected capacity change from 0 to 2048
[  117.973880][ T6335] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.869: mark_inode_dirty error
[  117.997759][ T6335] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.869: corrupted inode contents
[  118.015351][ T6335] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.869: mark_inode_dirty error
[  118.020251][ T6348] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.872: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  118.048482][ T6335] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.869: corrupted inode contents
[  118.058380][ T6348] EXT4-fs (loop0): Remounting filesystem read-only
[  118.073905][ T6335] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  118.089544][ T6335] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.869: corrupted inode contents
[  118.139503][ T6335] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.869: mark_inode_dirty error
[  118.161116][ T6335] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  118.172377][ T6335] EXT4-fs (loop1): 1 truncate cleaned up
[  118.189831][ T6351] loop4: detected capacity change from 0 to 2048
[  118.200869][ T6335] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.328638][ T6373] netlink: 12 bytes leftover after parsing attributes in process `syz.3.880'.
[  118.388818][ T6377] netlink: 196 bytes leftover after parsing attributes in process `syz.3.882'.
[  118.465847][ T6380] loop2: detected capacity change from 0 to 1024
[  119.219207][ T6385] loop3: detected capacity change from 0 to 1024
[  119.355569][ T6387] loop2: detected capacity change from 0 to 1024
[  119.363743][ T6351] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  119.379884][ T6385] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  119.411472][ T6385] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  119.419841][ T6385] EXT4-fs (loop3): orphan cleanup on readonly fs
[  119.428516][ T6385] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  119.443625][ T6385] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  119.453020][ T6385] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.884: Freeing blocks not in datazone - block = 0, count = 4096
[  119.468443][ T6385] EXT4-fs (loop3): 1 orphan inode deleted
[  119.478578][ T6385] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.884: iget: bad extended attribute block 6
[  119.508341][ T6351] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 160 with error 28
[  119.521785][ T6351] EXT4-fs (loop4): This should not happen!! Data will be lost
[  119.521785][ T6351] 
[  119.533198][ T6351] EXT4-fs (loop4): Total free blocks count 0
[  119.541736][ T6351] EXT4-fs (loop4): Free/Dirty block details
[  119.547881][ T6351] EXT4-fs (loop4): free_blocks=2415919104
[  119.553895][ T6351] EXT4-fs (loop4): dirty_blocks=160
[  119.559336][ T6351] EXT4-fs (loop4): Block reservation details
[  119.565507][ T6351] EXT4-fs (loop4): i_reserved_data_blocks=10
[  119.654251][ T6397] netlink: 76 bytes leftover after parsing attributes in process `syz.2.888'.
[  119.892152][ T6407] lo speed is unknown, defaulting to 1000
[  120.009474][ T6407] loop4: detected capacity change from 0 to 2048
[  120.047970][ T6407] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.285736][ T6415] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  120.375410][ T6393] loop2: detected capacity change from 0 to 2048
[  120.485319][ T6423] loop3: detected capacity change from 0 to 2048
[  120.552525][ T6423] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.897: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  120.574381][ T6423] EXT4-fs (loop3): Remounting filesystem read-only
[  120.815529][ T6430] netlink: 76 bytes leftover after parsing attributes in process `syz.4.901'.
[  120.953724][ T6435] loop2: detected capacity change from 0 to 1024
[  121.323568][   T29] kauditd_printk_skb: 460 callbacks suppressed
[  121.323591][   T29] audit: type=1400 audit(1755356705.017:8865): avc:  denied  { create } for  pid=6436 comm="syz.3.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  121.352714][ T6437] netlink: 4 bytes leftover after parsing attributes in process `syz.3.903'.
[  121.370418][ T6437] netlink: 32 bytes leftover after parsing attributes in process `syz.3.903'.
[  121.393204][   T29] audit: type=1400 audit(1755356705.017:8866): avc:  denied  { setopt } for  pid=6436 comm="syz.3.903" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  121.457779][   T29] audit: type=1400 audit(1755356705.147:8867): avc:  denied  { load_policy } for  pid=6442 comm="syz.3.906" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  121.500155][ T6441] netlink: 76 bytes leftover after parsing attributes in process `syz.1.905'.
[  121.575287][ T6430] loop4: detected capacity change from 0 to 2048
[  121.615513][   T29] audit: type=1400 audit(1755356705.297:8868): avc:  denied  { execmem } for  pid=6444 comm="syz.3.907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  121.688850][   T29] audit: type=1400 audit(1755356705.377:8869): avc:  denied  { write } for  pid=6448 comm="syz.3.909" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  121.728568][ T6449] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  121.753273][   T29] audit: type=1326 audit(1755356705.417:8870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6448 comm="syz.3.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  121.777583][   T29] audit: type=1326 audit(1755356705.417:8871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6448 comm="syz.3.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  121.803154][   T29] audit: type=1326 audit(1755356705.417:8872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6448 comm="syz.3.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  121.827772][   T29] audit: type=1326 audit(1755356705.417:8873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6448 comm="syz.3.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  121.853172][   T29] audit: type=1326 audit(1755356705.417:8874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6448 comm="syz.3.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff02a6cebe9 code=0x7ffc0000
[  121.995557][ T3541] nci: nci_rx_work: unknown MT 0x5
[  122.087802][ T6474] netlink: 4 bytes leftover after parsing attributes in process `syz.2.917'.
[  122.112813][ T6474] netlink: 32 bytes leftover after parsing attributes in process `syz.2.917'.
[  122.256450][ T6482] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  122.337975][ T6483] loop4: detected capacity change from 0 to 1024
[  122.348213][ T6483] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  122.374020][ T6483] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  122.383356][ T6483] EXT4-fs (loop4): orphan cleanup on readonly fs
[  122.390974][ T6483] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  122.422733][ T6483] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  122.430423][ T6483] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.918: Freeing blocks not in datazone - block = 0, count = 4096
[  122.444500][ T6483] EXT4-fs (loop4): 1 orphan inode deleted
[  122.457811][ T6483] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.918: iget: bad extended attribute block 6
[  122.606417][ T6486] loop0: detected capacity change from 0 to 512
[  122.618788][ T6486] EXT4-fs: Ignoring removed nobh option
[  122.656426][ T6486] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.921: corrupted inode contents
[  122.734870][ T6486] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.921: mark_inode_dirty error
[  122.762714][ T6486] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.921: corrupted inode contents
[  122.784854][ T6486] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.921: mark_inode_dirty error
[  122.802799][ T6486] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.921: Failed to acquire dquot type 0
[  122.824244][ T6486] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.921: corrupted inode contents
[  122.867726][ T6486] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.921: mark_inode_dirty error
[  122.881744][ T6486] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.921: corrupted inode contents
[  122.908340][ T6486] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.921: mark_inode_dirty error
[  122.937884][ T6486] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.921: corrupted inode contents
[  123.025475][ T6486] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  123.065359][ T6486] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.921: corrupted inode contents
[  123.069298][ T6507] lo speed is unknown, defaulting to 1000
[  123.101904][ T6486] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.921: mark_inode_dirty error
[  123.132538][ T6510] loop2: detected capacity change from 0 to 2048
[  123.157480][ T6486] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  123.167728][ T6486] EXT4-fs (loop0): 1 truncate cleaned up
[  123.174126][ T6486] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.201316][ T4292] nci: nci_rx_work: unknown MT 0x5
[  124.181392][ T6543] FAULT_INJECTION: forcing a failure.
[  124.181392][ T6543] name failslab, interval 1, probability 0, space 0, times 0
[  124.196069][ T6543] CPU: 0 UID: 0 PID: 6543 Comm: syz.3.941 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  124.196210][ T6543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  124.196224][ T6543] Call Trace:
[  124.196232][ T6543]  <TASK>
[  124.196241][ T6543]  __dump_stack+0x1d/0x30
[  124.196265][ T6543]  dump_stack_lvl+0xe8/0x140
[  124.196286][ T6543]  dump_stack+0x15/0x1b
[  124.196306][ T6543]  should_fail_ex+0x265/0x280
[  124.196354][ T6543]  should_failslab+0x8c/0xb0
[  124.196380][ T6543]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  124.196415][ T6543]  ? sidtab_sid2str_get+0xa0/0x130
[  124.196503][ T6543]  kmemdup_noprof+0x2b/0x70
[  124.196579][ T6543]  sidtab_sid2str_get+0xa0/0x130
[  124.196659][ T6543]  security_sid_to_context_core+0x1eb/0x2e0
[  124.196685][ T6543]  security_sid_to_context+0x27/0x40
[  124.196789][ T6543]  selinux_lsmprop_to_secctx+0x67/0xf0
[  124.196814][ T6543]  security_lsmprop_to_secctx+0x43/0x80
[  124.196916][ T6543]  audit_log_task_context+0x77/0x190
[  124.196999][ T6543]  audit_log_task+0xf4/0x250
[  124.197068][ T6543]  audit_seccomp+0x61/0x100
[  124.197147][ T6543]  ? __seccomp_filter+0x68c/0x10d0
[  124.197168][ T6543]  __seccomp_filter+0x69d/0x10d0
[  124.197188][ T6543]  ? putname+0xda/0x100
[  124.197213][ T6543]  ? kmem_cache_free+0xdf/0x300
[  124.197243][ T6543]  ? kern_path+0x106/0x130
[  124.197296][ T6543]  __secure_computing+0x82/0x150
[  124.197383][ T6543]  syscall_trace_enter+0xcf/0x1e0
[  124.197406][ T6543]  do_syscall_64+0xac/0x200
[  124.197460][ T6543]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.197518][ T6543]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  124.197541][ T6543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.197563][ T6543] RIP: 0033:0x7ff02a6cd5fc
[  124.197583][ T6543] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  124.197672][ T6543] RSP: 002b:00007ff02912f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  124.197693][ T6543] RAX: ffffffffffffffda RBX: 00007ff02a8f5fa0 RCX: 00007ff02a6cd5fc
[  124.197717][ T6543] RDX: 000000000000000f RSI: 00007ff02912f0a0 RDI: 0000000000000006
[  124.197732][ T6543] RBP: 00007ff02912f090 R08: 0000000000000000 R09: 0000000000000000
[  124.197746][ T6543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  124.197761][ T6543] R13: 00007ff02a8f6038 R14: 00007ff02a8f5fa0 R15: 00007ffff77a1338
[  124.197855][ T6543]  </TASK>
[  124.467250][ T6546] loop4: detected capacity change from 0 to 1024
[  124.483676][ T6546] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  124.502725][ T6546] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  124.511669][ T6546] EXT4-fs (loop4): orphan cleanup on readonly fs
[  124.519500][ T6546] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  124.535958][ T6546] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  124.544643][ T6546] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.940: Freeing blocks not in datazone - block = 0, count = 4096
[  124.560345][ T6546] EXT4-fs (loop4): 1 orphan inode deleted
[  124.569662][ T6552] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma?
[  124.573221][ T6546] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.940: iget: bad extended attribute block 6
[  124.805196][ T6566] tipc: Started in network mode
[  124.810367][ T6566] tipc: Node identity fc000000000000000000000000000001, cluster identity 4711
[  124.819793][ T6566] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  124.856942][ T6573] loop2: detected capacity change from 0 to 1024
[  124.867441][ T6571] netlink: 4 bytes leftover after parsing attributes in process `syz.1.951'.
[  124.872652][ T6573] EXT4-fs: Ignoring removed orlov option
[  124.878475][ T6571] netlink: 32 bytes leftover after parsing attributes in process `syz.1.951'.
[  125.059471][ T6582] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6582 comm=syz.1.956
[  125.064883][ T6578] loop4: detected capacity change from 0 to 1024
[  125.113178][ T6578] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  125.134782][ T6578] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=484ce018, mo2=0100]
[  125.144966][ T6586] FAULT_INJECTION: forcing a failure.
[  125.144966][ T6586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.159597][ T6586] CPU: 1 UID: 0 PID: 6586 Comm: syz.3.959 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  125.159630][ T6586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  125.159642][ T6586] Call Trace:
[  125.159651][ T6586]  <TASK>
[  125.159667][ T6586]  __dump_stack+0x1d/0x30
[  125.159693][ T6586]  dump_stack_lvl+0xe8/0x140
[  125.159716][ T6586]  dump_stack+0x15/0x1b
[  125.159844][ T6586]  should_fail_ex+0x265/0x280
[  125.159867][ T6586]  should_fail+0xb/0x20
[  125.159932][ T6586]  should_fail_usercopy+0x1a/0x20
[  125.159953][ T6586]  _copy_from_user+0x1c/0xb0
[  125.160141][ T6586]  copy_from_sockptr_offset+0x66/0xa0
[  125.160185][ T6586]  tls_setsockopt+0x635/0xce0
[  125.160217][ T6586]  sock_common_setsockopt+0x69/0x80
[  125.160250][ T6586]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  125.160318][ T6586]  __sys_setsockopt+0x181/0x200
[  125.160344][ T6586]  __x64_sys_setsockopt+0x64/0x80
[  125.160368][ T6586]  x64_sys_call+0x20ec/0x2ff0
[  125.160393][ T6586]  do_syscall_64+0xd2/0x200
[  125.160419][ T6586]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  125.160470][ T6586]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  125.160497][ T6586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.160523][ T6586] RIP: 0033:0x7ff02a6cebe9
[  125.160543][ T6586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.160564][ T6586] RSP: 002b:00007ff02912f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  125.160764][ T6586] RAX: ffffffffffffffda RBX: 00007ff02a8f5fa0 RCX: 00007ff02a6cebe9
[  125.160780][ T6586] RDX: 0000000000000002 RSI: 000000000000011a RDI: 0000000000000004
[  125.160793][ T6586] RBP: 00007ff02912f090 R08: 0000000000000038 R09: 0000000000000000
[  125.160805][ T6586] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  125.160818][ T6586] R13: 00007ff02a8f6038 R14: 00007ff02a8f5fa0 R15: 00007ffff77a1338
[  125.160837][ T6586]  </TASK>
[  125.398711][ T6578] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.953: lblock 2 mapped to illegal pblock 2 (length 1)
[  125.443036][ T6578] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.953: lblock 0 mapped to illegal pblock 48 (length 1)
[  125.460268][ T6578] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.953: Failed to acquire dquot type 0
[  125.472875][ T6578] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  125.497842][ T6578] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.953: mark_inode_dirty error
[  125.523383][ T6578] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  125.537097][ T6578] EXT4-fs (loop4): 1 orphan inode deleted
[  125.555516][ T5903] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:22: lblock 1 mapped to illegal pblock 1 (length 1)
[  125.576875][ T6603] loop3: detected capacity change from 0 to 1024
[  125.584701][ T6603] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  125.600464][ T5903] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:22: Failed to release dquot type 0
[  125.617564][ T6603] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  125.626071][ T6603] EXT4-fs (loop3): orphan cleanup on readonly fs
[  125.633873][ T6603] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  125.650704][ T6603] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  125.658812][ T6603] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.963: Freeing blocks not in datazone - block = 0, count = 4096
[  125.674855][ T6603] EXT4-fs (loop3): 1 orphan inode deleted
[  125.682720][ T6603] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.963: iget: bad extended attribute block 6
[  125.750550][ T6578] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz.4.953: Invalid inode table block 1 in block_group 0
[  125.752562][ T6592] netlink: 76 bytes leftover after parsing attributes in process `syz.2.960'.
[  125.774250][ T6578] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  125.784203][ T6578] EXT4-fs error (device loop4): ext4_quota_off:7217: inode #3: comm syz.4.953: mark_inode_dirty error
[  125.874157][ T6616] netlink: 4 bytes leftover after parsing attributes in process `syz.4.967'.
[  125.886416][ T6616] netlink: 32 bytes leftover after parsing attributes in process `syz.4.967'.
[  126.260857][ T6592] loop2: detected capacity change from 0 to 2048
[  126.361403][ T6626] loop3: detected capacity change from 0 to 2048
[  126.394938][ T6630] lo speed is unknown, defaulting to 1000
[  126.396222][ T6626] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.971: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  126.423904][ T6626] EXT4-fs (loop3): Remounting filesystem read-only
[  126.451785][ T6633] loop2: detected capacity change from 0 to 2048
[  126.478715][   T29] kauditd_printk_skb: 176 callbacks suppressed
[  126.478735][   T29] audit: type=1400 audit(1755356710.167:9042): avc:  denied  { cpu } for  pid=6634 comm="syz.1.974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  126.540268][   T29] audit: type=1400 audit(1755356710.197:9043): avc:  denied  { write } for  pid=6634 comm="syz.1.974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  126.629571][   T29] audit: type=1400 audit(1755356710.317:9044): avc:  denied  { create } for  pid=6655 comm="syz.4.981" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  126.654361][   T29] audit: type=1400 audit(1755356710.337:9045): avc:  denied  { connect } for  pid=6655 comm="syz.4.981" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  126.741079][ T6662] loop4: detected capacity change from 0 to 1024
[  126.760696][ T6662] EXT4-fs: Ignoring removed orlov option
[  126.800576][   T29] audit: type=1400 audit(1755356710.487:9046): avc:  denied  { read open } for  pid=6661 comm="syz.4.984" path="/184/bus/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  126.831455][   T29] audit: type=1400 audit(1755356710.487:9047): avc:  denied  { write } for  pid=6661 comm="syz.4.984" name="bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  126.856880][ T6658] netlink: 76 bytes leftover after parsing attributes in process `syz.0.982'.
[  127.055667][   T29] audit: type=1400 audit(1755356710.737:9048): avc:  denied  { write } for  pid=6667 comm="syz.1.985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  127.076061][   T29] audit: type=1400 audit(1755356710.737:9049): avc:  denied  { connect } for  pid=6667 comm="syz.1.985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  127.097154][   T29] audit: type=1400 audit(1755356710.737:9050): avc:  denied  { name_connect } for  pid=6667 comm="syz.1.985" dest=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  127.121128][   T29] audit: type=1400 audit(1755356710.807:9051): avc:  denied  { shutdown } for  pid=6667 comm="syz.1.985" lport=51230 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  127.201454][ T6675] lo speed is unknown, defaulting to 1000
[  127.431993][ T6698] loop3: detected capacity change from 0 to 1024
[  127.490334][ T6698] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.997: bg 0: block 280: padding at end of block bitmap is not set
[  127.512139][ T6707] netlink: 36 bytes leftover after parsing attributes in process `syz.0.999'.
[  127.522433][ T6707] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[  127.561124][ T6698] EXT4-fs (loop3): Remounting filesystem read-only
[  127.568738][ T6708] loop2: detected capacity change from 0 to 2048
[  127.595335][ T6698] EXT4-fs warning (device loop3): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.3.997: cleanup dec ref error -117
[  127.611096][ T6707] netlink: 32 bytes leftover after parsing attributes in process `syz.0.999'.
[  127.872868][ T6724] loop4: detected capacity change from 0 to 2048
[  127.922611][ T6724] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.1001: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  127.962188][ T6724] EXT4-fs (loop4): Remounting filesystem read-only
[  127.967274][ T6728] lo speed is unknown, defaulting to 1000
[  127.987373][ T6730] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.030099][ T6732] netlink: 'syz.3.1006': attribute type 27 has an invalid length.
[  128.060460][ T6730] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.137404][ T6731] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  128.178449][ T6732] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.186133][ T6732] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.230973][ T6732] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  128.243212][ T6732] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  128.256603][ T6732] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.267779][ T6732] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.308799][ T6732] ip6erspan0: left allmulticast mode
[  128.317579][ T6741] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1009'.
[  128.329372][ T6730] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.341066][ T6741] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1009'.
[  128.354716][ T3547] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  128.398870][ T6748] SELinux:  policydb magic number 0x7 does not match expected magic number 0xf97cff8c
[  128.409969][ T6748] SELinux: failed to load policy
[  128.587558][ T6762] netlink: 'syz.0.1020': attribute type 10 has an invalid length.
[  128.617353][ T6762] dummy0: entered promiscuous mode
[  128.659262][ T6762] bridge0: port 3(dummy0) entered blocking state
[  128.674699][ T6762] bridge0: port 3(dummy0) entered disabled state
[  128.716081][ T6762] dummy0: entered allmulticast mode
[  128.757631][ T6762] bridge0: port 3(dummy0) entered blocking state
[  128.767350][ T6762] bridge0: port 3(dummy0) entered forwarding state
[  128.781699][ T6770] loop2: detected capacity change from 0 to 2048
[  128.856534][ T6773] loop4: detected capacity change from 0 to 1024
[  128.864591][ T6773] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  128.876574][ T6773] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  128.885368][ T6773] EXT4-fs (loop4): orphan cleanup on readonly fs
[  128.894418][ T6773] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  128.911157][ T6773] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  128.919048][ T6773] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.1022: Freeing blocks not in datazone - block = 0, count = 4096
[  128.933458][ T6773] EXT4-fs (loop4): 1 orphan inode deleted
[  128.942062][ T6773] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.1022: iget: bad extended attribute block 6
[  129.584520][ T6801] loop2: detected capacity change from 0 to 1024
[  129.940500][ T6812] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.307961][ T6812] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.346637][ T6821] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  130.407484][ T6812] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.507055][ T6812] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.634579][  T407] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.664707][  T407] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.688926][  T407] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.721996][ T6835] loop4: detected capacity change from 0 to 2048
[  130.742513][  T407] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.775071][ T6835] EXT4-fs mount: 46 callbacks suppressed
[  130.775090][ T6835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.836786][ T6835] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.1045: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  130.859763][ T6839] loop2: detected capacity change from 0 to 1024
[  130.889534][ T6835] EXT4-fs (loop4): Remounting filesystem read-only
[  130.993166][ T6846] loop2: detected capacity change from 0 to 1024
[  131.087742][ T6848] __nla_validate_parse: 6 callbacks suppressed
[  131.087894][ T6848] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1050'.
[  131.117904][ T6854] loop2: detected capacity change from 0 to 2048
[  131.337335][ T6859] capability: warning: `syz.0.1054' uses deprecated v2 capabilities in a way that may be insecure
[  131.476989][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.507240][ T6871] loop4: detected capacity change from 0 to 512
[  131.519895][ T6871] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1058: iget: bad i_size value: 38620345925642
[  131.536241][ T6871] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1058: couldn't read orphan inode 15 (err -117)
[  131.550328][ T6871] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.566862][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  131.566882][   T29] audit: type=1400 audit(1755356715.257:9202): avc:  denied  { append } for  pid=6870 comm="syz.4.1058" path="/195/file1/blkio.bfq.avg_queue_size" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  131.631181][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.656284][   T29] audit: type=1326 audit(1755356715.347:9203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.4.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8b096ebe9 code=0x7ffc0000
[  131.684436][ T6878] FAULT_INJECTION: forcing a failure.
[  131.684436][ T6878] name failslab, interval 1, probability 0, space 0, times 0
[  131.699034][ T6878] CPU: 1 UID: 0 PID: 6878 Comm: syz.4.1059 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  131.699072][ T6878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  131.699086][ T6878] Call Trace:
[  131.699096][ T6878]  <TASK>
[  131.699107][ T6878]  __dump_stack+0x1d/0x30
[  131.699132][ T6878]  dump_stack_lvl+0xe8/0x140
[  131.699152][ T6878]  dump_stack+0x15/0x1b
[  131.699191][ T6878]  should_fail_ex+0x265/0x280
[  131.699275][ T6878]  should_failslab+0x8c/0xb0
[  131.699320][ T6878]  kmem_cache_alloc_node_noprof+0x57/0x320
[  131.699354][ T6878]  ? __alloc_skb+0x101/0x320
[  131.699416][ T6878]  __alloc_skb+0x101/0x320
[  131.699446][ T6878]  ? audit_log_start+0x365/0x6c0
[  131.699476][ T6878]  audit_log_start+0x380/0x6c0
[  131.699542][ T6878]  audit_seccomp+0x48/0x100
[  131.699573][ T6878]  ? __seccomp_filter+0x68c/0x10d0
[  131.699614][ T6878]  __seccomp_filter+0x69d/0x10d0
[  131.699640][ T6878]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  131.699696][ T6878]  ? vfs_write+0x7e8/0x960
[  131.699722][ T6878]  ? __rcu_read_unlock+0x4f/0x70
[  131.699793][ T6878]  ? __fget_files+0x184/0x1c0
[  131.699832][ T6878]  __secure_computing+0x82/0x150
[  131.699862][ T6878]  syscall_trace_enter+0xcf/0x1e0
[  131.699890][ T6878]  do_syscall_64+0xac/0x200
[  131.700050][ T6878]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  131.700075][ T6878]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  131.700180][ T6878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.700203][ T6878] RIP: 0033:0x7ff8b096ebe9
[  131.700232][ T6878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.700355][ T6878] RSP: 002b:00007ff8af3d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  131.700377][ T6878] RAX: ffffffffffffffda RBX: 00007ff8b0b95fa0 RCX: 00007ff8b096ebe9
[  131.700391][ T6878] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000200000000000
[  131.700405][ T6878] RBP: 00007ff8af3d7090 R08: 0000000000000000 R09: 0000000000000000
[  131.700419][ T6878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.700469][ T6878] R13: 00007ff8b0b96038 R14: 00007ff8b0b95fa0 R15: 00007ffd62a25cb8
[  131.700491][ T6878]  </TASK>
[  131.700511][ T6878] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64
[  131.714479][   T29] audit: type=1326 audit(1755356715.377:9204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.4.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff8b096d550 code=0x7ffc0000
[  131.724951][ T6878] audit: out of memory in audit_log_start
[  131.982869][   T29] audit: type=1326 audit(1755356715.377:9205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.4.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff8b096d69f code=0x7ffc0000
[  132.015952][ T6881] syzkaller0: entered allmulticast mode
[  132.021800][ T6881] syzkaller0: entered promiscuous mode
[  132.037070][ T6881] syzkaller0 (unregistering): left allmulticast mode
[  132.037349][   T29] audit: type=1326 audit(1755356715.417:9206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.4.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7ff8b096d5fc code=0x7ffc0000
[  132.044338][ T6881] syzkaller0 (unregistering): left promiscuous mode
[  132.068763][   T29] audit: type=1326 audit(1755356715.417:9207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.4.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff8b096d69f code=0x7ffc0000
[  132.099112][   T29] audit: type=1326 audit(1755356715.417:9208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.4.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff8b096d84a code=0x7ffc0000
[  132.124075][   T29] audit: type=1326 audit(1755356715.417:9209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6877 comm="syz.4.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8b096ebe9 code=0x7ffc0000
[  132.233884][ T6886] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1062'.
[  132.249241][ T6886] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[  132.270627][ T6886] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1062'.
[  132.288102][ T6892] FAULT_INJECTION: forcing a failure.
[  132.288102][ T6892] name failslab, interval 1, probability 0, space 0, times 0
[  132.302353][ T6892] CPU: 0 UID: 0 PID: 6892 Comm: syz.2.1065 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  132.302388][ T6892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.302401][ T6892] Call Trace:
[  132.302408][ T6892]  <TASK>
[  132.302417][ T6892]  __dump_stack+0x1d/0x30
[  132.302442][ T6892]  dump_stack_lvl+0xe8/0x140
[  132.302479][ T6892]  dump_stack+0x15/0x1b
[  132.302499][ T6892]  should_fail_ex+0x265/0x280
[  132.302521][ T6892]  should_failslab+0x8c/0xb0
[  132.302546][ T6892]  kmem_cache_alloc_noprof+0x50/0x310
[  132.302645][ T6892]  ? skb_clone+0x151/0x1f0
[  132.302669][ T6892]  skb_clone+0x151/0x1f0
[  132.302688][ T6892]  __netlink_deliver_tap+0x2c9/0x500
[  132.302712][ T6892]  ? netlink_attachskb+0x2d0/0x610
[  132.302747][ T6892]  netlink_sendskb+0x126/0x150
[  132.302807][ T6892]  netlink_unicast+0x2a2/0x690
[  132.302843][ T6892]  netlink_ack+0x4c8/0x500
[  132.302865][ T6892]  netlink_rcv_skb+0x192/0x220
[  132.302933][ T6892]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  132.302971][ T6892]  rtnetlink_rcv+0x1c/0x30
[  132.302998][ T6892]  netlink_unicast+0x5bd/0x690
[  132.303070][ T6892]  netlink_sendmsg+0x58b/0x6b0
[  132.303095][ T6892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  132.303118][ T6892]  __sock_sendmsg+0x142/0x180
[  132.303145][ T6892]  ____sys_sendmsg+0x31e/0x4e0
[  132.303191][ T6892]  ___sys_sendmsg+0x17b/0x1d0
[  132.303227][ T6892]  __x64_sys_sendmsg+0xd4/0x160
[  132.303264][ T6892]  x64_sys_call+0x191e/0x2ff0
[  132.303287][ T6892]  do_syscall_64+0xd2/0x200
[  132.303316][ T6892]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.303364][ T6892]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  132.303454][ T6892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.303474][ T6892] RIP: 0033:0x7f0bdda0ebe9
[  132.303547][ T6892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.303567][ T6892] RSP: 002b:00007f0bdc477038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  132.303590][ T6892] RAX: ffffffffffffffda RBX: 00007f0bddc35fa0 RCX: 00007f0bdda0ebe9
[  132.303603][ T6892] RDX: 0000000020004004 RSI: 00002000000000c0 RDI: 0000000000000003
[  132.303617][ T6892] RBP: 00007f0bdc477090 R08: 0000000000000000 R09: 0000000000000000
[  132.303631][ T6892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.303644][ T6892] R13: 00007f0bddc36038 R14: 00007f0bddc35fa0 R15: 00007ffca719dcd8
[  132.303725][ T6892]  </TASK>
[  132.646415][ T6901] FAULT_INJECTION: forcing a failure.
[  132.646415][ T6901] name failslab, interval 1, probability 0, space 0, times 0
[  132.660272][ T6901] CPU: 0 UID: 0 PID: 6901 Comm: syz.2.1067 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  132.660360][ T6901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.660373][ T6901] Call Trace:
[  132.660380][ T6901]  <TASK>
[  132.660388][ T6901]  __dump_stack+0x1d/0x30
[  132.660414][ T6901]  dump_stack_lvl+0xe8/0x140
[  132.660496][ T6901]  dump_stack+0x15/0x1b
[  132.660514][ T6901]  should_fail_ex+0x265/0x280
[  132.660538][ T6901]  ? __pfx_cond_bools_destroy+0x10/0x10
[  132.660567][ T6901]  should_failslab+0x8c/0xb0
[  132.660594][ T6901]  kmem_cache_alloc_noprof+0x50/0x310
[  132.660732][ T6901]  ? hashtab_duplicate+0xfe/0x360
[  132.660853][ T6901]  ? __pfx_cond_bools_destroy+0x10/0x10
[  132.660881][ T6901]  hashtab_duplicate+0xfe/0x360
[  132.660915][ T6901]  ? __pfx_cond_bools_copy+0x10/0x10
[  132.661003][ T6901]  cond_policydb_dup+0xd2/0x4e0
[  132.661084][ T6901]  security_set_bools+0xa0/0x340
[  132.661111][ T6901]  sel_commit_bools_write+0x1ea/0x270
[  132.661142][ T6901]  vfs_writev+0x403/0x8b0
[  132.661178][ T6901]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  132.661210][ T6901]  ? mutex_lock+0xd/0x30
[  132.661241][ T6901]  do_writev+0xe7/0x210
[  132.661324][ T6901]  __x64_sys_writev+0x45/0x50
[  132.661350][ T6901]  x64_sys_call+0x1e9a/0x2ff0
[  132.661373][ T6901]  do_syscall_64+0xd2/0x200
[  132.661401][ T6901]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.661445][ T6901]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  132.661496][ T6901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.661519][ T6901] RIP: 0033:0x7f0bdda0ebe9
[  132.661538][ T6901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.661556][ T6901] RSP: 002b:00007f0bdc477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  132.661628][ T6901] RAX: ffffffffffffffda RBX: 00007f0bddc35fa0 RCX: 00007f0bdda0ebe9
[  132.661641][ T6901] RDX: 0000000000000002 RSI: 0000200000000040 RDI: 0000000000000007
[  132.661655][ T6901] RBP: 00007f0bdc477090 R08: 0000000000000000 R09: 0000000000000000
[  132.661669][ T6901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  132.661683][ T6901] R13: 00007f0bddc36038 R14: 00007f0bddc35fa0 R15: 00007ffca719dcd8
[  132.661702][ T6901]  </TASK>
[  133.049027][ T6912] loop3: detected capacity change from 0 to 2048
[  133.065800][ T6912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.079566][ T6912] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.1071: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  133.100142][ T6912] EXT4-fs (loop3): Remounting filesystem read-only
[  133.129278][ T6918] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  133.226362][ T6923] FAULT_INJECTION: forcing a failure.
[  133.226362][ T6923] name failslab, interval 1, probability 0, space 0, times 0
[  133.241725][ T6923] CPU: 0 UID: 0 PID: 6923 Comm: syz.4.1076 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  133.241764][ T6923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  133.241777][ T6923] Call Trace:
[  133.241787][ T6923]  <TASK>
[  133.241798][ T6923]  __dump_stack+0x1d/0x30
[  133.241870][ T6923]  dump_stack_lvl+0xe8/0x140
[  133.241930][ T6923]  dump_stack+0x15/0x1b
[  133.241947][ T6923]  should_fail_ex+0x265/0x280
[  133.241993][ T6923]  should_failslab+0x8c/0xb0
[  133.242024][ T6923]  kmem_cache_alloc_noprof+0x50/0x310
[  133.242124][ T6923]  ? security_file_alloc+0x32/0x100
[  133.242250][ T6923]  security_file_alloc+0x32/0x100
[  133.242279][ T6923]  init_file+0x5c/0x1d0
[  133.242539][ T6923]  alloc_empty_file+0x8b/0x200
[  133.242580][ T6923]  alloc_file_pseudo+0xc6/0x160
[  133.242610][ T6923]  anon_inode_getfile_fmode+0xa5/0x140
[  133.242642][ T6923]  do_eventfd+0x116/0x1b0
[  133.242713][ T6923]  __x64_sys_eventfd2+0x2d/0x40
[  133.242733][ T6923]  x64_sys_call+0x2ebd/0x2ff0
[  133.242820][ T6923]  do_syscall_64+0xd2/0x200
[  133.242846][ T6923]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.242887][ T6923]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  133.242915][ T6923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.242996][ T6923] RIP: 0033:0x7ff8b096ebe9
[  133.243022][ T6923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.243040][ T6923] RSP: 002b:00007ff8af3d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000122
[  133.243063][ T6923] RAX: ffffffffffffffda RBX: 00007ff8b0b95fa0 RCX: 00007ff8b096ebe9
[  133.243076][ T6923] RDX: 0000000000000000 RSI: 0000000000000801 RDI: 00000000ffffffff
[  133.243089][ T6923] RBP: 00007ff8af3d7090 R08: 0000000000000000 R09: 0000000000000000
[  133.243158][ T6923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.243171][ T6923] R13: 00007ff8b0b96038 R14: 00007ff8b0b95fa0 R15: 00007ffd62a25cb8
[  133.243193][ T6923]  </TASK>
[  133.531954][ T6930] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1079'.
[  133.795891][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.006542][ T6959] SELinux:  policydb string SE Li does not match my string SE Linux
[  134.015155][ T6959] SELinux: failed to load policy
[  134.170411][ T6974] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1095'.
[  134.180758][ T6974] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[  134.276497][ T6980] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  134.337452][ T6983] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  134.398855][ T6984] FAULT_INJECTION: forcing a failure.
[  134.398855][ T6984] name failslab, interval 1, probability 0, space 0, times 0
[  134.412031][ T6984] CPU: 0 UID: 0 PID: 6984 Comm: syz.3.1096 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  134.412067][ T6984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  134.412082][ T6984] Call Trace:
[  134.412091][ T6984]  <TASK>
[  134.412172][ T6984]  __dump_stack+0x1d/0x30
[  134.412196][ T6984]  dump_stack_lvl+0xe8/0x140
[  134.412214][ T6984]  dump_stack+0x15/0x1b
[  134.412230][ T6984]  should_fail_ex+0x265/0x280
[  134.412254][ T6984]  should_failslab+0x8c/0xb0
[  134.412411][ T6984]  kmem_cache_alloc_noprof+0x50/0x310
[  134.412492][ T6984]  ? alloc_empty_file+0x76/0x200
[  134.412551][ T6984]  alloc_empty_file+0x76/0x200
[  134.412584][ T6984]  path_openat+0x68/0x2170
[  134.412647][ T6984]  ? _parse_integer_limit+0x170/0x190
[  134.412671][ T6984]  ? kstrtoull+0x111/0x140
[  134.412694][ T6984]  ? kstrtouint+0x76/0xc0
[  134.412785][ T6984]  do_filp_open+0x109/0x230
[  134.412814][ T6984]  do_sys_openat2+0xa6/0x110
[  134.412854][ T6984]  __x64_sys_openat+0xf2/0x120
[  134.412907][ T6984]  x64_sys_call+0x2e9c/0x2ff0
[  134.412930][ T6984]  do_syscall_64+0xd2/0x200
[  134.413009][ T6984]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  134.413034][ T6984]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  134.413062][ T6984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.413145][ T6984] RIP: 0033:0x7ff02a6cd550
[  134.413164][ T6984] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  134.413210][ T6984] RSP: 002b:00007ff0290ecf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  134.413229][ T6984] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007ff02a6cd550
[  134.413242][ T6984] RDX: 0000000000000002 RSI: 00007ff0290ecfa0 RDI: 00000000ffffff9c
[  134.413255][ T6984] RBP: 00007ff0290ecfa0 R08: 0000000000000000 R09: 0000000000000000
[  134.413270][ T6984] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  134.413284][ T6984] R13: 00007ff02a8f6218 R14: 00007ff02a8f6180 R15: 00007ffff77a1338
[  134.413302][ T6984]  </TASK>
[  134.767257][ T6998] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1107'.
[  134.820446][ T6998] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1107'.
[  134.927575][ T7002] netlink: 'syz.0.1108': attribute type 1 has an invalid length.
[  134.995029][ T7011] loop2: detected capacity change from 0 to 1024
[  134.998076][ T7002] 8021q: adding VLAN 0 to HW filter on device bond1
[  135.013883][ T7011] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1111'.
[  135.019290][ T7012] bond1: (slave bridge1): making interface the new active one
[  135.032794][ T7011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  135.093442][ T7012] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  135.113596][ T7011] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  135.386099][ T7027] FAULT_INJECTION: forcing a failure.
[  135.386099][ T7027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.399559][ T7027] CPU: 0 UID: 0 PID: 7027 Comm: syz.4.1117 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  135.399655][ T7027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  135.399663][ T7027] Call Trace:
[  135.399671][ T7027]  <TASK>
[  135.399677][ T7027]  __dump_stack+0x1d/0x30
[  135.399694][ T7027]  dump_stack_lvl+0xe8/0x140
[  135.399706][ T7027]  dump_stack+0x15/0x1b
[  135.399718][ T7027]  should_fail_ex+0x265/0x280
[  135.399767][ T7027]  should_fail+0xb/0x20
[  135.399826][ T7027]  should_fail_usercopy+0x1a/0x20
[  135.399841][ T7027]  _copy_from_user+0x1c/0xb0
[  135.399858][ T7027]  kstrtouint_from_user+0x69/0xf0
[  135.399935][ T7027]  ? 0xffffffff81000000
[  135.399944][ T7027]  ? selinux_file_permission+0x1e4/0x320
[  135.400016][ T7027]  proc_fail_nth_write+0x50/0x160
[  135.400034][ T7027]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  135.400132][ T7027]  vfs_write+0x266/0x960
[  135.400146][ T7027]  ? vfs_read+0x4e6/0x770
[  135.400158][ T7027]  ? __rcu_read_unlock+0x4f/0x70
[  135.400173][ T7027]  ? __fget_files+0x184/0x1c0
[  135.400187][ T7027]  ? fput+0x8f/0xc0
[  135.400266][ T7027]  ksys_write+0xda/0x1a0
[  135.400289][ T7027]  __x64_sys_write+0x40/0x50
[  135.400313][ T7027]  x64_sys_call+0x27fe/0x2ff0
[  135.400327][ T7027]  do_syscall_64+0xd2/0x200
[  135.400380][ T7027]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  135.400396][ T7027]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  135.400411][ T7027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.400492][ T7027] RIP: 0033:0x7ff8b096d69f
[  135.400503][ T7027] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  135.400515][ T7027] RSP: 002b:00007ff8af3d7030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  135.400530][ T7027] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff8b096d69f
[  135.400587][ T7027] RDX: 0000000000000001 RSI: 00007ff8af3d70a0 RDI: 0000000000000007
[  135.400595][ T7027] RBP: 00007ff8af3d7090 R08: 0000000000000000 R09: 0000000000000000
[  135.400603][ T7027] R10: 0000200000000040 R11: 0000000000000293 R12: 0000000000000001
[  135.400612][ T7027] R13: 00007ff8b0b96038 R14: 00007ff8b0b95fa0 R15: 00007ffd62a25cb8
[  135.400631][ T7027]  </TASK>
[  135.645462][ T7032] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1118'.
[  135.736227][ T7038] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1121'.
[  135.747137][ T7038] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[  135.835978][ T7046] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  135.847329][ T7046] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  135.863734][ T7051] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  135.868766][ T7046] veth1_to_bridge: mtu greater than device maximum
[  135.881673][ T7046] loop4: detected capacity change from 0 to 512
[  135.889538][ T7046] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  135.898879][ T7046] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  135.907524][ T7046] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.1124: corrupted in-inode xattr: e_value size too large
[  135.930170][ T7046] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1124: couldn't read orphan inode 15 (err -117)
[  135.945592][ T7046] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.023594][ T7058] loop2: detected capacity change from 0 to 2048
[  136.474308][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.739962][ T7072] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  136.749257][ T7072] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7072 comm=GPL
[  136.781579][   T29] kauditd_printk_skb: 343 callbacks suppressed
[  136.781609][   T29] audit: type=1400 audit(1755356720.467:9553): avc:  denied  { create } for  pid=7074 comm="syz.1.1135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  136.847040][ T7076] loop4: detected capacity change from 0 to 1024
[  136.856680][ T7076] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  136.915964][ T7076] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  136.924482][ T7076] EXT4-fs (loop4): orphan cleanup on readonly fs
[  136.931995][ T7076] Quota error (device loop4): v2_read_file_info: Block with free entry 1283 out of range (1, 6).
[  136.943320][ T7076] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  136.958691][ T7076] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  136.967986][ T7076] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.1132: Freeing blocks not in datazone - block = 0, count = 4096
[  136.984268][ T7076] EXT4-fs (loop4): 1 orphan inode deleted
[  136.990756][ T7076] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  137.005916][ T7076] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.1132: iget: bad extended attribute block 6
[  137.154661][   T29] audit: type=1400 audit(1755356720.567:9554): avc:  denied  { create } for  pid=7074 comm="syz.1.1135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  137.175690][   T29] audit: type=1400 audit(1755356720.597:9555): avc:  denied  { ioctl } for  pid=7074 comm="syz.1.1135" path="socket:[15813]" dev="sockfs" ino=15813 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  137.203813][   T29] audit: type=1400 audit(1755356720.867:9556): avc:  denied  { create } for  pid=7086 comm="syz.2.1140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  137.225821][   T29] audit: type=1400 audit(1755356720.867:9557): avc:  denied  { write } for  pid=7086 comm="syz.2.1140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  137.239367][ T7087] infiniband syz1: set active
[  137.253920][ T7087] infiniband syz1: added syz_tun
[  137.268643][ T7087] RDS/IB: syz1: added
[  137.274411][ T7087] smc: adding ib device syz1 with port count 1
[  137.281299][ T7087] smc:    ib device syz1 port 1 has pnetid 
[  137.289038][   T29] audit: type=1400 audit(1755356720.967:9558): avc:  denied  { setopt } for  pid=7085 comm="syz.1.1139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  137.367775][ T7096] netlink: 'syz.1.1142': attribute type 3 has an invalid length.
[  137.376630][ T7096] netlink: 'syz.1.1142': attribute type 3 has an invalid length.
[  137.521642][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.556011][   T29] audit: type=1326 audit(1755356721.247:9559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  137.581551][   T29] audit: type=1326 audit(1755356721.247:9560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  137.617004][   T29] audit: type=1326 audit(1755356721.267:9561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7097 comm="syz.1.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  137.654111][ T7102] loop4: detected capacity change from 0 to 2048
[  137.662779][ T7104] loop2: detected capacity change from 0 to 1024
[  137.671373][ T7104] EXT4-fs: Ignoring removed orlov option
[  137.678999][ T7102] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.694918][ T7102] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  137.707440][ T7102] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.1144: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  137.725404][ T7102] EXT4-fs (loop4): Remounting filesystem read-only
[  137.779375][ T7113] pimreg: entered allmulticast mode
[  137.802889][ T7112] pimreg: left allmulticast mode
[  137.896832][ T7123] __nla_validate_parse: 1 callbacks suppressed
[  137.896848][ T7123] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1151'.
[  138.080444][   T12] nci: nci_rx_work: unknown MT 0x5
[  138.396816][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.417507][ T7138] loop3: detected capacity change from 0 to 1024
[  138.427198][ T7138] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  138.438663][ T7138] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  138.447763][ T7138] EXT4-fs (loop3): orphan cleanup on readonly fs
[  138.454822][ T7138] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  138.470841][ T7138] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  138.478365][ T7138] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.1155: Freeing blocks not in datazone - block = 0, count = 4096
[  138.494631][ T7138] EXT4-fs (loop3): 1 orphan inode deleted
[  138.501272][ T7138] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  138.523358][ T7138] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.1155: iget: bad extended attribute block 6
[  138.643541][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.760494][ T7157] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1162'.
[  138.770483][ T7157] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[  138.814351][ T7159] debugfs: Bad value for 'gid'
[  138.819697][ T7159] debugfs: Bad value for 'gid'
[  138.902882][ T7161] netlink: 'syz.3.1165': attribute type 3 has an invalid length.
[  138.917521][ T7161] netlink: 'syz.3.1165': attribute type 3 has an invalid length.
[  138.927893][ T7161] FAULT_INJECTION: forcing a failure.
[  138.927893][ T7161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.942389][ T7161] CPU: 1 UID: 0 PID: 7161 Comm: syz.3.1165 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  138.942421][ T7161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  138.942434][ T7161] Call Trace:
[  138.942443][ T7161]  <TASK>
[  138.942507][ T7161]  __dump_stack+0x1d/0x30
[  138.942589][ T7161]  dump_stack_lvl+0xe8/0x140
[  138.942612][ T7161]  dump_stack+0x15/0x1b
[  138.942630][ T7161]  should_fail_ex+0x265/0x280
[  138.942651][ T7161]  should_fail+0xb/0x20
[  138.942668][ T7161]  should_fail_usercopy+0x1a/0x20
[  138.942727][ T7161]  _copy_from_iter+0xcf/0xe40
[  138.942787][ T7161]  ? __build_skb_around+0x1a0/0x200
[  138.942825][ T7161]  ? __alloc_skb+0x223/0x320
[  138.942861][ T7161]  netlink_sendmsg+0x471/0x6b0
[  138.942885][ T7161]  ? __pfx_netlink_sendmsg+0x10/0x10
[  138.942985][ T7161]  __sock_sendmsg+0x142/0x180
[  138.943012][ T7161]  ____sys_sendmsg+0x31e/0x4e0
[  138.943033][ T7161]  ___sys_sendmsg+0x17b/0x1d0
[  138.943063][ T7161]  __x64_sys_sendmsg+0xd4/0x160
[  138.943156][ T7161]  x64_sys_call+0x191e/0x2ff0
[  138.943176][ T7161]  do_syscall_64+0xd2/0x200
[  138.943204][ T7161]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  138.943302][ T7161]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  138.943405][ T7161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.943465][ T7161] RIP: 0033:0x7ff02a6cebe9
[  138.943485][ T7161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.943503][ T7161] RSP: 002b:00007ff02912f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  138.943523][ T7161] RAX: ffffffffffffffda RBX: 00007ff02a8f5fa0 RCX: 00007ff02a6cebe9
[  138.943536][ T7161] RDX: 0000000000000000 RSI: 0000200000000700 RDI: 0000000000000005
[  138.943550][ T7161] RBP: 00007ff02912f090 R08: 0000000000000000 R09: 0000000000000000
[  138.943564][ T7161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.943641][ T7161] R13: 00007ff02a8f6038 R14: 00007ff02a8f5fa0 R15: 00007ffff77a1338
[  138.943720][ T7161]  </TASK>
[  139.202650][ T7171] loop4: detected capacity change from 0 to 2048
[  139.218112][ T7169] 9pnet_fd: Insufficient options for proto=fd
[  139.256481][ T7171] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.282699][ T7171] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  139.299435][ T7171] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.1166: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  139.329811][ T7171] EXT4-fs (loop4): Remounting filesystem read-only
[  139.377189][ T7176] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1168'.
[  139.415467][ T7181] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1167'.
[  139.501998][ T7185] netlink: 'syz.1.1170': attribute type 20 has an invalid length.
[  139.708333][ T7194] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1173'.
[  139.764637][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.800855][ T7197] SELinux:  policydb version 0 does not match my version range 15-35
[  139.810335][ T7197] SELinux: failed to load policy
[  139.988622][ T7204] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  140.063593][ T7211] loop2: detected capacity change from 0 to 1024
[  140.076020][ T7211] EXT4-fs: Ignoring removed orlov option
[  140.278885][ T7174] loop3: detected capacity change from 0 to 2048
[  140.354333][ T7212] FAULT_INJECTION: forcing a failure.
[  140.354333][ T7212] name failslab, interval 1, probability 0, space 0, times 0
[  140.367506][ T7212] CPU: 0 UID: 0 PID: 7212 Comm: syz.4.1178 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  140.367544][ T7212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  140.367593][ T7212] Call Trace:
[  140.367602][ T7212]  <TASK>
[  140.367611][ T7212]  __dump_stack+0x1d/0x30
[  140.367647][ T7212]  dump_stack_lvl+0xe8/0x140
[  140.367666][ T7212]  dump_stack+0x15/0x1b
[  140.367689][ T7212]  should_fail_ex+0x265/0x280
[  140.367709][ T7212]  ? sctp_add_bind_addr+0x71/0x1e0
[  140.367764][ T7212]  should_failslab+0x8c/0xb0
[  140.367803][ T7212]  __kmalloc_cache_noprof+0x4c/0x320
[  140.367838][ T7212]  sctp_add_bind_addr+0x71/0x1e0
[  140.367866][ T7212]  sctp_do_bind+0x427/0x4b0
[  140.367942][ T7212]  sctp_connect_new_asoc+0x153/0x3a0
[  140.367979][ T7212]  sctp_sendmsg+0xf10/0x18d0
[  140.368027][ T7212]  ? selinux_socket_sendmsg+0x131/0x1b0
[  140.368060][ T7212]  ? __pfx_sctp_sendmsg+0x10/0x10
[  140.368099][ T7212]  inet_sendmsg+0xc5/0xd0
[  140.368201][ T7212]  __sock_sendmsg+0x102/0x180
[  140.368244][ T7212]  ____sys_sendmsg+0x345/0x4e0
[  140.368269][ T7212]  ___sys_sendmsg+0x17b/0x1d0
[  140.368300][ T7212]  __sys_sendmmsg+0x178/0x300
[  140.368328][ T7212]  __x64_sys_sendmmsg+0x57/0x70
[  140.368408][ T7212]  x64_sys_call+0x1c4a/0x2ff0
[  140.368429][ T7212]  do_syscall_64+0xd2/0x200
[  140.368460][ T7212]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  140.368491][ T7212]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  140.368549][ T7212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.368569][ T7212] RIP: 0033:0x7ff8b096ebe9
[  140.368585][ T7212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.368604][ T7212] RSP: 002b:00007ff8af3b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  140.368629][ T7212] RAX: ffffffffffffffda RBX: 00007ff8b0b96090 RCX: 00007ff8b096ebe9
[  140.368711][ T7212] RDX: 0000000000000002 RSI: 0000200000004600 RDI: 0000000000000007
[  140.368752][ T7212] RBP: 00007ff8af3b6090 R08: 0000000000000000 R09: 0000000000000000
[  140.368847][ T7212] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  140.368905][ T7212] R13: 00007ff8b0b96128 R14: 00007ff8b0b96090 R15: 00007ffd62a25cb8
[  140.368922][ T7212]  </TASK>
[  140.739123][ T7174] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  140.809990][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  140.853684][ T7241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1186'.
[  140.870185][ T7241] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1186'.
[  140.948539][ T7255] loop4: detected capacity change from 0 to 1024
[  140.957649][ T7255] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  140.969338][ T7255] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  140.978098][ T7255] EXT4-fs (loop4): orphan cleanup on readonly fs
[  140.985407][ T7255] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  141.001601][ T7255] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  141.009993][ T7255] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.1194: Freeing blocks not in datazone - block = 0, count = 4096
[  141.024570][ T7255] EXT4-fs (loop4): 1 orphan inode deleted
[  141.030840][ T7255] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.046547][ T7255] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.1194: iget: bad extended attribute block 6
[  141.199870][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.227443][ T7265] loop3: detected capacity change from 0 to 1024
[  141.234798][ T7265] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  141.245927][ T7265] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  141.254352][ T7265] EXT4-fs (loop3): orphan cleanup on readonly fs
[  141.261345][ T7265] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  141.276652][ T7265] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  141.284127][ T7265] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.1197: Freeing blocks not in datazone - block = 0, count = 4096
[  141.298565][ T7265] EXT4-fs (loop3): 1 orphan inode deleted
[  141.304991][ T7265] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.347359][ T7265] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.1197: iget: bad extended attribute block 6
[  141.491347][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.503273][   T12] nci: nci_rx_work: unknown MT 0x5
[  141.512271][ T7282] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1202'.
[  141.523832][ T7282] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1202'.
[  141.637639][ T7300] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1211'.
[  141.746171][ T7314] loop2: detected capacity change from 0 to 512
[  141.808895][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  141.808915][   T29] audit: type=1326 audit(1755356725.497:9710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  141.843792][ T7320] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  141.855236][   T29] audit: type=1326 audit(1755356725.527:9711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  141.879436][   T29] audit: type=1326 audit(1755356725.527:9712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  141.904953][   T29] audit: type=1326 audit(1755356725.527:9713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  141.931807][   T29] audit: type=1326 audit(1755356725.527:9714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  141.958177][   T29] audit: type=1326 audit(1755356725.527:9715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  141.984660][   T29] audit: type=1326 audit(1755356725.527:9716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  142.010555][   T29] audit: type=1326 audit(1755356725.527:9717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  142.035767][   T29] audit: type=1326 audit(1755356725.527:9718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  142.063282][   T29] audit: type=1326 audit(1755356725.537:9719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7319 comm="syz.1.1220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f552babebe9 code=0x7ffc0000
[  142.585020][ T7360] loop3: detected capacity change from 0 to 1024
[  142.698300][ T7360] EXT4-fs: Ignoring removed bh option
[  142.722384][ T7360] EXT4-fs: inline encryption not supported
[  142.749585][ T7360] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  142.755900][ T7363] 9pnet_fd: Insufficient options for proto=fd
[  142.772548][ T7360] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm +}[@: lblock 2 mapped to illegal pblock 2 (length 1)
[  142.789849][ T7360] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm +}[@: lblock 0 mapped to illegal pblock 48 (length 1)
[  142.808437][ T7360] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm +}[@: Failed to acquire dquot type 0
[  142.820658][ T7360] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  142.831751][ T7360] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm +}[@: mark_inode_dirty error
[  142.843230][ T7360] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  142.853866][ T7360] EXT4-fs (loop3): 1 orphan inode deleted
[  142.860041][ T7360] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.874186][   T56] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  142.923183][   T56] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0
[  142.940255][ T7374] loop2: detected capacity change from 0 to 2048
[  142.952122][ T7360] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.965239][ T7360] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm +}[@: Invalid inode table block 1 in block_group 0
[  142.982718][ T7381] loop4: detected capacity change from 0 to 512
[  142.990033][ T7381] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.996894][ T7360] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  143.013911][ T7360] EXT4-fs error (device loop3): ext4_quota_off:7217: inode #3: comm +}[@: mark_inode_dirty error
[  143.035032][ T7381] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  143.047820][ T7381] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  143.054443][ T7386] loop2: detected capacity change from 0 to 1024
[  143.059480][ T7381] EXT4-fs (loop4): 1 truncate cleaned up
[  143.069996][ T7381] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.085560][ T7381] FAULT_INJECTION: forcing a failure.
[  143.085560][ T7381] name failslab, interval 1, probability 0, space 0, times 0
[  143.098956][ T7381] CPU: 1 UID: 0 PID: 7381 Comm: syz.4.1242 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  143.099023][ T7381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  143.099036][ T7381] Call Trace:
[  143.099046][ T7381]  <TASK>
[  143.099056][ T7381]  __dump_stack+0x1d/0x30
[  143.099081][ T7381]  dump_stack_lvl+0xe8/0x140
[  143.099157][ T7381]  dump_stack+0x15/0x1b
[  143.099177][ T7381]  should_fail_ex+0x265/0x280
[  143.099215][ T7381]  ? __pfx_cgroup_show_path+0x10/0x10
[  143.099246][ T7381]  ? cgroup_show_path+0x6a/0x2b0
[  143.099270][ T7381]  should_failslab+0x8c/0xb0
[  143.099299][ T7381]  __kmalloc_cache_noprof+0x4c/0x320
[  143.099368][ T7381]  ? __pfx_cgroup_show_path+0x10/0x10
[  143.099468][ T7381]  cgroup_show_path+0x6a/0x2b0
[  143.099500][ T7381]  ? kernfs_sop_show_path+0xa4/0xf0
[  143.099590][ T7381]  ? __pfx_cgroup_show_path+0x10/0x10
[  143.099622][ T7381]  kernfs_sop_show_path+0xb6/0xf0
[  143.099712][ T7381]  ? __pfx_kernfs_sop_show_path+0x10/0x10
[  143.099736][ T7381]  show_path+0x57/0x80
[  143.099764][ T7381]  show_mountinfo+0xd8/0x600
[  143.099872][ T7381]  m_show+0x3b/0x50
[  143.099921][ T7381]  traverse+0x144/0x3a0
[  143.099950][ T7381]  seq_lseek+0xb5/0x170
[  143.099996][ T7381]  __x64_sys_lseek+0xe8/0x160
[  143.100021][ T7381]  x64_sys_call+0x2814/0x2ff0
[  143.100047][ T7381]  do_syscall_64+0xd2/0x200
[  143.100078][ T7381]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  143.100141][ T7381]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  143.100164][ T7381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.100187][ T7381] RIP: 0033:0x7ff8b096ebe9
[  143.100207][ T7381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.100228][ T7381] RSP: 002b:00007ff8af3d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008
[  143.100253][ T7381] RAX: ffffffffffffffda RBX: 00007ff8b0b95fa0 RCX: 00007ff8b096ebe9
[  143.100314][ T7381] RDX: 0000000000000000 RSI: 0000000000010001 RDI: 0000000000000006
[  143.100396][ T7381] RBP: 00007ff8af3d7090 R08: 0000000000000000 R09: 0000000000000000
[  143.100411][ T7381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.100425][ T7381] R13: 00007ff8b0b96038 R14: 00007ff8b0b95fa0 R15: 00007ffd62a25cb8
[  143.100455][ T7381]  </TASK>
[  143.383271][ T7360] netlink: '+}[@': attribute type 10 has an invalid length.
[  143.393398][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.415573][ T7360] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  143.443168][ T7397] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  143.453623][ T7397] tipc: Disabling bearer <eth:syzkaller0>
[  143.497967][ T7401] program syz.2.1250 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  143.644161][ T7419] rdma_op ffff88811e4d8980 conn xmit_rdma 0000000000000000
[  143.662010][ T7418] loop2: detected capacity change from 0 to 1024
[  143.697411][ T7418] EXT4-fs: Ignoring removed orlov option
[  143.716605][ T7421] loop4: detected capacity change from 0 to 128
[  143.725083][ T7422] loop3: detected capacity change from 0 to 2048
[  143.777745][ T7421] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  143.788189][ T7422] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.809631][ T7421] System zones: 1-3, 19-19, 35-36
[  143.846648][ T7421] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  143.891066][ T7434] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.1257: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  143.936797][ T7422] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  143.948766][ T7421] ext4 filesystem being mounted at /233/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  143.986081][ T7434] EXT4-fs (loop3): Remounting filesystem read-only
[  144.034683][ T7441] netlink: 'syz.2.1267': attribute type 10 has an invalid length.
[  144.072353][ T3302] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  144.072619][ T7451] netlink: 'syz.2.1267': attribute type 10 has an invalid length.
[  144.092658][ T7441] syz_tun: entered promiscuous mode
[  144.125857][ T7441] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  144.137480][ T7455] loop4: detected capacity change from 0 to 1024
[  144.152270][ T7451] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.155671][ T7450] __nla_validate_parse: 4 callbacks suppressed
[  144.155692][ T7450] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1270'.
[  144.162084][ T7451] team0: Port device bond0 added
[  144.292534][ T7455] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.361371][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.450554][ T7482] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1281'.
[  144.477768][ T7482] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1281'.
[  144.520645][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.551156][ T7489] FAULT_INJECTION: forcing a failure.
[  144.551156][ T7489] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  144.565673][ T7489] CPU: 1 UID: 0 PID: 7489 Comm: syz.2.1285 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  144.565710][ T7489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  144.565722][ T7489] Call Trace:
[  144.565761][ T7489]  <TASK>
[  144.565767][ T7489]  __dump_stack+0x1d/0x30
[  144.565791][ T7489]  dump_stack_lvl+0xe8/0x140
[  144.565810][ T7489]  dump_stack+0x15/0x1b
[  144.565857][ T7489]  should_fail_ex+0x265/0x280
[  144.565881][ T7489]  should_fail+0xb/0x20
[  144.565958][ T7489]  should_fail_usercopy+0x1a/0x20
[  144.565979][ T7489]  _copy_from_user+0x1c/0xb0
[  144.566083][ T7489]  memdup_user+0x5e/0xd0
[  144.566113][ T7489]  strndup_user+0x68/0xb0
[  144.566179][ T7489]  __se_sys_mount+0x4d/0x2e0
[  144.566201][ T7489]  ? __bpf_trace_sys_enter+0x10/0x30
[  144.566345][ T7489]  ? trace_sys_enter+0xd0/0xf0
[  144.566370][ T7489]  __x64_sys_mount+0x67/0x80
[  144.566396][ T7489]  x64_sys_call+0x2b4d/0x2ff0
[  144.566491][ T7489]  do_syscall_64+0xd2/0x200
[  144.566564][ T7489]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  144.566591][ T7489]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  144.566618][ T7489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.566641][ T7489] RIP: 0033:0x7f0bdda0ebe9
[  144.566660][ T7489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.566754][ T7489] RSP: 002b:00007f0bdc477038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  144.566775][ T7489] RAX: ffffffffffffffda RBX: 00007f0bddc35fa0 RCX: 00007f0bdda0ebe9
[  144.566789][ T7489] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[  144.566803][ T7489] RBP: 00007f0bdc477090 R08: 0000200000000580 R09: 0000000000000000
[  144.566818][ T7489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.566842][ T7489] R13: 00007f0bddc36038 R14: 00007f0bddc35fa0 R15: 00007ffca719dcd8
[  144.566863][ T7489]  </TASK>
[  144.816706][ T7491] SELinux: ebitmap: truncated map
[  144.826610][ T7491] SELinux: failed to load policy
[  144.956934][ T7507] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1289'.
[  145.028125][ T7504] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1291'.
[  145.051709][ T7511] loop2: detected capacity change from 0 to 2048
[  145.079146][ T7514] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1296'.
[  145.108318][ T7514] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1296'.
[  145.141847][ T7518] tipc: Started in network mode
[  145.148634][ T7518] tipc: Node identity 4adcce0c1d65, cluster identity 4711
[  145.157058][ T7518] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  145.171200][ T7518] tipc: Disabling bearer <eth:syzkaller0>
[  145.200976][ T7525] ==================================================================
[  145.210468][ T7525] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  145.219785][ T7525] 
[  145.222651][ T7525] write to 0xffff8881042b4b00 of 8 bytes by task 7521 on cpu 1:
[  145.231731][ T7525]  mas_wmb_replace+0xe45/0x14a0
[  145.237042][ T7525]  mas_wr_store_entry+0x1773/0x2b50
[  145.243602][ T7525]  mas_store_prealloc+0x74d/0x9e0
[  145.249546][ T7525]  vma_iter_store_new+0x1c5/0x200
[  145.254914][ T7525]  vma_complete+0x125/0x580
[  145.260348][ T7525]  __split_vma+0x5d9/0x650
[  145.265429][ T7525]  vma_modify+0x3f2/0xc80
[  145.270387][ T7525]  vma_modify_flags+0x101/0x130
[  145.276472][ T7525]  mprotect_fixup+0x2cc/0x570
[  145.282217][ T7525]  do_mprotect_pkey+0x6d6/0x980
[  145.287975][ T7525]  __x64_sys_mprotect+0x48/0x60
[  145.292859][ T7525]  x64_sys_call+0x274e/0x2ff0
[  145.297868][ T7525]  do_syscall_64+0xd2/0x200
[  145.302498][ T7525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.308928][ T7525] 
[  145.311699][ T7525] read to 0xffff8881042b4b00 of 8 bytes by task 7525 on cpu 0:
[  145.319559][ T7525]  mas_state_walk+0x485/0x650
[  145.324447][ T7525]  mas_walk+0x60/0x150
[  145.328525][ T7525]  lock_vma_under_rcu+0x8d/0x160
[  145.333650][ T7525]  do_user_addr_fault+0x233/0x1090
[  145.339219][ T7525]  exc_page_fault+0x62/0xa0
[  145.344025][ T7525]  asm_exc_page_fault+0x26/0x30
[  145.348892][ T7525] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=-1 (errno 104: Connection reset by peer)
[  145.351240][ T7525] value changed: 0xffff888103eaa60e -> 0xffff8881042b4b00
[  145.358903][ T7525] 
[  145.361412][ T7525] Reported by Kernel Concurrency Sanitizer on:
[  145.368067][ T7525] CPU: 0 UID: 0 PID: 7525 Comm: syz.0.1300 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  145.380578][ T7525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  145.390727][ T7525] ==================================================================
[  145.557373][ T7520] bond0: (slave syz_tun): Releasing backup interface
[  145.568737][ T3322] smc: removing ib device syz1
[  145.846515][   T56] bridge_slave_1: left allmulticast mode
[  145.852550][   T56] bridge_slave_1: left promiscuous mode
[  145.859348][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.868000][   T56] bridge_slave_0: left allmulticast mode
[  145.875052][   T56] bridge_slave_0: left promiscuous mode
[  145.881294][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.935141][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  145.945682][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  145.955614][   T56] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  145.966851][   T56] bond0 (unregistering): Released all slaves
[  146.004725][   T56] tipc: Left network mode
[  146.012477][   T56] hsr_slave_0: left promiscuous mode
[  146.019941][   T56] hsr_slave_1: left promiscuous mode
[  146.027228][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  146.037566][   T56] batman_adv: batadv0: Removing interface: batadv_slave_1
[  146.068000][   T56] team0 (unregistering): Port device team_slave_1 removed
[  146.078863][   T56] team0 (unregistering): Port device team_slave_0 removed
[  146.324745][   T56] IPVS: stop unused estimator thread 0...
[  146.389049][   T56] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.436516][   T56] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.476187][   T56] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.525785][   T56] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.587870][   T56] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  146.598427][   T56] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.626043][   T56] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  146.637073][   T56] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.686377][   T56] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  146.697903][   T56] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.735416][   T56] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  146.748496][   T56] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.817507][   T56] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.844743][   T56] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.904774][   T56] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.964773][   T56] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.049671][   T56] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.085912][   T56] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.125823][   T56] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.186177][   T56] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.263523][   T29] kauditd_printk_skb: 357 callbacks suppressed
[  147.263545][   T29] audit: type=1400 audit(1755356730.957:10074): avc:  denied  { egress } for  pid=3469 comm="kworker/1:6" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  147.299841][   T29] audit: type=1400 audit(1755356730.957:10075): avc:  denied  { sendto } for  pid=3469 comm="kworker/1:6" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  147.325225][   T56] bridge_slave_1: left allmulticast mode
[  147.330950][   T56] bridge_slave_1: left promiscuous mode
[  147.336743][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.345957][   T56] bridge_slave_0: left allmulticast mode
[  147.351904][   T56] bridge_slave_0: left promiscuous mode
[  147.358092][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.366937][   T56] bridge_slave_1: left allmulticast mode
[  147.373662][   T56] bridge_slave_1: left promiscuous mode
[  147.379856][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.389977][   T56] bridge_slave_0: left allmulticast mode
[  147.396714][   T56] bridge_slave_0: left promiscuous mode
[  147.402824][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.412578][   T56] bridge_slave_1: left allmulticast mode
[  147.418475][   T56] bridge_slave_1: left promiscuous mode
[  147.424231][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.432224][   T56] bridge_slave_0: left allmulticast mode
[  147.438286][   T56] bridge_slave_0: left promiscuous mode
[  147.444392][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.453156][   T56] dummy0: left allmulticast mode
[  147.458534][   T56] bridge0: port 3(dummy0) entered disabled state
[  147.465864][   T56] bridge_slave_1: left allmulticast mode
[  147.471798][   T56] bridge_slave_1: left promiscuous mode
[  147.477821][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.486064][   T56] bridge_slave_0: left allmulticast mode
[  147.492034][   T56] bridge_slave_0: left promiscuous mode
[  147.497890][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.506554][   T56] erspan0: left allmulticast mode
[  147.512125][   T56] erspan0: left promiscuous mode
[  147.517645][   T56] : port 1(erspan0) entered disabled state
[  147.675778][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  147.686444][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  147.696975][   T56] bond0 (unregistering): Released all slaves
[  147.746610][   T56] 
 (unregistering): (slave bond_slave_0): Releasing backup interface
[  147.757654][   T56] 
 (unregistering): (slave bond_slave_1): Releasing backup interface
[  147.768666][   T56] 
 (unregistering): Released all slaves
[  147.815803][   T56] team0: Port device bond0 removed
[  147.823414][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  147.834582][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  147.844778][   T56] bond0 (unregistering): Released all slaves
[  147.964706][   T56] bond1 (unregistering): (slave bridge1): Releasing active interface
[  148.044851][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  148.055415][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  148.064767][   T56] bond0 (unregistering): Released all slaves
[  148.073762][   T56] bond1 (unregistering): Released all slaves
[  148.117971][   T56] tipc: Left network mode
[  148.122996][   T56] tipc: Left network mode
[  148.127884][   T56] tipc: Disabling bearer <udp:syz1>
[  148.133388][   T56] tipc: Left network mode
[  148.149346][   T56] hsr_slave_0: left promiscuous mode
[  148.155413][   T56] hsr_slave_1: left promiscuous mode
[  148.161512][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.169196][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.177312][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.185694][   T56] batman_adv: batadv0: Removing interface: batadv_slave_1
[  148.196022][   T56] hsr_slave_0: left promiscuous mode
[  148.202538][   T56] hsr_slave_1: left promiscuous mode
[  148.209484][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.217417][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.227461][   T56] hsr_slave_0: left promiscuous mode
[  148.233837][   T56] hsr_slave_1: left promiscuous mode
[  148.241733][   T56] hsr_slave_0: left promiscuous mode
[  148.248425][   T56] hsr_slave_1: left promiscuous mode
[  148.254331][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.262508][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.280015][   T56] veth1_macvtap: left promiscuous mode
[  148.285817][   T56] veth0_macvtap: left promiscuous mode
[  148.291572][   T56] veth1_vlan: left promiscuous mode
[  148.297149][   T56] veth0_vlan: left promiscuous mode
[  148.303131][   T56] veth1_macvtap: left promiscuous mode
[  148.308674][   T56] veth0_macvtap: left promiscuous mode
[  148.314841][   T56] veth1_vlan: left promiscuous mode
[  148.320496][   T56] veth0_vlan: left promiscuous mode
[  148.326565][   T56] veth1_macvtap: left promiscuous mode
[  148.332201][   T56] veth0_macvtap: left promiscuous mode
[  148.338045][   T56] veth1_vlan: left promiscuous mode
[  148.343646][   T56] veth0_vlan: left promiscuous mode
[  148.349507][   T56] veth1_macvtap: left promiscuous mode
[  148.355114][   T56] veth0_macvtap: left promiscuous mode
[  148.360812][   T56] veth1_vlan: left promiscuous mode
[  148.366288][   T56] veth0_vlan: left promiscuous mode
[  148.500401][   T56] team0 (unregistering): Port device team_slave_1 removed
[  148.510238][   T56] team0 (unregistering): Port device team_slave_0 removed
[  148.560214][   T56] team0 (unregistering): Port device team_slave_1 removed
[  148.570211][   T56] team0 (unregistering): Port device team_slave_0 removed
[  148.621281][   T56] team0 (unregistering): Port device team_slave_1 removed
[  148.634780][   T56] team0 (unregistering): Port device team_slave_0 removed
[  148.681288][   T56] team0 (unregistering): Port device team_slave_1 removed
[  148.692639][   T56] team0 (unregistering): Port device team_slave_0 removed
[  148.723673][   T10] lo speed is unknown, defaulting to 1000
[  148.730081][   T10] infiniband syz0: ib_query_port failed (-19)
[  149.619504][   T56] IPVS: stop unused estimator thread 0...
[  149.627014][   T56] IPVS: stop unused estimator thread 0...
[  149.633403][   T56] IPVS: stop unused estimator thread 0...
[  149.640263][   T56] IPVS: stop unused estimator thread 0...