last executing test programs:

3.140618549s ago: executing program 4 (id=947):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x24000010}, 0x4c884)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000a00))
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYBLOB="3f4e345cb3602ba69cb03fff86ca150e48780caeb0317569027f75b4087d6c7b175c2c5af17934b9dcd677a9a9d6b913bf982540e3873631a641a217bb8f32a3f8f0a08a053b4160fca9d360b1208731a9384de9b5650bf1e53f70044017661b7cb6c46f6292d4183aea9dc9c5763cb7"], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x4c094)
r4 = socket(0x10, 0x3, 0x0)
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, 0x0, 0x48c0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000300), &(0x7f00000004c0)=0x4)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x79}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@newtfilter={0x44, 0x28, 0xd2b, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xffff, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x14, 0x2, [@TCA_CGROUP_POLICE={0x10, 0x2, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8810}, 0x24048042)

3.134937539s ago: executing program 4 (id=949):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, 0x0, &(0x7f00000010c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
fsetxattr$security_selinux(r1, &(0x7f0000000540), &(0x7f0000000580)='system_u:object_r:udev_var_run_t:s0\x00', 0x24, 0x3)

3.120710789s ago: executing program 4 (id=950):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000004000000000000000010000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r0}, 0x18)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

2.977209991s ago: executing program 4 (id=954):
setresuid(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x0, 0x84)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
write$nci(r2, 0x0, 0xfffffeea)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e21, @private=0xa010102}], 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
r6 = epoll_create1(0x0)
r7 = eventfd2(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000b80)={0x60000012})
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r7, &(0x7f0000000180)={0x80002014})
msgget$private(0x0, 0x480)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x43, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x182, 0x6}, 0x16025, 0x4005, 0xb, 0x0, 0x1, 0x2, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x8)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)={0x24, 0x0, 0x1, 0x4070bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x24}}, 0x18)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x30, 0x0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008081)
bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x3}, {0x0}, &(0x7f0000000440)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x60, 0x4}}], 0x48, 0x8004}, 0x0)

2.246237685s ago: executing program 0 (id=975):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x9, 0x80, 0x6, 0x2}, {0x5, 0x3, 0x6, 0x7}, {0x4, 0x2, 0x3, 0xc}, {0x0, 0x7, 0x4, 0x3}]})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000200), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x5, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8c44f, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xfffffffffffffff8}, 0x17160, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xc, 0xffffffffffffffff, 0x2)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = inotify_init()
inotify_add_watch(r4, &(0x7f0000000280)='.\x00', 0x25000001)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYBLOB="82d040e4fff7751005187a18466830ce9261a6a5839bb5da46675e07f27b345e8859c8e6fbe343cc19ff4aef43cb1c18f790baf86b2d350e51ba79462801e6c5610300f7975b6778a1d53fe6287e3de57e6f0ce9780bf92e99877e66c59b51", @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18)
execve(0x0, 0x0, 0x0)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000001700)=ANY=[@ANYBLOB='/sx.\x00'])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x200000}, 0x18)
r7 = inotify_init()
inotify_add_watch(r7, &(0x7f0000000340)='.\x00', 0xa50003d1)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=ANY=[@ANYBLOB="020300030f0000002cbd7040fcdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af030006000000000002004e22ac1414bb000000000000000002000100000000000000070c00000080030005000000000002004e22ac14140a00000000000000000200130002"], 0x78}, 0x1, 0x7}, 0x0)
syz_clone(0x21000, &(0x7f0000000480)="319266e8cb5d7ff740bbcefc03cc8e346f1a36c4bf7a5a480ff63d302e603e5223583df5d794762fd948bd11937c5d88d21e6293419cf6edf9780a145a737dd9d35bb130fbd0e9ebabbbbf750cd53ce6409c29ab41e03163d79ecc97994d934d2acdfb25962eaddf9db71092d6cd623b1ea6ff70d08d683fb8c0087aeb28308676261cd96fa7096f5bc9676733fd2d9604ada96b41932e8fd5d3573ee96168144d7d6457fbb575b30f42ae470f7e5911afa9eecf677d5507ba21e3de6000345f", 0xc0, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000680)="9b13869b1cc87cd415a3cfa9385a0e38432f893b20659b628b9f0e0e2a8b40cbc12c03bce5aa610f2f779a033d557bbcd427fc5ea8a21c3cf3daf4587b11bc30401e49b1ca834b958dc4f02d6f748abc722432084aa009dab5460846331f23a5cc51862c49fe0305d6b19d8840b521ef7d62938e7933e8e5b6382cf4")
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0)

1.664726219s ago: executing program 4 (id=985):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x24000010}, 0x4c884)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000a00))
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYBLOB="3f4e345cb3602ba69cb03fff86ca150e48780caeb0317569027f75b4087d6c7b175c2c5af17934b9dcd677a9a9d6b913bf982540e3873631a641a217bb8f32a3f8f0a08a053b4160fca9d360b1208731a9384de9b5650bf1e53f70044017661b7cb6c46f6292d4183aea9dc9c5763cb779bce043"], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x4c094)
r4 = socket(0x10, 0x3, 0x0)
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, 0x0, 0x48c0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000300), &(0x7f00000004c0)=0x4)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x79}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@newtfilter={0x44, 0x28, 0xd2b, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xffff, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x14, 0x2, [@TCA_CGROUP_POLICE={0x10, 0x2, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8810}, 0x24048042)

1.60996883s ago: executing program 4 (id=987):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$INCFS_IOC_PERMIT_FILL(r0, 0x40046721, &(0x7f0000000080)={r1})
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r2, 0xa, 0x13)
fcntl$setlease(r2, 0x400, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000280))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000201000085000000430000"], 0x0, 0x3ffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000200)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa000000000000000002ff02000000000000000000000000000100000000000c9078810400"/61], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setlease(r2, 0x400, 0x2)
ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f00000001c0)=@add_del={0x2, &(0x7f0000000100)='ip6gretap0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='flush_foreign\x00', r2, 0x0, 0x4a81}, 0x18)

1.46371919s ago: executing program 0 (id=989):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x33, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0006}]})
close_range(r4, 0xffffffffffffffff, 0x0)

1.46289554s ago: executing program 1 (id=990):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
close(0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000004000000000000000010000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r2, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

1.413373751s ago: executing program 3 (id=991):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r0, 0x0, 0x4804}, 0x18)
syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000180)='./file0\x00', 0x1000802, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c6e6f6e756d7461696c003130dbbb3121258e322c262b537f5d0000006e695f7804590000000000003d312c696f63686172538c6c90392bc69373686f72746e616d65653ff959f53d6d697865642c636f6465706167653d3821332c696f6368617273650000000031323831e54f1bb0a3d72c007e3db5a829498e2a721ae5804ff8ccb41eff157cfdfcef90a6010100003ceeeac934b3165b4a0ea182cdd0666ab32f2d041a99ac9fc865ba946f1bb7759d02742dfcc68937ff86d7a54d6de8823119c767d45d6047209f4436383ee21373a9c3f450cb6d7c37b59a34407d4a0e6a382108ddd52580281f1d8ad71c4ceafb49960f1429b090d1429f519f9c2b0cb88ffa6fc04fa61c275bf560b9eeeb2d0c8b3ddeb56783f9908c21cf9b2ba0b76b9b60c991bb17c7d0accad1cdaf3259b7dc405d72e2bc3abe0cf37bda3dbfc05e2e55f8aa272b5ea736019c3c0a9b34115a445e0c5da1bd7352ec9529f5caa71f1ae71b36b500c79fffb487ed081232b5d93d3162c7f71f4d5756c9e5442fa3692127266a0c15dac9171edda86b148d17a48d4d90470e79620eeab5acf6f78f807298315e2b80fe1874098d75ab47837a96699e2a7db456f2a4368bece813135ed970951c7471ac16703820a799421cb24f32a5f49ab45bec637c38bcbdae4da3a05f96b2162c47d0b1277e1b1bcc981cce8f6f7f3dd8d06352eb387997b498a732d8442115755ff14d508891abd401b3cafcba75a6901fbe08002674d8663b8c40e9cf13fa4c4a092cb8004a1d2a6fe18cd5d702493d52a7110b17e64b9fa22fb3ace98b9ca35cb98c65f0902dd430373f6ae43c4a60c423b6f65b5ecc2093698072abc857ab2d36a261a7fc5776d39c3d5d5fad291c88ff9726d5ee32c6bcac1799ade9459eb39b56d985d29b988c72c9ad7e82b589f454a58d7cd5ace9436cf69acc217737c863d8938cc95767a0c9b14cb79f5b45ea2408d1da65a2ed8cf55a"], 0x4, 0x24e, &(0x7f0000000a00)="$eJzs3cFLk38YAPBnOtGf8GMeAkmC3ug+1OiuhII0KJId6pSkUjgTEoQ6qJ06d+pS/0Jdgq5Bh+jaPxBBWNBFO3kIFvqq07nlrLZFfj6XPez7PPt+33cv+26HPe/NM/Nz0wuLsxsba9HTk+nKjsTLgc1M9EVHdEZqNQCAf8lmuRzr5VS71wIAtIb9HwBOnsr+nzm0/2dW974TXG39ygCAZvH7HwBOnsnrNy6PFgpj19aTnoj5R0vFpWL6mI6PzsadKMVMDEYuvkeU96Txk4nC2GCy5XNfFOdXdupXloqdB+uHIhd9h+vHJwpjQ0nqYH1X9O7Uf+iNmRiOXJyqXT9cq74rIs7vmz8fuXh/KxaiFNOxVVupXx5KkktXClXzd2/nAQAAAAAAAAAAAAAAAAAAAABAM+Q7tlvnlLuTpGb/nnw+2VU1ntbv7w/0X43+QON7/YGq+/tkYyDb3mMHAAAAAAAAAAAAAAAAAACAv8Xi/QdzU6XSzL2fBXffPX9zVE6DQWZn3po53RHx+1M0GPx/7tPT+jkPj3N+/mzw+myLJ9067cetert2+/SFxf6L9XIi27Q1d/zKm/I117RL68VuMPLtyOTHk626wjurn+l/NjL1avnjl0Zfp40fSgAAAAAAAAAAAAAAAAAAcEJV/vTb7pUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQPtU7v9fJ8hE3aEGg9V2HyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwIAAD//8pHpIo=")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f00000000c0), 0x1}, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000600)=0x14)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000080)=0x14)
close(r1)

1.294209372s ago: executing program 3 (id=992):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x33, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0006}]})
close_range(r4, 0xffffffffffffffff, 0x0)

1.226148642s ago: executing program 0 (id=993):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0xc0, 0x49, 0x7fff0000}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b79"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8)

1.152953202s ago: executing program 1 (id=994):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000010c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = io_uring_setup(0x1637, &(0x7f0000000240)={0x0, 0xca6a, 0x4, 0x3, 0x3})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000480), 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000680)=ANY=[@ANYRESHEX, @ANYRES32], 0x0}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000600)={{0x1, 0x1, 0x18, <r3=>r2, {0x2}}, './file1\x00'})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r4}, &(0x7f0000000200), &(0x7f0000000280)=r5}, 0x20)
r6 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
sendmmsg$inet6(r6, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r6, &(0x7f0000003880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/29, 0x1d}}], 0x1, 0x12141, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000006c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=@delchain={0x2c, 0x65, 0x4, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0x7}, {0xd, 0xfff1}, {0xf}}, [@TCA_CHAIN={0x8, 0xb, 0x1000}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40008}, 0x44000)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r7 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)

1.152364792s ago: executing program 0 (id=995):
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@nomblk_io_submit}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000004740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc010}, 0x80)
r0 = socket(0xa, 0x2, 0x0)
sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0xc084}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0xfffffffd, @mcast2={0xff, 0x5}, 0x1ff}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x40800)

1.066096373s ago: executing program 3 (id=996):
unshare(0x26020480)
syz_clone3(&(0x7f0000000080)={0x21800000, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x8, 0x0)
sendfile(r0, r1, 0x0, 0x6)

1.034219693s ago: executing program 3 (id=997):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x24000010}, 0x4c884)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000a00))
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYBLOB="3f4e345cb3602ba69cb03fff86ca150e48780caeb0317569027f75b4087d6c7b175c2c5af17934b9dcd677a9a9d6b913bf982540e3873631a641a217bb8f32a3f8f0a08a053b4160fca9d360b1208731a9384de9b5650bf1e53f70044017661b7cb6c46f6292d4183aea9dc9c5763cb779bce043"], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x4c094)
r4 = socket(0x10, 0x3, 0x0)
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, 0x0, 0x48c0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000300), &(0x7f00000004c0)=0x4)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x79}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@newtfilter={0x44, 0x28, 0xd2b, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xffff, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x14, 0x2, [@TCA_CGROUP_POLICE={0x10, 0x2, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8810}, 0x24048042)

1.032680183s ago: executing program 1 (id=998):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
fsetxattr$security_selinux(r1, &(0x7f0000000540), &(0x7f0000000580)='system_u:object_r:udev_var_run_t:s0\x00', 0x24, 0x3)

966.281603ms ago: executing program 1 (id=999):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x3}, 0x50)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'gretap0\x00', &(0x7f0000000280)={'erspan0\x00', <r2=>0x0, 0x7, 0xfdef98c67a91e5d0, 0x81, 0x7, {{0x17, 0x4, 0x2, 0x3, 0x5c, 0x65, 0x0, 0x0, 0x29, 0x0, @rand_addr=0x64010100, @loopback, {[@timestamp_prespec={0x44, 0xc, 0x3d, 0x3, 0x5, [{@rand_addr=0x64010101, 0x6}]}, @timestamp_addr={0x44, 0x3c, 0xd4, 0x1, 0xd, [{@remote, 0xf9}, {@dev={0xac, 0x14, 0x14, 0x2c}, 0x3}, {@local, 0x80000001}, {@rand_addr=0x64010102}, {@rand_addr=0x64010101, 0x60f}, {@dev={0xac, 0x14, 0x14, 0xe}, 0x9}, {@private=0xa010101, 0x3ff}]}]}}}}})
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)={0x3, 0x4, 0x4, 0xa, 0x0, r1, 0x5, '\x00', r2, r3, 0x0, 0x0, 0x4}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x2}, 0x18)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$int_in(r6, 0x5452, &(0x7f0000000080)=0xdd3)
close(r6)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r8, 0x0, 0x0)
connect$bt_sco(r8, &(0x7f00000000c0)={0x1f, @none}, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r9}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000004000000000000000010000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_pidfd_open(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

930.653614ms ago: executing program 3 (id=1000):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1f000000", @ANYRES16=r2, @ANYBLOB="c50f00000000000000001100000008000300", @ANYRES32=0x0, @ANYBLOB="08002a0084210000"], 0x24}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x2)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)

859.921994ms ago: executing program 0 (id=1002):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000100)=""/223, 0x1a, 0xdf, 0x1}, 0x28)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x20008000)

762.279345ms ago: executing program 0 (id=1003):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0xffffffffffffffbc, 0x3, 0x4}, @IFLA_XFRM_IF_ID={0x6, 0x2, 0x1200}]}}}]}, 0x44}}, 0x0)
openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket(0x10, 0x2, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x100030, r1, 0x299bb000)
setsockopt$TIPC_CONN_TIMEOUT(r2, 0x10f, 0x82, &(0x7f0000000280)=0x8, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f00000002c0)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r5}, 0x18)
syz_genetlink_get_family_id$devlink(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRESHEX, @ANYRESDEC=r4], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4004801)
sendto$inet6(r1, &(0x7f0000000000)="7800000018002507b9409b14ffff00000204be04020506050e0204094300080004000000040010000d0068d0bf46d32345653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f25232500000", 0x78, 0x0, 0x0, 0x0)

458.425257ms ago: executing program 3 (id=1005):
setresuid(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x0, 0x84)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
write$nci(r2, 0x0, 0xfffffeea)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e21, @private=0xa010102}], 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
r6 = epoll_create1(0x0)
r7 = eventfd2(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000b80)={0x60000012})
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r7, &(0x7f0000000180)={0x80002014})
msgget$private(0x0, 0x480)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x43, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x182, 0x6}, 0x16025, 0x4005, 0xb, 0x0, 0x1, 0x2, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x8)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)={0x24, 0x0, 0x1, 0x4070bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x24}}, 0x18)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x30, 0x0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008081)
r9 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r9, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)

405.629027ms ago: executing program 2 (id=1006):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
link(0x0, 0x0)
unshare(0x26020480)
syz_clone3(&(0x7f0000000080)={0x21800000, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff})
r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x8, 0x0)
sendfile(r2, r3, 0x0, 0x6)

331.379668ms ago: executing program 2 (id=1007):
unshare(0x26020480)
syz_clone3(&(0x7f0000000080)={0x21800000, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x8, 0x0)
sendfile(r0, r1, 0x0, 0x6)

287.028308ms ago: executing program 2 (id=1008):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000010c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = io_uring_setup(0x1637, &(0x7f0000000240)={0x0, 0xca6a, 0x4, 0x3, 0x3})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000480), 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000680)=ANY=[@ANYRESHEX, @ANYRES32], 0x0}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000600)={{0x1, 0x1, 0x18, <r3=>r2, {0x2}}, './file1\x00'})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r4}, &(0x7f0000000200), &(0x7f0000000280)=r5}, 0x20)
r6 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
sendmmsg$inet6(r6, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r6, &(0x7f0000003880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/29, 0x1d}}], 0x1, 0x12141, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000006c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=@delchain={0x2c, 0x65, 0x4, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0x7}, {0xd, 0xfff1}, {0xf}}, [@TCA_CHAIN={0x8, 0xb, 0x1000}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40008}, 0x44000)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r7 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)

231.175938ms ago: executing program 1 (id=1009):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdbb73887feb3f14db126c935954a335f6469a793"], 0x138)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r2=>r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r3}, 0x18)
write$UHID_DESTROY(r0, &(0x7f0000000340), 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES16, @ANYRESHEX=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xffffdffb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x800c4, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@loose}]}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000400)=ANY=[@ANYRESDEC=r2], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
pipe2$9p(&(0x7f0000001900)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = dup(r9)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[], [], 0x6b}})

197.502939ms ago: executing program 2 (id=1010):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x24000010}, 0x4c884)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000a00))
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYBLOB="3f4e345cb3602ba69cb03fff86ca150e48780caeb0317569027f75b4087d6c7b175c2c5af17934b9dcd677a9a9d6b913bf982540e3873631a641a217bb8f32a3f8f0a08a053b4160fca9d360b1208731a9384de9b5650bf1e53f70044017661b7cb6c46f6292d4183aea9dc9c5763cb779bce043549c"], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x4c094)
r4 = socket(0x10, 0x3, 0x0)
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, 0x0, 0x48c0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000300), &(0x7f00000004c0)=0x4)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x79}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@newtfilter={0x44, 0x28, 0xd2b, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xffff, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x14, 0x2, [@TCA_CGROUP_POLICE={0x10, 0x2, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8810}, 0x24048042)

134.375519ms ago: executing program 2 (id=1011):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff}, 0x10)
sendmsg$kcm(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="2e00000022008102e00f80ecdb4cb9020a", 0x4a}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6tnl0\x00', &(0x7f00000004c0)={'syztnl1\x00', <r2=>0x0, 0x4, 0x20, 0x3, 0xabb, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x40, 0x5, 0x7}})
sendmsg$nl_route(r1, &(0x7f0000000580)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000380)=@ipv6_getaddr={0x20, 0x16, 0x100, 0x70bd29, 0x25dfdbff, {0xa, 0x18, 0xa8, 0x0, r2}, [@IFA_FLAGS={0x8, 0x8, 0x10}]}, 0x20}, 0x1, 0x0, 0x0, 0x804}, 0x800)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r7}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={0x0, 0x44}}, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue0\x00', 0x200000})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r8, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x9}, 0x8})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000000400000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
close(r0)

45.97043ms ago: executing program 1 (id=1012):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r3 = accept4(r1, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r8 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
readv(r8, &(0x7f0000000100)=[{&(0x7f0000000700)=""/89, 0x59}], 0x1)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x20, &(0x7f0000000040)={&(0x7f0000000280)=""/172, 0xac, <r9=>0x0, &(0x7f0000000340)=""/120, 0x78}}, 0x10)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000580)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x7, [@restrict={0x1, 0x0, 0x0, 0xb, 0x2}, @typedef={0xa}, @typedef={0x5, 0x0, 0x0, 0x8, 0x4}]}, {0x0, [0x2e, 0x30, 0x2e, 0x61, 0x0]}}, &(0x7f0000000440), 0x43, 0x0, 0x1, 0x3}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0xffffff1a, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x2, 0x27, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xdab2, 0x0, 0x0, 0x0, 0x593}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x401}}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x1}, @map_val={0x18, 0x7, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x5}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x101}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x1, 0x67, &(0x7f0000000280)=""/103, 0x41100, 0x8, '\x00', 0x0, @fallback=0x8, r8, 0x8, &(0x7f0000000300)={0x3, 0x2}, 0x8, 0x10, 0x0, 0x0, r9, r6, 0x4, &(0x7f0000000700)=[r5, r0, r4, r3, r4, r0, r5], &(0x7f0000000740)=[{0x3, 0x2, 0x4, 0xb}, {0x0, 0x1, 0x9, 0x9}, {0x5, 0x2, 0xa, 0x1}, {0x0, 0x3, 0x8, 0x4}], 0x10, 0xc0}, 0x94)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)={0x114, 0x29, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac0b}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @loopback}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8", @typed={0x8, 0x145, 0x0, 0x0, @ipv4=@remote}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
getsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000880)={@initdev, @dev}, &(0x7f00000008c0)=0xc)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10)
recvfrom(r2, &(0x7f00000001c0)=""/62, 0x3e, 0x10120, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x4b3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r12}, 0x10)
gettid()

0s ago: executing program 2 (id=1013):
socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000000)=0x800, 0x4)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000000000)="10", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040)={0x7, 0xe, 0x9, 0x0, 0x1, 0x8, 0xa7, 0x4, 0x5, 0xf1, 0xb, 0x7, 0x0, 0x7}, 0xe)
shutdown(r1, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x44}, 0x1, 0x0, 0x0, 0xc000}, 0xc000)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0x2}, 0x116848, 0x10000, 0x5, 0x1, 0x4, 0x20004, 0xc, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
unshare(0x8000000)
semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x1000, 0x1000}], 0x1, 0x0)
socket(0x2b, 0x1, 0xfffffffc)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
r4 = socket(0x23, 0x803, 0x0)
getsockname$packet(r4, &(0x7f00000005c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000e8d00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000006800070300000000000000000a0000000000000004000408000000000100000053a4b7810b282801a71f00337586960b7afe7584e7f90ee8b7e80fee9e5acf26f1fce97061a69beb182c0c5bcc50fab6461896e73808ab927fb4905c6af5865dd1b089e320f69724b5008fed768d93dca1ae3d9bc57b04a7d13c74931705357a99fd4454ed"], 0x24}}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @rand_addr=0x3}}}], 0x20}}], 0x1, 0x4040880)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)

kernel console output (not intermixed with test programs):

][ T5042] loop2: detected capacity change from 0 to 4096
[   59.065926][ T5042] EXT4-fs: Ignoring removed nomblk_io_submit option
[   59.079597][ T5042] geneve2: entered promiscuous mode
[   59.084840][ T5042] geneve2: entered allmulticast mode
[   59.103128][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[   59.119370][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[   59.128185][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[   59.135715][ T5048] loop0: detected capacity change from 0 to 512
[   59.143642][   T68] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[   59.163483][ T5048] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.227054][ T3391] kernel write not supported for file [eventfd] (pid: 3391 comm: kworker/1:3)
[   59.270464][ T5060] loop2: detected capacity change from 0 to 512
[   59.279637][ T5060] ext2: Unknown parameter 'euid<00000000004294967295'
[   59.337849][ T5062] netlink: 'syz.2.453': attribute type 1 has an invalid length.
[   59.538514][ T5070] FAULT_INJECTION: forcing a failure.
[   59.538514][ T5070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.551645][ T5070] CPU: 0 UID: 0 PID: 5070 Comm: syz.0.456 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.551673][ T5070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   59.551686][ T5070] Call Trace:
[   59.551694][ T5070]  <TASK>
[   59.551744][ T5070]  __dump_stack+0x1d/0x30
[   59.551766][ T5070]  dump_stack_lvl+0xe8/0x140
[   59.551785][ T5070]  dump_stack+0x15/0x1b
[   59.551804][ T5070]  should_fail_ex+0x265/0x280
[   59.551827][ T5070]  should_fail+0xb/0x20
[   59.551869][ T5070]  should_fail_usercopy+0x1a/0x20
[   59.551893][ T5070]  _copy_from_user+0x1c/0xb0
[   59.551919][ T5070]  __ia32_sys_rt_sigreturn+0x128/0x350
[   59.551948][ T5070]  x64_sys_call+0x2d4b/0x3000
[   59.551969][ T5070]  do_syscall_64+0xd2/0x200
[   59.552059][ T5070]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.552091][ T5070]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   59.552122][ T5070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.552144][ T5070] RIP: 0033:0x7f3895ebb779
[   59.552213][ T5070] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   59.552232][ T5070] RSP: 002b:00007f389497ea80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[   59.552252][ T5070] RAX: ffffffffffffffda RBX: 00007f3896175fa0 RCX: 00007f3895ebb779
[   59.552264][ T5070] RDX: 00007f389497ea80 RSI: 00007f389497ebb0 RDI: 0000000000000011
[   59.552276][ T5070] RBP: 00007f389497f090 R08: 0000000000000000 R09: 0000000000000000
[   59.552291][ T5070] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[   59.552305][ T5070] R13: 00007f3896176038 R14: 00007f3896175fa0 R15: 00007ffce2483be8
[   59.552325][ T5070]  </TASK>
[   59.777219][ T5101] loop4: detected capacity change from 0 to 512
[   59.802848][ T5101] ext2: Unknown parameter 'euid<00000000004294967295'
[   59.875242][ T5119] FAULT_INJECTION: forcing a failure.
[   59.875242][ T5119] name failslab, interval 1, probability 0, space 0, times 0
[   59.887903][ T5119] CPU: 0 UID: 0 PID: 5119 Comm: syz.0.467 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.887933][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   59.887947][ T5119] Call Trace:
[   59.887954][ T5119]  <TASK>
[   59.887967][ T5119]  __dump_stack+0x1d/0x30
[   59.887994][ T5119]  dump_stack_lvl+0xe8/0x140
[   59.888017][ T5119]  dump_stack+0x15/0x1b
[   59.888104][ T5119]  should_fail_ex+0x265/0x280
[   59.888127][ T5119]  should_failslab+0x8c/0xb0
[   59.888157][ T5119]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   59.888271][ T5119]  ? alloc_vmap_area+0x236/0xe80
[   59.888299][ T5119]  alloc_vmap_area+0x236/0xe80
[   59.888328][ T5119]  ? selinux_file_open+0x2df/0x330
[   59.888376][ T5119]  ? __get_vm_area_node+0x106/0x1d0
[   59.888406][ T5119]  ? __slab_alloc+0x25/0x50
[   59.888435][ T5119]  ? __kmalloc_cache_node_noprof+0x2b2/0x4a0
[   59.888511][ T5119]  __get_vm_area_node+0x173/0x1d0
[   59.888543][ T5119]  __vmalloc_node_range_noprof+0x28c/0xed0
[   59.888599][ T5119]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   59.888632][ T5119]  ? _parse_integer+0x27/0x40
[   59.888663][ T5119]  ? __rcu_read_unlock+0x4f/0x70
[   59.888744][ T5119]  ? avc_has_perm_noaudit+0x1b1/0x200
[   59.888762][ T5119]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   59.888792][ T5119]  __vmalloc_noprof+0x83/0xc0
[   59.888840][ T5119]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   59.888870][ T5119]  bpf_prog_alloc_no_stats+0x47/0x3b0
[   59.888901][ T5119]  ? bpf_prog_alloc+0x2a/0x150
[   59.889002][ T5119]  bpf_prog_alloc+0x3c/0x150
[   59.889077][ T5119]  bpf_prog_create_from_user+0x7d/0x260
[   59.889107][ T5119]  ? __pfx_seccomp_check_filter+0x10/0x10
[   59.889180][ T5119]  do_seccomp+0x5ef/0xa40
[   59.889209][ T5119]  ? fput+0x8f/0xc0
[   59.889228][ T5119]  ? ksys_write+0x192/0x1a0
[   59.889252][ T5119]  __x64_sys_seccomp+0x40/0x50
[   59.889277][ T5119]  x64_sys_call+0x2ad8/0x3000
[   59.889358][ T5119]  do_syscall_64+0xd2/0x200
[   59.889375][ T5119]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.889400][ T5119]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   59.889508][ T5119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.889530][ T5119] RIP: 0033:0x7f3895f1f6c9
[   59.889546][ T5119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.889566][ T5119] RSP: 002b:00007f389497f038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[   59.889604][ T5119] RAX: ffffffffffffffda RBX: 00007f3896175fa0 RCX: 00007f3895f1f6c9
[   59.889616][ T5119] RDX: 0000200000000240 RSI: 0000000000000007 RDI: 0000000000000001
[   59.889694][ T5119] RBP: 00007f389497f090 R08: 0000000000000000 R09: 0000000000000000
[   59.889705][ T5119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.889717][ T5119] R13: 00007f3896176038 R14: 00007f3896175fa0 R15: 00007ffce2483be8
[   59.889734][ T5119]  </TASK>
[   60.166003][ T5119] syz.0.467: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   60.181813][ T5119] CPU: 0 UID: 0 PID: 5119 Comm: syz.0.467 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.181857][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.181870][ T5119] Call Trace:
[   60.181879][ T5119]  <TASK>
[   60.181887][ T5119]  __dump_stack+0x1d/0x30
[   60.181944][ T5119]  dump_stack_lvl+0xe8/0x140
[   60.181967][ T5119]  dump_stack+0x15/0x1b
[   60.182065][ T5119]  warn_alloc+0x12b/0x1a0
[   60.182105][ T5119]  __vmalloc_node_range_noprof+0x2b1/0xed0
[   60.182139][ T5119]  ? _parse_integer+0x27/0x40
[   60.182220][ T5119]  ? __rcu_read_unlock+0x4f/0x70
[   60.182307][ T5119]  ? avc_has_perm_noaudit+0x1b1/0x200
[   60.182329][ T5119]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   60.182437][ T5119]  __vmalloc_noprof+0x83/0xc0
[   60.182465][ T5119]  ? bpf_prog_alloc_no_stats+0x47/0x3b0
[   60.182539][ T5119]  bpf_prog_alloc_no_stats+0x47/0x3b0
[   60.182576][ T5119]  ? bpf_prog_alloc+0x2a/0x150
[   60.182679][ T5119]  bpf_prog_alloc+0x3c/0x150
[   60.182708][ T5119]  bpf_prog_create_from_user+0x7d/0x260
[   60.182805][ T5119]  ? __pfx_seccomp_check_filter+0x10/0x10
[   60.182833][ T5119]  do_seccomp+0x5ef/0xa40
[   60.182871][ T5119]  ? fput+0x8f/0xc0
[   60.182890][ T5119]  ? ksys_write+0x192/0x1a0
[   60.182921][ T5119]  __x64_sys_seccomp+0x40/0x50
[   60.182952][ T5119]  x64_sys_call+0x2ad8/0x3000
[   60.183003][ T5119]  do_syscall_64+0xd2/0x200
[   60.183020][ T5119]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.183045][ T5119]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   60.183105][ T5119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.183168][ T5119] RIP: 0033:0x7f3895f1f6c9
[   60.183182][ T5119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.183198][ T5119] RSP: 002b:00007f389497f038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[   60.183216][ T5119] RAX: ffffffffffffffda RBX: 00007f3896175fa0 RCX: 00007f3895f1f6c9
[   60.183227][ T5119] RDX: 0000200000000240 RSI: 0000000000000007 RDI: 0000000000000001
[   60.183238][ T5119] RBP: 00007f389497f090 R08: 0000000000000000 R09: 0000000000000000
[   60.183288][ T5119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.183298][ T5119] R13: 00007f3896176038 R14: 00007f3896175fa0 R15: 00007ffce2483be8
[   60.183317][ T5119]  </TASK>
[   60.183335][ T5119] Mem-Info:
[   60.235649][ T5121] __nla_validate_parse: 18 callbacks suppressed
[   60.235673][ T5121] netlink: 188 bytes leftover after parsing attributes in process `syz.1.468'.
[   60.237423][ T5119] active_anon:9345 inactive_anon:2 isolated_anon:0
[   60.237423][ T5119]  active_file:9048 inactive_file:2249 isolated_file:0
[   60.237423][ T5119]  unevictable:0 dirty:352 writeback:0
[   60.237423][ T5119]  slab_reclaimable:3200 slab_unreclaimable:157267
[   60.237423][ T5119]  mapped:29591 shmem:183 pagetables:1851
[   60.237423][ T5119]  sec_pagetables:0 bounce:0
[   60.237423][ T5119]  kernel_misc_reclaimable:0
[   60.237423][ T5119]  free:1740919 free_pcp:13874 free_cma:0
[   60.359394][ T5123] netlink: 188 bytes leftover after parsing attributes in process `syz.1.468'.
[   60.366423][ T5119] Node 0 active_anon:38772kB inactive_anon:8kB active_file:36192kB inactive_file:8996kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:118364kB dirty:1408kB writeback:0kB shmem:732kB kernel_stack:4048kB pagetables:7520kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   60.508810][ T5119] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   60.538552][ T5119] lowmem_reserve[]: 0 2881 7859 7859
[   60.543926][ T5119] Node 0 DMA32 free:2946628kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950260kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:104kB free_cma:0kB
[   60.575301][ T5119] lowmem_reserve[]: 0 0 4978 4978
[   60.580375][ T5119] Node 0 Normal free:4001716kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:42228kB inactive_anon:8kB active_file:36192kB inactive_file:8996kB unevictable:0kB writepending:1412kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:47064kB local_pcp:27768kB free_cma:0kB
[   60.613469][ T5119] lowmem_reserve[]: 0 0 0 0
[   60.617997][ T5119] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   60.631029][ T5119] Node 0 DMA32: 3*4kB (M) 1*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946628kB
[   60.647061][ T5119] Node 0 Normal: 127*4kB (UM) 145*8kB (UME) 27*16kB (UM) 4*32kB (U) 1*64kB (U) 1*128kB (M) 22*256kB (UE) 20*512kB (UME) 4*1024kB (UM) 5*2048kB (UE) 969*4096kB (M) = 4001652kB
[   60.664676][ T5119] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   60.674225][ T5119] 11470 total pagecache pages
[   60.678902][ T5119] 2 pages in swap cache
[   60.683076][ T5119] Free swap  = 124988kB
[   60.687214][ T5119] Total swap = 124996kB
[   60.691386][ T5119] 2097051 pages RAM
[   60.695175][ T5119] 0 pages HighMem/MovableOnly
[   60.699869][ T5119] 81086 pages reserved
[   60.741353][   T29] kauditd_printk_skb: 776 callbacks suppressed
[   60.741368][   T29] audit: type=1326 audit(1762384693.208:3678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5127 comm="syz.0.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3895f1f6c9 code=0x7ffc0000
[   60.746647][ T5128] netlink: 3 bytes leftover after parsing attributes in process `syz.0.469'.
[   60.756220][   T29] audit: type=1326 audit(1762384693.208:3679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5127 comm="syz.0.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3895f1f6c9 code=0x7ffc0000
[   60.803141][   T29] audit: type=1326 audit(1762384693.208:3680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5127 comm="syz.0.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f3895f1f6c9 code=0x7ffc0000
[   60.826594][   T29] audit: type=1326 audit(1762384693.208:3681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5127 comm="syz.0.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3895f1f6c9 code=0x7ffc0000
[   60.849960][   T29] audit: type=1326 audit(1762384693.208:3682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5127 comm="syz.0.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3895f1f6c9 code=0x7ffc0000
[   60.873316][   T29] audit: type=1326 audit(1762384693.208:3683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5127 comm="syz.0.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3895f1f6c9 code=0x7ffc0000
[   60.896613][   T29] audit: type=1326 audit(1762384693.208:3684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5127 comm="syz.0.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3895f1f6c9 code=0x7ffc0000
[   60.919816][   T29] audit: type=1326 audit(1762384693.208:3685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5127 comm="syz.0.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3895f1f6c9 code=0x7ffc0000
[   60.943138][   T29] audit: type=1326 audit(1762384693.208:3686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5127 comm="syz.0.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3895f215e7 code=0x7ffc0000
[   60.966385][   T29] audit: type=1326 audit(1762384693.208:3687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5127 comm="syz.0.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3895f2155c code=0x7ffc0000
[   61.215130][ T5159] loop0: detected capacity change from 0 to 512
[   61.218617][ T5160] netlink: 28 bytes leftover after parsing attributes in process `syz.2.478'.
[   61.233055][ T3383] kernel write not supported for file [eventfd] (pid: 3383 comm: kworker/0:2)
[   61.298132][ T5164] netlink: 'syz.4.483': attribute type 10 has an invalid length.
[   61.321410][ T5159] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   61.349135][ T5153] loop3: detected capacity change from 0 to 512
[   61.353482][ T5159] EXT4-fs (loop0): orphan cleanup on readonly fs
[   61.366183][ T5159] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.479: corrupted inode contents
[   61.379130][ T5159] EXT4-fs (loop0): Remounting filesystem read-only
[   61.383639][ T5170] netlink: 32 bytes leftover after parsing attributes in process `syz.2.484'.
[   61.386793][ T5159] EXT4-fs (loop0): 1 truncate cleaned up
[   61.401275][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.401464][ T5153] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   61.411819][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.417630][   T52] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   61.448878][ T5153] EXT4-fs (loop3): orphan cleanup on readonly fs
[   61.488312][ T5153] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.481: corrupted inode contents
[   61.490718][ T5174] netlink: 14 bytes leftover after parsing attributes in process `syz.4.485'.
[   61.509726][ T5153] EXT4-fs (loop3): Remounting filesystem read-only
[   61.535305][ T5176] netlink: 188 bytes leftover after parsing attributes in process `syz.4.487'.
[   61.536853][ T5153] EXT4-fs (loop3): 1 truncate cleaned up
[   61.553601][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.564293][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.582146][   T12] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   61.595569][ T5181] netlink: 188 bytes leftover after parsing attributes in process `syz.4.487'.
[   61.630103][ T5183] can0: slcan on ptm0.
[   61.669548][ T5183] can0 (unregistered): slcan off ptm0.
[   61.686982][ T5183] Falling back ldisc for ptm0.
[   61.771403][ T5198] netlink: 'syz.3.495': attribute type 1 has an invalid length.
[   61.779104][ T5198] netlink: 224 bytes leftover after parsing attributes in process `syz.3.495'.
[   61.804864][ T5204] netlink: 8 bytes leftover after parsing attributes in process `syz.0.496'.
[   61.826400][ T3383] kernel write not supported for file [eventfd] (pid: 3383 comm: kworker/0:2)
[   61.882022][ T5208] hsr_slave_0: left promiscuous mode
[   61.888380][ T5208] hsr_slave_1: left promiscuous mode
[   62.033451][ T5211] loop1: detected capacity change from 0 to 512
[   62.053680][ T5215] loop0: detected capacity change from 0 to 2048
[   62.068547][ T5215] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   62.086883][ T5211] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   62.100075][ T5211] EXT4-fs (loop1): orphan cleanup on readonly fs
[   62.119172][ T5211] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.499: corrupted inode contents
[   62.132769][ T5211] EXT4-fs (loop1): Remounting filesystem read-only
[   62.147577][ T5211] EXT4-fs (loop1): 1 truncate cleaned up
[   62.153896][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   62.164444][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   62.175094][   T52] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   62.244602][ T5221] loop1: detected capacity change from 0 to 512
[   62.272050][ T5223] loop0: detected capacity change from 0 to 512
[   62.284047][ T5223] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   62.296199][ T5223] EXT4-fs error (device loop0): xattr_find_entry:337: inode #15: comm syz.0.502: corrupted xattr entries
[   62.308177][ T5223] EXT4-fs (loop0): Remounting filesystem read-only
[   62.311729][ T5221] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   62.315350][ T5223] EXT4-fs (loop0): 1 truncate cleaned up
[   62.328574][ T5221] EXT4-fs (loop1): orphan cleanup on readonly fs
[   62.336341][ T5221] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.501: corrupted inode contents
[   62.348464][ T5221] EXT4-fs (loop1): Remounting filesystem read-only
[   62.355255][ T5221] EXT4-fs (loop1): 1 truncate cleaned up
[   62.360992][   T31] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   62.371571][   T31] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   62.383595][   T31] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   62.504215][ T5245] loop0: detected capacity change from 0 to 512
[   62.518395][ T5245] ext2: Unknown parameter 'euid<00000000004294967295'
[   62.863565][ T3383] kernel write not supported for file [eventfd] (pid: 3383 comm: kworker/0:2)
[   62.876968][ T5288] loop2: detected capacity change from 0 to 512
[   62.914001][ T5311] loop3: detected capacity change from 0 to 512
[   62.921043][ T5311] ext2: Unknown parameter 'euid<00000000004294967295'
[   62.929719][ T5288] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   62.945807][   T36] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x4
[   62.953537][   T36] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x2
[   62.961360][   T36] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x3
[   62.971668][   T36] hid-generic 0000:3000000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   62.990648][ T5315] 9pnet_fd: Insufficient options for proto=fd
[   62.995879][ T5316] fido_id[5316]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   62.999128][ T5288] EXT4-fs (loop2): orphan cleanup on readonly fs
[   63.035311][ T5288] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.520: corrupted inode contents
[   63.050772][ T5288] EXT4-fs (loop2): Remounting filesystem read-only
[   63.058482][ T5288] EXT4-fs (loop2): 1 truncate cleaned up
[   63.064537][   T52] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   63.075172][   T52] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   63.085907][   T52] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   63.260437][ T5351] FAULT_INJECTION: forcing a failure.
[   63.260437][ T5351] name failslab, interval 1, probability 0, space 0, times 0
[   63.273173][ T5351] CPU: 0 UID: 0 PID: 5351 Comm: syz.2.532 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.273202][ T5351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   63.273215][ T5351] Call Trace:
[   63.273221][ T5351]  <TASK>
[   63.273229][ T5351]  __dump_stack+0x1d/0x30
[   63.273253][ T5351]  dump_stack_lvl+0xe8/0x140
[   63.273300][ T5351]  dump_stack+0x15/0x1b
[   63.273321][ T5351]  should_fail_ex+0x265/0x280
[   63.273343][ T5351]  should_failslab+0x8c/0xb0
[   63.273383][ T5351]  __kmalloc_noprof+0xa5/0x570
[   63.273415][ T5351]  ? copy_splice_read+0xc2/0x660
[   63.273517][ T5351]  copy_splice_read+0xc2/0x660
[   63.273576][ T5351]  ? __pfx_copy_splice_read+0x10/0x10
[   63.273656][ T5351]  splice_direct_to_actor+0x26f/0x680
[   63.273711][ T5351]  ? __pfx_direct_splice_actor+0x10/0x10
[   63.273741][ T5351]  do_splice_direct+0xda/0x150
[   63.273765][ T5351]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   63.273851][ T5351]  do_sendfile+0x380/0x650
[   63.273889][ T5351]  __x64_sys_sendfile64+0x105/0x150
[   63.273924][ T5351]  x64_sys_call+0x2bb4/0x3000
[   63.273994][ T5351]  do_syscall_64+0xd2/0x200
[   63.274014][ T5351]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   63.274182][ T5351]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   63.274247][ T5351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.274268][ T5351] RIP: 0033:0x7fc6fca3f6c9
[   63.274283][ T5351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.274302][ T5351] RSP: 002b:00007fc6fb4a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   63.274323][ T5351] RAX: ffffffffffffffda RBX: 00007fc6fcc95fa0 RCX: 00007fc6fca3f6c9
[   63.274338][ T5351] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000009
[   63.274403][ T5351] RBP: 00007fc6fb4a7090 R08: 0000000000000000 R09: 0000000000000000
[   63.274417][ T5351] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[   63.274430][ T5351] R13: 00007fc6fcc96038 R14: 00007fc6fcc95fa0 R15: 00007fff11700bb8
[   63.274450][ T5351]  </TASK>
[   63.532213][ T5363] loop0: detected capacity change from 0 to 512
[   63.549806][ T5363] ext2: Unknown parameter 'euid<00000000004294967295'
[   63.701800][ T5364] loop2: detected capacity change from 0 to 512
[   63.750391][ T5364] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   63.760823][ T5364] EXT4-fs (loop2): orphan cleanup on readonly fs
[   63.761955][ T5390] loop0: detected capacity change from 0 to 512
[   63.785592][ T5364] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.536: corrupted inode contents
[   63.801099][ T5390] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   63.809418][ T5390] EXT4-fs (loop0): orphan cleanup on readonly fs
[   63.817062][ T5364] EXT4-fs (loop2): Remounting filesystem read-only
[   63.825700][ T5364] EXT4-fs (loop2): 1 truncate cleaned up
[   63.832233][ T1806] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   63.833230][ T5390] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.537: corrupted inode contents
[   63.842939][ T1806] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   63.854793][ T5390] EXT4-fs (loop0): Remounting filesystem read-only
[   63.872020][ T5390] EXT4-fs (loop0): 1 truncate cleaned up
[   63.877823][ T1806] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   63.888815][ T1806] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   63.899497][ T1806] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   63.917488][ T1806] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   63.926355][   T36] kernel write not supported for file [eventfd] (pid: 36 comm: kworker/1:1)
[   64.066856][ T5426] loop3: detected capacity change from 0 to 512
[   64.080139][ T5426] ext2: Unknown parameter 'euid<00000000004294967295'
[   64.130206][ T5438] loop2: detected capacity change from 0 to 512
[   64.161291][ T5438] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   64.182141][ T5447] loop4: detected capacity change from 0 to 512
[   64.188511][ T5438] EXT4-fs (loop2): orphan cleanup on readonly fs
[   64.213231][ T5447] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   64.221627][ T5447] EXT4-fs (loop4): orphan cleanup on readonly fs
[   64.229338][ T5438] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.549: corrupted inode contents
[   64.241466][ T5438] EXT4-fs (loop2): Remounting filesystem read-only
[   64.248188][ T5438] EXT4-fs (loop2): 1 truncate cleaned up
[   64.254113][   T52] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.254167][ T5447] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.552: corrupted inode contents
[   64.264672][   T52] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.288093][ T5443] loop3: detected capacity change from 0 to 512
[   64.294889][ T5447] EXT4-fs (loop4): Remounting filesystem read-only
[   64.295003][ T5447] EXT4-fs (loop4): 1 truncate cleaned up
[   64.305330][   T52] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   64.317719][   T52] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.328316][   T52] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.338846][   T52] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   64.342216][ T5443] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   64.372124][ T5443] EXT4-fs (loop3): orphan cleanup on readonly fs
[   64.415864][ T5456] loop2: detected capacity change from 0 to 512
[   64.428133][ T5443] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.550: corrupted inode contents
[   64.446551][ T5443] EXT4-fs (loop3): Remounting filesystem read-only
[   64.446564][ T5456] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   64.446821][ T5456] EXT4-fs (loop2): orphan cleanup on readonly fs
[   64.465589][ T5456] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.553: corrupted inode contents
[   64.471122][ T5443] EXT4-fs (loop3): 1 truncate cleaned up
[   64.480839][ T1806] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.480940][ T1806] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.480962][ T1806] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   64.481464][ T5456] EXT4-fs (loop2): Remounting filesystem read-only
[   64.524704][ T5456] EXT4-fs (loop2): 1 truncate cleaned up
[   64.524708][ T5461] loop4: detected capacity change from 0 to 512
[   64.536939][   T68] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.547524][   T68] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.548673][ T5461] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   64.558449][   T68] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   64.573501][ T5461] EXT4-fs (loop4): orphan cleanup on readonly fs
[   64.590187][   T36] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x4
[   64.597888][   T36] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x2
[   64.607624][   T36] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x3
[   64.607639][ T5461] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.554: corrupted inode contents
[   64.617400][   T36] hid-generic 0000:3000000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   64.649483][ T5461] EXT4-fs (loop4): Remounting filesystem read-only
[   64.666590][ T5461] EXT4-fs (loop4): 1 truncate cleaned up
[   64.672697][   T68] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.683291][   T68] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.701082][ T5471] netlink: 'syz.2.556': attribute type 10 has an invalid length.
[   64.714931][   T68] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   64.745478][ T5473] random: crng reseeded on system resumption
[   64.890268][ T5487] loop2: detected capacity change from 0 to 512
[   64.920612][ T5489] loop0: detected capacity change from 0 to 512
[   64.940390][ T5496] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   64.948600][ T5496] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   64.958264][ T5487] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   64.982949][ T5487] EXT4-fs (loop2): orphan cleanup on readonly fs
[   64.999448][ T5489] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   65.021061][ T5487] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.564: corrupted inode contents
[   65.033212][ T5489] EXT4-fs (loop0): orphan cleanup on readonly fs
[   65.053211][ T5487] EXT4-fs (loop2): Remounting filesystem read-only
[   65.061080][ T5489] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.563: corrupted inode contents
[   65.081997][ T5487] EXT4-fs (loop2): 1 truncate cleaned up
[   65.087829][   T68] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   65.098378][   T68] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   65.115929][ T5491] loop3: detected capacity change from 0 to 512
[   65.120378][ T5489] EXT4-fs (loop0): Remounting filesystem read-only
[   65.126737][   T68] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   65.137360][ T5489] EXT4-fs (loop0): 1 truncate cleaned up
[   65.150111][   T68] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   65.155373][ T5491] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   65.160699][   T68] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   65.160813][   T68] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   65.193171][ T5491] EXT4-fs (loop3): orphan cleanup on readonly fs
[   65.235763][ T5491] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.565: corrupted inode contents
[   65.252806][ T5491] EXT4-fs (loop3): Remounting filesystem read-only
[   65.253084][ T5510] __nla_validate_parse: 15 callbacks suppressed
[   65.253097][ T5510] netlink: 16 bytes leftover after parsing attributes in process `syz.0.568'.
[   65.277883][ T5491] EXT4-fs (loop3): 1 truncate cleaned up
[   65.285524][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   65.296177][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   65.315571][ T5509] loop2: detected capacity change from 0 to 1024
[   65.317897][   T31] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   65.332874][ T5509] EXT4-fs: Ignoring removed bh option
[   65.343311][ T5509] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   65.360989][ T5515] netlink: 8 bytes leftover after parsing attributes in process `syz.4.571'.
[   65.407399][ T5521] netlink: 'syz.3.572': attribute type 10 has an invalid length.
[   65.473642][ T5524] random: crng reseeded on system resumption
[   65.489075][ T5526] netlink: 188 bytes leftover after parsing attributes in process `syz.4.574'.
[   65.559131][ T5534] netlink: 152 bytes leftover after parsing attributes in process `syz.2.577'.
[   65.568908][ T5532] netlink: 188 bytes leftover after parsing attributes in process `syz.4.574'.
[   65.619795][ T5536] netlink: 152 bytes leftover after parsing attributes in process `syz.2.577'.
[   65.633374][ T5538] netlink: 32 bytes leftover after parsing attributes in process `syz.3.578'.
[   65.644147][ T5538] loop3: detected capacity change from 0 to 128
[   65.650821][ T5538] vfat: Unknown parameter '01777777777777777777777ÿÿÿÿÿÿ0x00000000ffffffff'
[   65.667153][ T5538] SELinux:  policydb version 531 does not match my version range 15-35
[   65.675705][ T5538] SELinux: failed to load policy
[   65.699885][ T5538] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   65.719989][ T5540] loop1: detected capacity change from 0 to 512
[   65.730865][ T5540] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   65.739207][ T5540] EXT4-fs (loop1): orphan cleanup on readonly fs
[   65.746359][ T5538] loop3: detected capacity change from 0 to 512
[   65.747464][ T5540] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.579: corrupted inode contents
[   65.764765][ T5538] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   65.769764][ T5540] EXT4-fs (loop1): Remounting filesystem read-only
[   65.781479][ T5540] EXT4-fs (loop1): 1 truncate cleaned up
[   65.782120][ T5538] EXT4-fs error (device loop3): xattr_find_entry:337: inode #15: comm syz.3.578: corrupted xattr entries
[   65.798642][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   65.809272][   T52] __quota_error: 634 callbacks suppressed
[   65.809284][   T52] Quota error (device loop1): write_blk: dquota write failed
[   65.809394][ T5538] EXT4-fs (loop3): Remounting filesystem read-only
[   65.814993][   T52] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[   65.815015][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   65.822727][ T5538] EXT4-fs (loop3): 1 truncate cleaned up
[   65.828954][   T52] Quota error (device loop1): write_blk: dquota write failed
[   65.828973][   T52] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[   65.829513][   T52] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   65.839537][ T5538] EXT4-fs mount: 122 callbacks suppressed
[   65.839551][ T5538] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.849531][   T52] Quota error (device loop1): v2_write_file_info: Can't write info structure
[   65.908899][   T52] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   65.909449][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.919131][ T5540] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   65.969797][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.994507][ T5547] loop1: detected capacity change from 0 to 512
[   66.010613][ T5547] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   66.022849][ T5547] EXT4-fs (loop1): orphan cleanup on readonly fs
[   66.030740][ T5547] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.581: corrupted inode contents
[   66.043214][ T5547] EXT4-fs (loop1): Remounting filesystem read-only
[   66.050159][ T5547] EXT4-fs (loop1): 1 truncate cleaned up
[   66.055916][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   66.066660][   T12] Quota error (device loop1): write_blk: dquota write failed
[   66.074089][   T12] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[   66.084141][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   66.094752][   T12] Quota error (device loop1): write_blk: dquota write failed
[   66.102172][   T12] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[   66.174791][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   66.187731][ T5547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   66.190133][ T5552] sch_tbf: burst 0 is lower than device ip6tnl0 mtu (1452) !
[   66.246134][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.315800][ T5561] netlink: 'syz.1.586': attribute type 10 has an invalid length.
[   66.452013][ T5572] netlink: 14 bytes leftover after parsing attributes in process `syz.1.590'.
[   66.471103][ T5565] netlink: 'syz.3.588': attribute type 30 has an invalid length.
[   66.484617][ T5575] loop4: detected capacity change from 0 to 512
[   66.529610][ T5575] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   66.537829][ T5575] EXT4-fs (loop4): orphan cleanup on readonly fs
[   66.558549][ T5575] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.587: corrupted inode contents
[   66.588221][ T5575] EXT4-fs (loop4): Remounting filesystem read-only
[   66.607324][ T5575] EXT4-fs (loop4): 1 truncate cleaned up
[   66.613250][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   66.623848][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   66.654679][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   66.669665][ T5575] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   66.696205][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.785387][ T5587] xt_CT: You must specify a L4 protocol and not use inversions on it
[   66.830009][ T5587] loop2: detected capacity change from 0 to 128
[   66.877377][ T5594] netlink: 3 bytes leftover after parsing attributes in process `syz.4.596'.
[   66.975573][ T5584] loop1: detected capacity change from 0 to 512
[   67.015293][ T5596] netlink: 3 bytes leftover after parsing attributes in process `syz.4.597'.
[   67.041968][ T5584] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   67.072925][ T5584] EXT4-fs (loop1): orphan cleanup on readonly fs
[   67.102029][ T5584] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.594: corrupted inode contents
[   67.115866][ T5584] EXT4-fs (loop1): Remounting filesystem read-only
[   67.125235][ T5584] EXT4-fs (loop1): 1 truncate cleaned up
[   67.125557][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.125601][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.125624][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   67.137796][ T5584] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   67.207339][ T5605] netlink: 'syz.0.600': attribute type 10 has an invalid length.
[   67.232146][ T5607] hsr_slave_0: left promiscuous mode
[   67.238907][ T5607] hsr_slave_1: left promiscuous mode
[   67.265770][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.314386][ T5603] siw: device registration error -23
[   67.405456][ T5616] loop4: detected capacity change from 0 to 512
[   67.469720][ T5616] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   67.479811][ T5616] EXT4-fs (loop4): orphan cleanup on readonly fs
[   67.487805][ T5616] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.604: corrupted inode contents
[   67.488848][ T5613] loop1: detected capacity change from 0 to 512
[   67.500557][ T5616] EXT4-fs (loop4): Remounting filesystem read-only
[   67.512847][ T5616] EXT4-fs (loop4): 1 truncate cleaned up
[   67.518815][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.529419][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.540081][   T31] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   67.550899][ T5616] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   67.600998][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.640445][ T5613] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   67.659707][ T5613] EXT4-fs (loop1): orphan cleanup on readonly fs
[   67.682700][   T10] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x4
[   67.690480][   T10] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x2
[   67.710364][ T5613] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.602: corrupted inode contents
[   67.723866][   T10] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x3
[   67.743243][ T5632] loop3: detected capacity change from 0 to 512
[   67.753398][ T5613] EXT4-fs (loop1): Remounting filesystem read-only
[   67.761785][ T5613] EXT4-fs (loop1): 1 truncate cleaned up
[   67.762158][   T10] hid-generic 0000:3000000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   67.777572][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.788129][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.830576][ T5632] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   67.831537][ T1806] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   67.851313][ T5635] fido_id[5635]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   67.867233][ T5613] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   67.880035][ T5632] EXT4-fs (loop3): orphan cleanup on readonly fs
[   67.909388][ T5632] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.609: corrupted inode contents
[   67.947044][ T5632] EXT4-fs (loop3): Remounting filesystem read-only
[   67.953672][ T5632] EXT4-fs (loop3): 1 truncate cleaned up
[   67.959915][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.960924][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.970477][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.971461][   T31] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   68.007292][ T5632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.118097][ T5647] loop1: detected capacity change from 0 to 512
[   68.119584][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.153625][ T5639] loop0: detected capacity change from 0 to 512
[   68.169783][ T5647] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   68.201505][ T5639] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   68.217824][ T5647] EXT4-fs (loop1): orphan cleanup on readonly fs
[   68.232270][ T5639] EXT4-fs (loop0): orphan cleanup on readonly fs
[   68.247334][ T5653] loop3: detected capacity change from 0 to 4096
[   68.248616][ T5647] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.616: corrupted inode contents
[   68.257487][ T5653] EXT4-fs: Ignoring removed nomblk_io_submit option
[   68.273196][ T5647] EXT4-fs (loop1): Remounting filesystem read-only
[   68.280216][ T5647] EXT4-fs (loop1): 1 truncate cleaned up
[   68.286050][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   68.296663][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   68.307508][   T52] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   68.318510][ T5639] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.610: corrupted inode contents
[   68.319159][ T5647] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.345089][ T5653] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.365764][ T5639] EXT4-fs (loop0): Remounting filesystem read-only
[   68.383222][ T5653] geneve2: entered promiscuous mode
[   68.388448][ T5653] geneve2: entered allmulticast mode
[   68.411343][   T68] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[   68.425679][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.435472][   T68] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[   68.444393][   T68] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[   68.452504][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.453362][   T68] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[   68.472428][ T5639] EXT4-fs (loop0): 1 truncate cleaned up
[   68.509576][   T68] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   68.520172][   T68] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   68.559274][   T68] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   68.590909][ T5639] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.632292][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.700969][ T5677] netlink: 'syz.0.620': attribute type 1 has an invalid length.
[   68.960829][ T5688] loop2: detected capacity change from 0 to 256
[   68.975161][ T5688] FAT-fs (loop2): Directory bread(block 1285) failed
[   69.211450][ T5698] loop4: detected capacity change from 0 to 512
[   69.230043][ T5698] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   69.238143][ T5698] EXT4-fs (loop4): orphan cleanup on readonly fs
[   69.246103][ T5698] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.628: corrupted inode contents
[   69.258283][ T5698] EXT4-fs (loop4): Remounting filesystem read-only
[   69.264922][ T5698] EXT4-fs (loop4): 1 truncate cleaned up
[   69.270912][ T1806] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   69.281464][ T1806] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   69.292180][ T1806] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   69.302644][ T5698] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   69.323566][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.459643][ T5709] loop4: detected capacity change from 0 to 512
[   69.480153][ T5709] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   69.488417][ T5709] EXT4-fs (loop4): orphan cleanup on readonly fs
[   69.496323][ T5709] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.630: corrupted inode contents
[   69.508360][ T5709] EXT4-fs (loop4): Remounting filesystem read-only
[   69.515008][ T5709] EXT4-fs (loop4): 1 truncate cleaned up
[   69.521044][   T52] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   69.531617][   T52] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   69.547350][   T52] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   69.561441][ T5709] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   69.587924][ T5715] loop0: detected capacity change from 0 to 512
[   69.601042][ T5715] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.613718][ T5715] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.624998][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.721416][ T5724] loop3: detected capacity change from 0 to 1024
[   69.728156][ T5724] EXT4-fs: Ignoring removed bh option
[   69.733887][ T5724] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   69.754575][ T5724] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.754850][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.787990][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.818628][ T5730] loop3: detected capacity change from 0 to 256
[   69.836250][ T5730] FAT-fs (loop3): Directory bread(block 1285) failed
[   69.962691][ T5737] loop4: detected capacity change from 0 to 4096
[   69.970818][ T5737] EXT4-fs: Ignoring removed nomblk_io_submit option
[   69.987649][ T5737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.019740][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.099149][ T5745] loop2: detected capacity change from 0 to 512
[   70.136189][ T5745] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   70.146059][ T5745] EXT4-fs (loop2): orphan cleanup on readonly fs
[   70.171135][ T5745] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.642: corrupted inode contents
[   70.243413][ T5745] EXT4-fs (loop2): Remounting filesystem read-only
[   70.251541][ T5745] EXT4-fs (loop2): 1 truncate cleaned up
[   70.257362][   T52] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   70.268024][   T52] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   70.300712][   T52] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   70.311572][ T5745] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.340755][ T5756] loop1: detected capacity change from 0 to 512
[   70.385414][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.398301][ T5766] xt_CT: You must specify a L4 protocol and not use inversions on it
[   70.429674][ T5756] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   70.440833][ T5767] loop0: detected capacity change from 0 to 512
[   70.453960][ T5756] EXT4-fs (loop1): orphan cleanup on readonly fs
[   70.463312][ T5767] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   70.477363][ T5767] EXT4-fs (loop0): orphan cleanup on readonly fs
[   70.485107][ T5756] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.643: corrupted inode contents
[   70.499030][ T5767] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.648: corrupted inode contents
[   70.514101][ T5756] EXT4-fs (loop1): Remounting filesystem read-only
[   70.520795][ T5767] EXT4-fs (loop0): Remounting filesystem read-only
[   70.522263][ T5772] loop2: detected capacity change from 0 to 256
[   70.536368][ T5756] EXT4-fs (loop1): 1 truncate cleaned up
[   70.542830][   T31] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   70.553422][   T31] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   70.567838][ T5767] EXT4-fs (loop0): 1 truncate cleaned up
[   70.576791][   T31] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   70.579012][ T5772] FAT-fs (loop2): Directory bread(block 1285) failed
[   70.587250][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   70.604245][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   70.615173][   T31] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   70.626982][ T5767] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.639939][ T5756] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.663778][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.699060][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.944703][ T5804] __nla_validate_parse: 6 callbacks suppressed
[   70.944716][ T5804] netlink: 188 bytes leftover after parsing attributes in process `syz.0.661'.
[   70.993999][ T5799] netlink: 'syz.2.660': attribute type 30 has an invalid length.
[   71.010940][   T36] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x4
[   71.018636][   T36] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x2
[   71.026833][ T5808] netlink: 188 bytes leftover after parsing attributes in process `syz.0.661'.
[   71.036782][   T36] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x3
[   71.051493][   T36] hid-generic 0000:3000000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   71.079864][ T5810] fido_id[5810]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   71.146386][ T5812] loop3: detected capacity change from 0 to 512
[   71.182493][ T5812] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   71.195585][ T5812] EXT4-fs (loop3): orphan cleanup on readonly fs
[   71.208000][ T5818] loop1: detected capacity change from 0 to 256
[   71.221364][ T5812] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.663: corrupted inode contents
[   71.233819][ T5818] FAT-fs (loop1): Directory bread(block 1285) failed
[   71.234645][ T5812] EXT4-fs (loop3): Remounting filesystem read-only
[   71.250302][ T5812] EXT4-fs (loop3): 1 truncate cleaned up
[   71.256211][   T68] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   71.266799][   T68] __quota_error: 278 callbacks suppressed
[   71.266843][   T68] Quota error (device loop3): write_blk: dquota write failed
[   71.279948][   T68] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[   71.290005][   T68] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   71.300650][   T68] Quota error (device loop3): write_blk: dquota write failed
[   71.308013][   T68] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[   71.317874][   T68] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   71.327969][   T68] Quota error (device loop3): v2_write_file_info: Can't write info structure
[   71.336823][   T68] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   71.357556][ T5812] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   71.384487][ T5822] loop1: detected capacity change from 0 to 512
[   71.391203][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.414334][ T5822] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   71.423253][ T5822] EXT4-fs (loop1): orphan cleanup on readonly fs
[   71.431472][ T5822] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.667: corrupted inode contents
[   71.443916][ T5822] EXT4-fs (loop1): Remounting filesystem read-only
[   71.450801][ T5822] EXT4-fs (loop1): 1 truncate cleaned up
[   71.456713][   T68] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   71.467300][   T68] Quota error (device loop1): write_blk: dquota write failed
[   71.474714][   T68] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[   71.484720][   T68] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   71.495271][   T68] Quota error (device loop1): write_blk: dquota write failed
[   71.502667][   T68] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[   71.512583][   T68] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   71.522996][ T5822] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   71.545542][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.571552][ T5835] loop1: detected capacity change from 0 to 512
[   71.591200][ T5837] netlink: 3 bytes leftover after parsing attributes in process `syz.3.673'.
[   71.611536][ T5835] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.624182][ T5835] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.735967][ T5847] netlink: 3 bytes leftover after parsing attributes in process `syz.4.676'.
[   71.766587][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.911672][ T5851] loop2: detected capacity change from 0 to 512
[   71.932790][ T5859] loop0: detected capacity change from 0 to 4096
[   71.944011][ T5863] loop1: detected capacity change from 0 to 512
[   71.945279][ T5859] EXT4-fs: Ignoring removed nomblk_io_submit option
[   72.012355][ T5859] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.025852][ T5863] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   72.034126][ T5863] EXT4-fs (loop1): orphan cleanup on readonly fs
[   72.043853][ T5859] geneve2: entered promiscuous mode
[   72.044939][ T5863] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.683: corrupted inode contents
[   72.049078][ T5859] geneve2: entered allmulticast mode
[   72.086771][ T5851] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   72.096753][ T5863] EXT4-fs (loop1): Remounting filesystem read-only
[   72.110002][ T5851] EXT4-fs (loop2): orphan cleanup on readonly fs
[   72.110973][ T5863] EXT4-fs (loop1): 1 truncate cleaned up
[   72.122455][   T68] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   72.133007][   T68] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   72.170175][   T68] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   72.181602][ T5868] loop4: detected capacity change from 0 to 512
[   72.192187][ T5863] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.197664][ T5851] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.678: corrupted inode contents
[   72.205206][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.226180][ T5851] EXT4-fs (loop2): Remounting filesystem read-only
[   72.248077][ T5851] EXT4-fs (loop2): 1 truncate cleaned up
[   72.254776][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   72.265350][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   72.278226][ T5868] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   72.298732][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.300377][   T31] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   72.320568][ T5851] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.343099][ T5868] EXT4-fs (loop4): orphan cleanup on readonly fs
[   72.355110][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.392835][ T5888] loop0: detected capacity change from 0 to 512
[   72.416090][ T5887] netlink: 3 bytes leftover after parsing attributes in process `syz.3.692'.
[   72.426313][ T5868] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.685: corrupted inode contents
[   72.427139][ T5888] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.456884][ T5885] loop2: detected capacity change from 0 to 1024
[   72.463474][ T5888] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.498892][ T5885] EXT4-fs: Ignoring removed bh option
[   72.501311][ T5868] EXT4-fs (loop4): Remounting filesystem read-only
[   72.516897][ T5868] EXT4-fs (loop4): 1 truncate cleaned up
[   72.529709][ T1806] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   72.540285][ T1806] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   72.553998][ T5891] netlink: 8 bytes leftover after parsing attributes in process `syz.1.688'.
[   72.562938][ T5891] netlink: 'syz.1.688': attribute type 30 has an invalid length.
[   72.579526][   T10] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x4
[   72.587311][   T10] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x2
[   72.591067][ T5885] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   72.596056][   T10] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x3
[   72.612413][ T1806] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   72.626938][   T31] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   72.629199][ T5868] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.648732][   T10] hid-generic 0000:3000000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   72.672488][   T31] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   72.702006][   T31] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   72.702469][ T5885] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.718279][   T31] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   72.733409][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.743849][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.757886][ T5899] 9pnet_fd: Insufficient options for proto=fd
[   72.789985][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.832065][ T5908] netlink: 3 bytes leftover after parsing attributes in process `syz.0.695'.
[   72.867473][ T5914] loop3: detected capacity change from 0 to 512
[   72.874244][ T5916] loop2: detected capacity change from 0 to 512
[   72.887472][ T5914] ext2: Unknown parameter 'euid<00000000004294967295'
[   72.904358][ T5916] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   72.932920][ T5916] EXT4-fs (loop2): orphan cleanup on readonly fs
[   72.996997][ T5926] netlink: 'syz.0.703': attribute type 13 has an invalid length.
[   73.007014][ T5916] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.701: corrupted inode contents
[   73.037671][ T5927] loop3: detected capacity change from 0 to 512
[   73.055604][ T5916] EXT4-fs (loop2): Remounting filesystem read-only
[   73.062337][ T5916] EXT4-fs (loop2): 1 truncate cleaned up
[   73.086435][ T1806] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   73.097083][ T1806] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   73.108079][ T1806] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   73.108783][ T5927] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   73.119044][ T5916] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   73.126382][ T5927] EXT4-fs (loop3): orphan cleanup on readonly fs
[   73.171309][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.183543][ T5927] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.704: corrupted inode contents
[   73.185909][ T5933] loop0: detected capacity change from 0 to 512
[   73.217140][ T5934] loop4: detected capacity change from 0 to 1024
[   73.226611][ T5934] EXT4-fs: Ignoring removed bh option
[   73.228240][ T5927] EXT4-fs (loop3): Remounting filesystem read-only
[   73.242099][ T5934] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   73.258419][ T5933] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.259947][ T5927] EXT4-fs (loop3): 1 truncate cleaned up
[   73.286281][ T1806] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   73.288260][ T5933] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.296979][ T1806] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   73.331782][ T1806] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   73.339676][ T5934] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.354490][ T5927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   73.388484][ T5944] loop1: detected capacity change from 0 to 128
[   73.399750][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.432690][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.477281][ T5953] netlink: 8 bytes leftover after parsing attributes in process `syz.1.708'.
[   73.487782][ T5954] netlink: 152 bytes leftover after parsing attributes in process `syz.4.710'.
[   73.524231][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.565344][ T5958] netlink: 3 bytes leftover after parsing attributes in process `syz.1.713'.
[   73.593276][ T5961] loop0: detected capacity change from 0 to 512
[   73.601877][ T5961] ext2: Unknown parameter 'euid<00000000004294967295'
[   73.613722][ T5963] loop3: detected capacity change from 0 to 512
[   73.640103][ T5963] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   73.654062][ T5963] EXT4-fs (loop3): orphan cleanup on readonly fs
[   73.688634][ T5963] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.711: corrupted inode contents
[   73.700846][ T5963] EXT4-fs (loop3): Remounting filesystem read-only
[   73.707464][ T5963] EXT4-fs (loop3): 1 truncate cleaned up
[   73.713377][ T1806] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   73.724046][ T1806] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   73.752068][ T1806] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   73.757127][ T5977] siw: device registration error -23
[   73.766803][ T5987] xt_hashlimit: max too large, truncated to 1048576
[   73.777918][ T5987] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   73.825823][ T5993] loop1: detected capacity change from 0 to 512
[   73.871272][ T5993] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   73.884751][ T6001] loop3: detected capacity change from 0 to 1024
[   73.919835][ T6001] EXT4-fs: Ignoring removed bh option
[   73.928557][ T5993] EXT4-fs (loop1): orphan cleanup on readonly fs
[   73.935540][ T6001] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   73.953496][ T5993] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.717: corrupted inode contents
[   73.965894][ T5993] EXT4-fs (loop1): Remounting filesystem read-only
[   73.977168][ T5993] EXT4-fs (loop1): 1 truncate cleaned up
[   73.983064][ T6015] loop0: detected capacity change from 0 to 512
[   73.989618][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   74.000228][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   74.011369][ T1806] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   74.033902][ T6015] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   74.042399][ T6015] EXT4-fs (loop0): orphan cleanup on readonly fs
[   74.050102][ T6015] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.721: corrupted inode contents
[   74.063015][ T6015] EXT4-fs (loop0): Remounting filesystem read-only
[   74.070620][ T6015] EXT4-fs (loop0): 1 truncate cleaned up
[   74.076376][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   74.086945][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   74.097895][   T52] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   74.125059][ T6023] netlink: 'syz.3.723': attribute type 1 has an invalid length.
[   74.282705][ T6033] loop0: detected capacity change from 0 to 512
[   74.304880][ T6033] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   74.312945][ T6033] EXT4-fs (loop0): orphan cleanup on readonly fs
[   74.320493][ T6033] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.724: corrupted inode contents
[   74.345598][ T6033] EXT4-fs (loop0): Remounting filesystem read-only
[   74.357950][ T6037] netlink: 'syz.4.726': attribute type 13 has an invalid length.
[   74.366735][ T6033] EXT4-fs (loop0): 1 truncate cleaned up
[   74.372901][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   74.383445][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   74.410996][   T31] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   74.495198][ T6041] loop4: detected capacity change from 0 to 256
[   74.504704][ T6041] FAT-fs (loop4): Directory bread(block 1285) failed
[   74.601305][ T6045] siw: device registration error -23
[   74.651118][ T6055] loop4: detected capacity change from 0 to 1024
[   74.670327][ T6055] EXT4-fs: Ignoring removed bh option
[   74.682024][ T6055] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   74.760082][ T6063] loop4: detected capacity change from 0 to 512
[   74.799619][ T6063] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   74.823132][ T6063] EXT4-fs (loop4): orphan cleanup on readonly fs
[   74.841730][ T6063] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.736: corrupted inode contents
[   74.861431][ T6063] EXT4-fs (loop4): Remounting filesystem read-only
[   74.868173][ T6063] EXT4-fs (loop4): 1 truncate cleaned up
[   74.874143][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   74.884715][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   74.895325][   T31] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   75.011176][ T6070] netlink: 'syz.3.738': attribute type 13 has an invalid length.
[   75.081495][ T6079] loop1: detected capacity change from 0 to 256
[   75.104610][ T6079] FAT-fs (loop1): Directory bread(block 1285) failed
[   75.173283][ T1806] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 20000 - 0
[   75.189295][ T1806] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 20000 - 0
[   75.213743][ T1806] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 20000 - 0
[   75.225063][ T1806] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 20000 - 0
[   75.267089][ T6093] xt_CT: You must specify a L4 protocol and not use inversions on it
[   75.433509][ T6099] loop2: detected capacity change from 0 to 1024
[   75.443239][ T6099] EXT4-fs: Ignoring removed bh option
[   75.464533][ T6099] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   75.488841][   T10] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x4
[   75.496713][   T10] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x2
[   75.506962][   T10] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x3
[   75.515498][   T10] hid-generic 0000:3000000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   75.544838][ T6115] fido_id[6115]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   75.632496][ T6121] loop2: detected capacity change from 0 to 512
[   75.652822][ T6123] loop0: detected capacity change from 0 to 256
[   75.653275][ T6121] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.672474][ T6123] FAT-fs (loop0): Directory bread(block 1285) failed
[   75.876971][ T6131] loop0: detected capacity change from 0 to 512
[   75.918795][ T6131] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   75.928194][ T6131] EXT4-fs (loop0): orphan cleanup on readonly fs
[   75.988333][ T6131] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.758: corrupted inode contents
[   76.018300][ T6153] loop2: detected capacity change from 0 to 256
[   76.025963][ T6131] EXT4-fs (loop0): Remounting filesystem read-only
[   76.047322][ T6148] loop1: detected capacity change from 0 to 512
[   76.051549][ T6153] FAT-fs (loop2): Directory bread(block 1285) failed
[   76.062463][ T6131] EXT4-fs (loop0): 1 truncate cleaned up
[   76.070063][ T1806] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   76.080618][ T1806] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   76.091464][ T1806] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   76.092540][ T6148] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   76.113089][ T6148] EXT4-fs (loop1): orphan cleanup on readonly fs
[   76.130541][ T6148] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.765: corrupted inode contents
[   76.144368][ T6148] EXT4-fs (loop1): Remounting filesystem read-only
[   76.152650][ T6148] EXT4-fs (loop1): 1 truncate cleaned up
[   76.159743][   T68] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   76.170323][   T68] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   76.181182][   T68] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   76.208156][ T6161] loop0: detected capacity change from 0 to 512
[   76.253300][ T6161] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.293795][   T29] kauditd_printk_skb: 449 callbacks suppressed
[   76.293811][   T29] audit: type=1400 audit(1762384708.758:4811): avc:  denied  { read } for  pid=6166 comm="+}[@" name="usbmon1" dev="devtmpfs" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   76.322815][   T29] audit: type=1400 audit(1762384708.758:4812): avc:  denied  { open } for  pid=6166 comm="+}[@" path="/dev/usbmon1" dev="devtmpfs" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   76.350266][ T6167] __nla_validate_parse: 3 callbacks suppressed
[   76.350293][ T6167] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   76.369468][ T6169] siw: device registration error -23
[   76.403059][ T6167] macsec1: entered promiscuous mode
[   76.408373][ T6167] gretap0: entered promiscuous mode
[   76.413655][ T6167] macsec1: entered allmulticast mode
[   76.418949][ T6167] gretap0: entered allmulticast mode
[   76.426116][ T6175] netlink: 8 bytes leftover after parsing attributes in process `syz.4.774'.
[   76.439788][ T6167] gretap0: left allmulticast mode
[   76.444901][ T6167] gretap0: left promiscuous mode
[   76.469074][ T6176] loop1: detected capacity change from 0 to 512
[   76.496115][   T29] audit: type=1326 audit(1762384708.958:4813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.4.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1bdef6c9 code=0x7ffc0000
[   76.519669][   T29] audit: type=1326 audit(1762384708.958:4814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.4.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1bdef6c9 code=0x7ffc0000
[   76.550543][   T29] audit: type=1400 audit(1762384709.018:4815): avc:  denied  { read write } for  pid=6182 comm="syz.0.778" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   76.574116][   T29] audit: type=1400 audit(1762384709.018:4816): avc:  denied  { open } for  pid=6182 comm="syz.0.778" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   76.597688][   T29] audit: type=1326 audit(1762384709.018:4817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.4.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5d1bdef6c9 code=0x7ffc0000
[   76.621173][   T29] audit: type=1326 audit(1762384709.018:4818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.4.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1bdef6c9 code=0x7ffc0000
[   76.630749][ T6181] netlink: 3 bytes leftover after parsing attributes in process `syz.4.777'.
[   76.644535][   T29] audit: type=1326 audit(1762384709.018:4819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.4.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1bdef6c9 code=0x7ffc0000
[   76.676560][   T29] audit: type=1326 audit(1762384709.018:4820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.4.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d1bdef6c9 code=0x7ffc0000
[   76.709529][ T6176] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   76.717798][ T6176] EXT4-fs (loop1): orphan cleanup on readonly fs
[   76.736724][ T6176] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.775: corrupted inode contents
[   76.763520][ T6176] EXT4-fs (loop1): Remounting filesystem read-only
[   76.784001][ T6176] EXT4-fs (loop1): 1 truncate cleaned up
[   76.789876][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   76.800452][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   76.811230][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   76.913512][ T6201] loop2: detected capacity change from 0 to 512
[   76.932248][ T6216] loop1: detected capacity change from 0 to 512
[   76.950426][ T6218] netlink: 'syz.3.785': attribute type 10 has an invalid length.
[   76.961951][ T6216] ext4 filesystem being mounted at /144/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.979617][ T6201] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   76.987844][ T6201] EXT4-fs (loop2): orphan cleanup on readonly fs
[   77.030910][ T6201] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.780: corrupted inode contents
[   77.047645][ T6201] EXT4-fs (loop2): Remounting filesystem read-only
[   77.059857][ T6201] EXT4-fs (loop2): 1 truncate cleaned up
[   77.068144][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.078781][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.100153][ T6199] loop0: detected capacity change from 0 to 512
[   77.113837][   T31] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   77.133688][ T6199] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   77.147096][ T6199] EXT4-fs (loop0): orphan cleanup on readonly fs
[   77.172417][ T6199] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.779: corrupted inode contents
[   77.189499][ T6199] EXT4-fs (loop0): Remounting filesystem read-only
[   77.202999][ T6247] netlink: 8 bytes leftover after parsing attributes in process `syz.2.788'.
[   77.206370][ T6199] EXT4-fs (loop0): 1 truncate cleaned up
[   77.226666][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.237273][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.248317][   T31] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   77.274064][ T6251] loop2: detected capacity change from 0 to 256
[   77.293562][ T6251] FAT-fs (loop2): Directory bread(block 1285) failed
[   77.411430][ T6270] netlink: 3 bytes leftover after parsing attributes in process `syz.2.796'.
[   77.470080][ T6277] loop2: detected capacity change from 0 to 512
[   77.500693][ T6277] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   77.509505][ T6277] EXT4-fs (loop2): orphan cleanup on readonly fs
[   77.517380][ T6277] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.798: corrupted inode contents
[   77.529853][ T6279] netlink: 28 bytes leftover after parsing attributes in process `syz.0.797'.
[   77.540758][   T36] kernel write not supported for file [eventfd] (pid: 36 comm: kworker/1:1)
[   77.549946][ T6277] EXT4-fs (loop2): Remounting filesystem read-only
[   77.561781][ T6262] loop1: detected capacity change from 0 to 512
[   77.566565][ T6277] EXT4-fs (loop2): 1 truncate cleaned up
[   77.575042][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.585590][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.604352][ T6286] netlink: 8 bytes leftover after parsing attributes in process `syz.0.799'.
[   77.613532][   T31] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   77.633209][ T6262] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   77.643617][ T6262] EXT4-fs (loop1): orphan cleanup on readonly fs
[   77.681142][ T6292] netlink: 16 bytes leftover after parsing attributes in process `syz.2.801'.
[   77.713980][ T6262] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.792: corrupted inode contents
[   77.751182][ T6262] EXT4-fs (loop1): Remounting filesystem read-only
[   77.752343][ T6301] loop0: detected capacity change from 0 to 256
[   77.759182][ T6262] EXT4-fs (loop1): 1 truncate cleaned up
[   77.770952][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.781518][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.821954][ T6303] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   77.829356][ T1806] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   77.830190][ T6303] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   77.869678][ T6301] FAT-fs (loop0): Directory bread(block 1285) failed
[   77.888053][ T6304] loop4: detected capacity change from 0 to 512
[   77.913652][ T6304] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   77.952795][ T6304] EXT4-fs (loop4): orphan cleanup on readonly fs
[   77.966991][ T6304] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.803: corrupted inode contents
[   77.991545][ T6304] EXT4-fs (loop4): Remounting filesystem read-only
[   77.998281][ T6304] EXT4-fs (loop4): 1 truncate cleaned up
[   78.004203][   T68] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   78.014820][   T68] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   78.064540][ T6317] netlink: 3 bytes leftover after parsing attributes in process `syz.1.810'.
[   78.065753][   T68] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   78.087092][ T6321] loop3: detected capacity change from 0 to 512
[   78.113727][ T6321] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   78.113970][ T6320] netlink: 'syz.0.809': attribute type 1 has an invalid length.
[   78.124577][ T6321] EXT4-fs (loop3): orphan cleanup on readonly fs
[   78.129403][ T6320] netlink: 224 bytes leftover after parsing attributes in process `syz.0.809'.
[   78.137025][ T6321] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.811: corrupted inode contents
[   78.156922][ T6321] EXT4-fs (loop3): Remounting filesystem read-only
[   78.164760][ T6321] EXT4-fs (loop3): 1 truncate cleaned up
[   78.171686][   T68] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   78.182277][   T68] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   78.239375][   T68] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   78.325077][ T6349] loop3: detected capacity change from 0 to 512
[   78.344578][ T6349] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.381267][ T6358] loop4: detected capacity change from 0 to 512
[   78.433366][ T6358] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   78.451395][ T6358] EXT4-fs (loop4): orphan cleanup on readonly fs
[   78.458992][ T6358] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.816: corrupted inode contents
[   78.472197][ T6358] EXT4-fs (loop4): Remounting filesystem read-only
[   78.484469][ T6358] EXT4-fs (loop4): 1 truncate cleaned up
[   78.490393][   T68] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   78.501002][   T68] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   78.533934][   T68] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   78.599192][ T6377] loop3: detected capacity change from 0 to 256
[   78.605011][ T6375] loop4: detected capacity change from 0 to 4096
[   78.612993][ T6375] EXT4-fs: Ignoring removed nomblk_io_submit option
[   78.620612][ T6379] loop2: detected capacity change from 0 to 512
[   78.637018][ T6377] FAT-fs (loop3): Directory bread(block 1285) failed
[   78.647193][ T6379] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.678669][ T6383] netlink: 'syz.3.820': attribute type 46 has an invalid length.
[   78.686506][ T6383] netlink: 'syz.3.820': attribute type 28 has an invalid length.
[   78.817549][ T6392] ALSA: seq fatal error: cannot create timer (-19)
[   78.833033][ T6392] xt_hashlimit: max too large, truncated to 1048576
[   78.841999][ T6392] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   78.875388][ T6397] netlink: 'syz.4.826': attribute type 10 has an invalid length.
[   78.901453][   T36] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x4
[   78.909375][   T36] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x2
[   78.928578][   T36] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x3
[   78.940868][   T36] hid-generic 0000:3000000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   78.969487][ T6409] fido_id[6409]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   79.061848][ T6415] netlink: 'syz.3.831': attribute type 1 has an invalid length.
[   79.142787][ T6423] netlink: 'syz.1.833': attribute type 10 has an invalid length.
[   79.148299][ T6424] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   79.158805][ T6424] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   79.364277][ T6433] loop1: detected capacity change from 0 to 512
[   79.382973][ T6433] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   79.391080][ T6433] EXT4-fs (loop1): orphan cleanup on readonly fs
[   79.398866][ T6433] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.835: corrupted inode contents
[   79.410867][ T6433] EXT4-fs (loop1): Remounting filesystem read-only
[   79.417475][ T6433] EXT4-fs (loop1): 1 truncate cleaned up
[   79.423321][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   79.433901][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   79.445143][   T52] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   79.988859][ T6463] netlink: 'syz.3.844': attribute type 10 has an invalid length.
[   80.074341][ T6467] loop4: detected capacity change from 0 to 512
[   80.080781][ T6470] loop2: detected capacity change from 0 to 128
[   80.109873][ T6467] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   80.117936][ T6473] netlink: 'syz.3.847': attribute type 10 has an invalid length.
[   80.135810][ T6470] process 'syz.2.841' launched '/dev/fd/8' with NULL argv: empty string added
[   80.154645][ T6467] EXT4-fs (loop4): orphan cleanup on readonly fs
[   80.186847][ T6467] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.843: corrupted inode contents
[   80.226805][ T6467] EXT4-fs (loop4): Remounting filesystem read-only
[   80.240333][ T6467] EXT4-fs (loop4): 1 truncate cleaned up
[   80.246135][ T1806] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   80.256711][ T1806] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   80.268044][ T1806] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   80.301530][   T36] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x4
[   80.309382][   T36] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x2
[   80.321072][   T36] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x3
[   80.341936][   T36] hid-generic 0000:3000000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   80.452113][ T6487] ALSA: seq fatal error: cannot create timer (-19)
[   80.526231][ T6498] netlink: 'syz.1.857': attribute type 10 has an invalid length.
[   80.644794][   T36] kernel write not supported for file [eventfd] (pid: 36 comm: kworker/1:1)
[   80.855647][ T6520] loop1: detected capacity change from 0 to 512
[   80.880215][ T6520] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   80.893438][ T6520] EXT4-fs (loop1): orphan cleanup on readonly fs
[   80.901349][ T6520] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.861: corrupted inode contents
[   80.914373][ T6520] EXT4-fs (loop1): Remounting filesystem read-only
[   80.921059][ T6520] EXT4-fs (loop1): 1 truncate cleaned up
[   80.926866][   T68] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   80.937468][   T68] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   80.962485][ T6524] loop3: detected capacity change from 0 to 512
[   80.968849][   T68] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   81.014351][ T6524] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   81.032679][ T6524] EXT4-fs (loop3): orphan cleanup on readonly fs
[   81.041173][ T6524] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.863: corrupted inode contents
[   81.053418][ T6524] EXT4-fs (loop3): Remounting filesystem read-only
[   81.060453][ T6524] EXT4-fs (loop3): 1 truncate cleaned up
[   81.066295][   T68] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   81.076901][   T68] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   81.087546][   T68] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   81.148110][ T6532] loop3: detected capacity change from 0 to 1024
[   81.162916][ T6532] EXT4-fs: Ignoring removed bh option
[   81.183076][ T6532] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   81.310197][   T29] kauditd_printk_skb: 564 callbacks suppressed
[   81.310212][   T29] audit: type=1326 audit(1762384713.778:5313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.1.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75b4df6c9 code=0x7ffc0000
[   81.347707][ T6550] loop1: detected capacity change from 0 to 512
[   81.356850][ T6550] ext2: Unknown parameter 'euid<00000000004294967295'
[   81.389831][   T29] audit: type=1326 audit(1762384713.778:5314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.1.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75b4df6c9 code=0x7ffc0000
[   81.413208][   T29] audit: type=1326 audit(1762384713.808:5315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.1.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb75b4df6c9 code=0x7ffc0000
[   81.436550][   T29] audit: type=1326 audit(1762384713.808:5316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.1.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75b4df6c9 code=0x7ffc0000
[   81.459889][   T29] audit: type=1326 audit(1762384713.808:5317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.1.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75b4df6c9 code=0x7ffc0000
[   81.483288][   T29] audit: type=1326 audit(1762384713.808:5318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.1.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fb75b4df6c9 code=0x7ffc0000
[   81.506521][   T29] audit: type=1326 audit(1762384713.808:5319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.1.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75b4df6c9 code=0x7ffc0000
[   81.529881][   T29] audit: type=1326 audit(1762384713.808:5320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.1.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75b4df6c9 code=0x7ffc0000
[   81.553216][   T29] audit: type=1326 audit(1762384713.808:5321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.1.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fb75b4df6c9 code=0x7ffc0000
[   81.576485][   T29] audit: type=1326 audit(1762384713.808:5322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.1.872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb75b4df6c9 code=0x7ffc0000
[   81.636973][ T6548] loop3: detected capacity change from 0 to 512
[   81.699699][ T6548] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   81.713162][ T6548] EXT4-fs (loop3): orphan cleanup on readonly fs
[   81.745553][ T6548] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.871: corrupted inode contents
[   81.770694][ T6552] loop4: detected capacity change from 0 to 512
[   81.777612][ T6548] EXT4-fs (loop3): Remounting filesystem read-only
[   81.785588][ T6548] EXT4-fs (loop3): 1 truncate cleaned up
[   81.791924][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   81.802513][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   81.816760][ T6566] loop1: detected capacity change from 0 to 512
[   81.820631][ T6552] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   81.823644][   T31] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   81.843355][ T6552] EXT4-fs (loop4): orphan cleanup on readonly fs
[   81.873100][ T6552] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.873: corrupted inode contents
[   81.911968][ T6566] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   81.920692][ T6552] EXT4-fs (loop4): Remounting filesystem read-only
[   81.928072][ T6552] EXT4-fs (loop4): 1 truncate cleaned up
[   81.947232][ T6566] EXT4-fs (loop1): orphan cleanup on readonly fs
[   81.954099][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   81.964737][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   81.982208][ T6573] loop0: detected capacity change from 0 to 512
[   81.991197][   T31] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   81.994023][ T6566] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.876: corrupted inode contents
[   82.017862][ T6573] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   82.026677][ T6566] EXT4-fs (loop1): Remounting filesystem read-only
[   82.036120][ T6573] EXT4-fs (loop0): orphan cleanup on readonly fs
[   82.039387][ T6566] EXT4-fs (loop1): 1 truncate cleaned up
[   82.056830][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   82.067445][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   82.096753][ T6573] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.877: corrupted inode contents
[   82.129605][ T6578] __nla_validate_parse: 10 callbacks suppressed
[   82.129622][ T6578] netlink: 12 bytes leftover after parsing attributes in process `syz.3.878'.
[   82.141741][ T6573] EXT4-fs (loop0): Remounting filesystem read-only
[   82.154333][ T1806] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   82.164981][ T6573] EXT4-fs (loop0): 1 truncate cleaned up
[   82.170943][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   82.181499][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   82.211705][   T52] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   82.246625][ T6584] netlink: 3 bytes leftover after parsing attributes in process `syz.4.882'.
[   82.261096][ T6587] validate_nla: 2 callbacks suppressed
[   82.261112][ T6587] netlink: 'syz.3.881': attribute type 10 has an invalid length.
[   82.381180][ T3383] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x4
[   82.388870][ T3383] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x2
[   82.424431][ T6602] loop4: detected capacity change from 0 to 512
[   82.450732][ T6605] loop3: detected capacity change from 0 to 512
[   82.463694][ T6605] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   82.473181][ T6602] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   82.481925][ T6605] EXT4-fs (loop3): orphan cleanup on readonly fs
[   82.495762][ T3383] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x3
[   82.509704][ T6605] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.889: corrupted inode contents
[   82.524161][ T6602] EXT4-fs (loop4): orphan cleanup on readonly fs
[   82.538548][ T3383] hid-generic 0000:3000000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   82.556487][ T6602] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.888: corrupted inode contents
[   82.569436][ T6605] EXT4-fs (loop3): Remounting filesystem read-only
[   82.580447][ T6605] EXT4-fs (loop3): 1 truncate cleaned up
[   82.610708][ T1806] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   82.612802][ T6613] netlink: 16 bytes leftover after parsing attributes in process `syz.1.890'.
[   82.621376][ T1806] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   82.645401][ T6611] fido_id[6611]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   82.669388][ T6602] EXT4-fs (loop4): Remounting filesystem read-only
[   82.676001][ T6602] EXT4-fs (loop4): 1 truncate cleaned up
[   82.689313][ T1806] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   82.719435][ T1806] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   82.730103][ T1806] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   82.759365][ T1806] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   82.903425][ T6621] loop3: detected capacity change from 0 to 1024
[   82.927231][ T6625] loop4: detected capacity change from 0 to 512
[   82.935537][ T6621] EXT4-fs: Ignoring removed bh option
[   82.961147][ T6621] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   82.987438][ T6625] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.199488][ T6639] netlink: 3 bytes leftover after parsing attributes in process `syz.0.898'.
[   83.222911][ T6643] FAULT_INJECTION: forcing a failure.
[   83.222911][ T6643] name failslab, interval 1, probability 0, space 0, times 0
[   83.235559][ T6643] CPU: 1 UID: 0 PID: 6643 Comm: syz.3.900 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   83.235586][ T6643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   83.235627][ T6643] Call Trace:
[   83.235635][ T6643]  <TASK>
[   83.235643][ T6643]  __dump_stack+0x1d/0x30
[   83.235722][ T6643]  dump_stack_lvl+0xe8/0x140
[   83.235744][ T6643]  dump_stack+0x15/0x1b
[   83.235763][ T6643]  should_fail_ex+0x265/0x280
[   83.235785][ T6643]  should_failslab+0x8c/0xb0
[   83.235812][ T6643]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   83.235896][ T6643]  ? __alloc_skb+0x101/0x320
[   83.235924][ T6643]  __alloc_skb+0x101/0x320
[   83.235950][ T6643]  netlink_alloc_large_skb+0xbf/0xf0
[   83.235982][ T6643]  netlink_sendmsg+0x3cf/0x6b0
[   83.236050][ T6643]  ? __pfx_netlink_sendmsg+0x10/0x10
[   83.236068][ T6643]  __sock_sendmsg+0x145/0x180
[   83.236096][ T6643]  ____sys_sendmsg+0x31e/0x4e0
[   83.236130][ T6643]  ___sys_sendmsg+0x17b/0x1d0
[   83.236218][ T6643]  __x64_sys_sendmsg+0xd4/0x160
[   83.236242][ T6643]  x64_sys_call+0x191e/0x3000
[   83.236346][ T6643]  do_syscall_64+0xd2/0x200
[   83.236364][ T6643]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   83.236390][ T6643]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   83.236418][ T6643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.236522][ T6643] RIP: 0033:0x7ff1169ef6c9
[   83.236537][ T6643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.236553][ T6643] RSP: 002b:00007ff115457038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.236621][ T6643] RAX: ffffffffffffffda RBX: 00007ff116c45fa0 RCX: 00007ff1169ef6c9
[   83.236633][ T6643] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[   83.236644][ T6643] RBP: 00007ff115457090 R08: 0000000000000000 R09: 0000000000000000
[   83.236660][ T6643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.236680][ T6643] R13: 00007ff116c46038 R14: 00007ff116c45fa0 R15: 00007ffee68684b8
[   83.236699][ T6643]  </TASK>
[   83.465498][ T6646] netlink: 'syz.3.902': attribute type 10 has an invalid length.
[   83.475940][ T6648] netlink: 56 bytes leftover after parsing attributes in process `syz.4.901'.
[   83.624038][ T6668] netlink: 28 bytes leftover after parsing attributes in process `syz.0.905'.
[   83.635222][ T3383] kernel write not supported for file [eventfd] (pid: 3383 comm: kworker/0:2)
[   83.644815][ T6673] netlink: 28 bytes leftover after parsing attributes in process `syz.1.906'.
[   83.656112][   T36] kernel write not supported for file [eventfd] (pid: 36 comm: kworker/1:1)
[   83.694022][ T6686] netlink: 16 bytes leftover after parsing attributes in process `syz.1.913'.
[   83.764416][ T6694] netlink: 3 bytes leftover after parsing attributes in process `syz.0.915'.
[   83.781061][ T6696] netlink: 'syz.2.910': attribute type 30 has an invalid length.
[   83.889365][ T6707] netlink: 16 bytes leftover after parsing attributes in process `syz.1.913'.
[   84.053826][ T6723] loop0: detected capacity change from 0 to 512
[   84.079970][ T6723] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   84.088171][ T6723] EXT4-fs (loop0): orphan cleanup on readonly fs
[   84.095913][ T6723] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.918: corrupted inode contents
[   84.107988][ T6723] EXT4-fs (loop0): Remounting filesystem read-only
[   84.114702][ T6723] EXT4-fs (loop0): 1 truncate cleaned up
[   84.120478][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   84.131013][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   84.141615][   T31] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   84.175413][ T6727] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   84.183653][ T6727] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   84.295561][   T36] kernel write not supported for file [eventfd] (pid: 36 comm: kworker/1:1)
[   84.422711][ T6737] loop4: detected capacity change from 0 to 1024
[   84.429719][ T6737] EXT4-fs: Ignoring removed bh option
[   84.439995][ T6737] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   84.597575][ T6757] loop1: detected capacity change from 0 to 512
[   84.616414][ T6757] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   84.630043][ T6764] xt_hashlimit: size too large, truncated to 1048576
[   84.636323][ T6757] EXT4-fs (loop1): orphan cleanup on readonly fs
[   84.644988][ T6757] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.928: corrupted inode contents
[   84.662902][ T6757] EXT4-fs (loop1): Remounting filesystem read-only
[   84.669774][ T6757] EXT4-fs (loop1): 1 truncate cleaned up
[   84.731345][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   84.741925][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   84.759912][ T1806] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   84.823199][ T6786] loop1: detected capacity change from 0 to 512
[   84.850238][ T6786] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   84.858364][ T6786] EXT4-fs (loop1): orphan cleanup on readonly fs
[   84.865996][ T6786] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.930: corrupted inode contents
[   84.878078][ T6786] EXT4-fs (loop1): Remounting filesystem read-only
[   84.886379][ T6786] EXT4-fs (loop1): 1 truncate cleaned up
[   84.892322][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   84.903001][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   84.913580][ T1806] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   85.857835][ T6832] loop4: detected capacity change from 0 to 256
[   85.871617][ T6832] FAT-fs (loop4): Directory bread(block 1285) failed
[   85.971561][ T6846] loop4: detected capacity change from 0 to 512
[   85.990083][ T6846] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   86.001153][ T6846] EXT4-fs (loop4): orphan cleanup on readonly fs
[   86.008731][ T6846] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.950: corrupted inode contents
[   86.020826][ T6846] EXT4-fs (loop4): Remounting filesystem read-only
[   86.027534][ T6846] EXT4-fs (loop4): 1 truncate cleaned up
[   86.033616][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   86.044207][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   86.058479][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   86.098276][ T6855] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   86.106528][ T6855] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   86.155582][ T6865] loop1: detected capacity change from 0 to 512
[   86.169848][ T6867] loop0: detected capacity change from 0 to 256
[   86.177036][ T6867] FAT-fs (loop0): Directory bread(block 1285) failed
[   86.186282][ T6865] ext4 filesystem being mounted at /186/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.329485][ T6890] loop1: detected capacity change from 0 to 512
[   86.340406][ T6890] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   86.348507][ T6890] EXT4-fs (loop1): orphan cleanup on readonly fs
[   86.356280][ T6890] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.958: corrupted inode contents
[   86.368259][ T6890] EXT4-fs (loop1): Remounting filesystem read-only
[   86.374899][ T6890] EXT4-fs (loop1): 1 truncate cleaned up
[   86.380946][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   86.385765][ T6889] siw: device registration error -23
[   86.391495][ T1806] __quota_error: 395 callbacks suppressed
[   86.391507][ T1806] Quota error (device loop1): write_blk: dquota write failed
[   86.409895][ T1806] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[   86.419961][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   86.430493][ T1806] Quota error (device loop1): write_blk: dquota write failed
[   86.437856][ T1806] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[   86.447706][ T1806] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   86.457790][ T1806] Quota error (device loop1): v2_write_file_info: Can't write info structure
[   86.466726][ T1806] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   86.515987][   T29] audit: type=1400 audit(1762384718.978:5658): avc:  denied  { read } for  pid=6896 comm="syz.0.965" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   86.539945][   T29] audit: type=1400 audit(1762384718.988:5659): avc:  denied  { ioctl } for  pid=6896 comm="syz.0.965" path="/dev/sg0" dev="devtmpfs" ino=137 ioctlcmd=0x2275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   86.580708][   T29] audit: type=1400 audit(1762384719.048:5660): avc:  denied  { setcurrent } for  pid=6896 comm="syz.0.965" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   86.594080][ T6901] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   86.600161][   T29] audit: type=1401 audit(1762384719.048:5661): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[   86.608259][ T6901] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   86.700217][ T6905] loop1: detected capacity change from 0 to 512
[   86.777257][ T6905] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   86.799690][ T6905] EXT4-fs (loop1): orphan cleanup on readonly fs
[   86.853860][ T6905] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.969: corrupted inode contents
[   86.879676][ T6905] EXT4-fs (loop1): Remounting filesystem read-only
[   86.899257][ T6905] EXT4-fs (loop1): 1 truncate cleaned up
[   86.905629][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   86.916278][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   86.934140][ T6926] siw: device registration error -23
[   86.981521][ T6942] FAULT_INJECTION: forcing a failure.
[   86.981521][ T6942] name failslab, interval 1, probability 0, space 0, times 0
[   86.982396][   T52] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   86.994232][ T6942] CPU: 1 UID: 0 PID: 6942 Comm: syz.2.979 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.994257][ T6942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   86.994269][ T6942] Call Trace:
[   86.994318][ T6942]  <TASK>
[   86.994326][ T6942]  __dump_stack+0x1d/0x30
[   86.994380][ T6942]  dump_stack_lvl+0xe8/0x140
[   86.994402][ T6942]  dump_stack+0x15/0x1b
[   86.994420][ T6942]  should_fail_ex+0x265/0x280
[   86.994441][ T6942]  should_failslab+0x8c/0xb0
[   86.994470][ T6942]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   86.994564][ T6942]  ? sidtab_sid2str_get+0xa0/0x130
[   86.994594][ T6942]  ? skb_put+0xa9/0xf0
[   86.994659][ T6942]  kmemdup_noprof+0x2b/0x70
[   86.994687][ T6942]  sidtab_sid2str_get+0xa0/0x130
[   86.994718][ T6942]  security_sid_to_context_core+0x1eb/0x2e0
[   86.994797][ T6942]  security_sid_to_context+0x27/0x40
[   86.994826][ T6942]  avc_audit_post_callback+0x9d/0x520
[   86.994862][ T6942]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   86.994911][ T6942]  common_lsm_audit+0x1bb/0x230
[   86.994979][ T6942]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   86.995026][ T6942]  slow_avc_audit+0x104/0x140
[   86.995105][ T6942]  avc_has_perm+0x13a/0x180
[   86.995126][ T6942]  selinux_socket_create+0xff/0x180
[   86.995204][ T6942]  security_socket_create+0x50/0x90
[   86.995228][ T6942]  __sock_create+0xe0/0x5b0
[   86.995254][ T6942]  ? fput+0x8f/0xc0
[   86.995272][ T6942]  __sys_socket+0xb0/0x180
[   86.995301][ T6942]  __x64_sys_socket+0x3f/0x50
[   86.995328][ T6942]  x64_sys_call+0x1147/0x3000
[   86.995357][ T6942]  do_syscall_64+0xd2/0x200
[   86.995425][ T6942]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   86.995454][ T6942]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   86.995487][ T6942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.995509][ T6942] RIP: 0033:0x7fc6fca3f6c9
[   86.995525][ T6942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.995574][ T6942] RSP: 002b:00007fc6fb4a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[   86.995670][ T6942] RAX: ffffffffffffffda RBX: 00007fc6fcc95fa0 RCX: 00007fc6fca3f6c9
[   86.995684][ T6942] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a
[   86.995697][ T6942] RBP: 00007fc6fb4a7090 R08: 0000000000000000 R09: 0000000000000000
[   86.995710][ T6942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.995797][ T6942] R13: 00007fc6fcc96038 R14: 00007fc6fcc95fa0 R15: 00007fff11700bb8
[   86.995816][ T6942]  </TASK>
[   87.393346][ T6958] __nla_validate_parse: 15 callbacks suppressed
[   87.393361][ T6958] netlink: 8 bytes leftover after parsing attributes in process `syz.4.985'.
[   87.432691][ T6955] netlink: 'syz.2.983': attribute type 1 has an invalid length.
[   87.440457][ T6955] netlink: 224 bytes leftover after parsing attributes in process `syz.2.983'.
[   87.453868][ T6959] loop1: detected capacity change from 0 to 512
[   87.475763][ T6965] netlink: 'syz.3.988': attribute type 10 has an invalid length.
[   87.513329][ T6959] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   87.521740][ T6959] EXT4-fs (loop1): orphan cleanup on readonly fs
[   87.529390][ T6959] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.982: corrupted inode contents
[   87.541559][ T6959] EXT4-fs (loop1): Remounting filesystem read-only
[   87.548193][ T6959] EXT4-fs (loop1): 1 truncate cleaned up
[   87.553980][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   87.564578][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   87.576461][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   87.643246][ T6976] loop1: detected capacity change from 0 to 512
[   87.675414][ T6980] loop3: detected capacity change from 0 to 256
[   87.740709][ T6980] FAT-fs (loop3): Directory bread(block 1285) failed
[   87.750184][ T6976] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   87.758256][ T6976] EXT4-fs (loop1): orphan cleanup on readonly fs
[   87.768544][ T6976] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.990: corrupted inode contents
[   87.795467][ T6976] EXT4-fs (loop1): Remounting filesystem read-only
[   87.810700][ T6976] EXT4-fs (loop1): 1 truncate cleaned up
[   87.816589][   T31] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   87.827192][   T31] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   87.877794][   T31] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   87.960609][ T6991] loop1: detected capacity change from 0 to 1024
[   87.967503][ T6991] EXT4-fs: Ignoring removed bh option
[   87.975586][ T6991] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   87.984788][ T6989] loop0: detected capacity change from 0 to 4096
[   88.005428][ T6989] EXT4-fs: Ignoring removed nomblk_io_submit option
[   88.057026][ T6998] netlink: 8 bytes leftover after parsing attributes in process `syz.3.997'.
[   88.092818][ T6989] geneve2: entered promiscuous mode
[   88.098075][ T6989] geneve2: entered allmulticast mode
[   88.174535][ T7005] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1000'.
[   88.219481][ T7007] FAULT_INJECTION: forcing a failure.
[   88.219481][ T7007] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.232564][ T7007] CPU: 1 UID: 0 PID: 7007 Comm: syz.2.1001 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   88.232661][ T7007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   88.232675][ T7007] Call Trace:
[   88.232681][ T7007]  <TASK>
[   88.232689][ T7007]  __dump_stack+0x1d/0x30
[   88.232711][ T7007]  dump_stack_lvl+0xe8/0x140
[   88.232782][ T7007]  dump_stack+0x15/0x1b
[   88.232801][ T7007]  should_fail_ex+0x265/0x280
[   88.232823][ T7007]  should_fail+0xb/0x20
[   88.232889][ T7007]  should_fail_usercopy+0x1a/0x20
[   88.232927][ T7007]  _copy_to_user+0x20/0xa0
[   88.233031][ T7007]  simple_read_from_buffer+0xb5/0x130
[   88.233058][ T7007]  proc_fail_nth_read+0x10e/0x150
[   88.233168][ T7007]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   88.233200][ T7007]  vfs_read+0x1a8/0x770
[   88.233250][ T7007]  ? __rcu_read_unlock+0x4f/0x70
[   88.233278][ T7007]  ? __fget_files+0x184/0x1c0
[   88.233348][ T7007]  ksys_read+0xda/0x1a0
[   88.233376][ T7007]  __x64_sys_read+0x40/0x50
[   88.233409][ T7007]  x64_sys_call+0x27c0/0x3000
[   88.233474][ T7007]  do_syscall_64+0xd2/0x200
[   88.233575][ T7007]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   88.233681][ T7007]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   88.233715][ T7007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.233814][ T7007] RIP: 0033:0x7fc6fca3e0dc
[   88.233832][ T7007] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   88.233852][ T7007] RSP: 002b:00007fc6fb4a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   88.233874][ T7007] RAX: ffffffffffffffda RBX: 00007fc6fcc95fa0 RCX: 00007fc6fca3e0dc
[   88.233888][ T7007] RDX: 000000000000000f RSI: 00007fc6fb4a70a0 RDI: 0000000000000004
[   88.233901][ T7007] RBP: 00007fc6fb4a7090 R08: 0000000000000000 R09: 0000000000000000
[   88.233973][ T7007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.233987][ T7007] R13: 00007fc6fcc96038 R14: 00007fc6fcc95fa0 R15: 00007fff11700bb8
[   88.234008][ T7007]  </TASK>
[   88.277283][ T7011] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1003'.
[   88.388453][ T7003] loop1: detected capacity change from 0 to 512
[   88.456465][ T7025] loop2: detected capacity change from 0 to 512
[   88.509282][ T7025] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   88.517511][ T7025] EXT4-fs (loop2): orphan cleanup on readonly fs
[   88.525927][ T7025] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.1004: corrupted inode contents
[   88.527366][ T7011] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1003'.
[   88.538324][ T7025] EXT4-fs (loop2): Remounting filesystem read-only
[   88.554219][ T7025] EXT4-fs (loop2): 1 truncate cleaned up
[   88.564837][ T1806] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   88.575411][ T1806] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   88.628431][ T7003] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   88.642331][ T1806] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   88.653351][ T7003] EXT4-fs (loop1): orphan cleanup on readonly fs
[   88.688243][ T7003] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.999: corrupted inode contents
[   88.719551][ T7003] EXT4-fs (loop1): Remounting filesystem read-only
[   88.735578][ T7003] EXT4-fs (loop1): 1 truncate cleaned up
[   88.745804][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   88.756387][ T1806] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   88.775075][ T1806] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   88.812101][ T7064] loop2: detected capacity change from 0 to 1024
[   88.825967][ T7064] EXT4-fs: Ignoring removed bh option
[   88.834569][ T7064] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   88.860933][ T3383] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x4
[   88.868667][ T3383] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x2
[   88.878879][ T3383] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x3
[   88.892162][ T3383] hid-generic 0000:3000000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   88.918858][ T7072] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1010'.
[   88.950932][ T7074] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   89.041205][ T7078] netlink: 'syz.1.1012': attribute type 1 has an invalid length.
[   89.049015][ T7078] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1012'.
[   89.078355][ T3003] ==================================================================
[   89.086469][ T3003] BUG: KCSAN: data-race in dentry_unlink_inode / step_into
[   89.093677][ T3003] 
[   89.095981][ T3003] write to 0xffff8881004b4930 of 8 bytes by task 3300 on cpu 0:
[   89.103592][ T3003]  dentry_unlink_inode+0x65/0x260
[   89.108596][ T3003]  d_delete+0x164/0x180
[   89.112746][ T3003]  d_delete_notify+0x32/0x100
[   89.117431][ T3003]  vfs_unlink+0x30b/0x420
[   89.121757][ T3003]  do_unlinkat+0x24e/0x480
[   89.126165][ T3003]  __x64_sys_unlink+0x2e/0x40
[   89.130837][ T3003]  x64_sys_call+0x2dcf/0x3000
[   89.135503][ T3003]  do_syscall_64+0xd2/0x200
[   89.139993][ T3003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.145876][ T3003] 
[   89.148183][ T3003] read to 0xffff8881004b4930 of 8 bytes by task 3003 on cpu 1:
[   89.155710][ T3003]  step_into+0x122/0x7f0
[   89.159950][ T3003]  walk_component+0x162/0x220
[   89.164623][ T3003]  path_lookupat+0xfe/0x2a0
[   89.169128][ T3003]  filename_lookup+0x147/0x340
[   89.173893][ T3003]  do_readlinkat+0x7d/0x320
[   89.178382][ T3003]  __x64_sys_readlink+0x47/0x60
[   89.183219][ T3003]  x64_sys_call+0x28de/0x3000
[   89.187889][ T3003]  do_syscall_64+0xd2/0x200
[   89.192380][ T3003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.198262][ T3003] 
[   89.200568][ T3003] value changed: 0xffff88811bb331e8 -> 0x0000000000000000
[   89.207829][ T3003] 
[   89.210136][ T3003] Reported by Kernel Concurrency Sanitizer on:
[   89.216269][ T3003] CPU: 1 UID: 0 PID: 3003 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[   89.225537][ T3003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   89.235580][ T3003] ==================================================================
[   89.247435][ T7082] siw: device registration error -23