last executing test programs:

39.4203241s ago: executing program 3 (id=4):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

39.372946593s ago: executing program 3 (id=6):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="2c0000003f00070dfeffffff00000000017c0000040077000c0003"], 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0x4044000)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff}, 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r4, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {0x0, r5, 0x7ffffffe}}, 0x18)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000080)={0x13, 0x10, 0xfa00, {&(0x7f0000000300), r5, 0x2}}, 0x18)

39.277300649s ago: executing program 1 (id=2):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

39.212971413s ago: executing program 1 (id=7):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20003}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
getgid()
syz_clone3(&(0x7f0000001e40)={0x100a00400, 0x0, 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
gettid()
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r0, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x5, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0, 0xe, &(0x7f0000000400)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000480), &(0x7f00000004c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f0000000340)={0x0, 0x1, 0x0, 0x0, @vifc_lcl_addr=@rand_addr=0xc0586300, @private}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000680)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0xd, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x5}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r6, @ANYBLOB='\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000700), 0x6000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x9, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000008000000000000000330cccb42931d774aa1595eb801e30e7fd984c900000018480000f8ffffe34363ac5f032948a55da207a92e480206a3d36f4309e69c634148e4b68d02d26a0fa112062419b0a2aa84279dd8ef4c61091a9159bbbdcd2997e21db1f090e0832cf46c823bd525b22577a171db02378ab4b7abf95c2a5a096734025140850794be0ae8e879370e5c7fdc697b8fcda910baa0117391fc83b548f3ff05eabe6d0366136601899732d1b532891e3fd81b09082f6a9b83a330dee2c649250c9aa6ffad70e79363dd1188531b8639b527b6d68ba5f47617a8b8c523cfac6dfc4bc3c219d239543616f0eccd4a513ffe4fa864db658103091a1557db65e4816ff2d27416", @ANYRES32=r1, @ANYBLOB="000000000500000009ce7f00abf1000085100000f8ffffff9500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x5a65, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x6, 0x5}, 0x8, 0x10, 0x0, 0x0, r2, r3, 0x2, &(0x7f0000000740)=[r5, 0x1, r6, r7, 0x1], &(0x7f0000000780)=[{0x2, 0x4, 0x7, 0x1}, {0x2, 0x5, 0x7, 0x1}], 0x10, 0x9}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
timerfd_create(0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0)
timerfd_gettime(r1, &(0x7f0000000880))
r8 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r8, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r8, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0xffa1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0)
r9 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x17, 0x40, 0x6, 0x0, 0x0, 0x10609, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x4}, 0x108bcf, 0x7ff, 0xffff, 0x8, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r10}, 0x18)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x100000b, 0x12011, r9, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000040)={@random="e90c610faca2", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}}}}}}}, 0x0)

39.11636839s ago: executing program 2 (id=3):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB='\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

39.010634827s ago: executing program 2 (id=9):
socket(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000000640)={0x1, 0x1, 0x0, &(0x7f00000005c0)=[{0x0}], 0x0}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x4a6c0, 0x42)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_driver={0x0, 0x80805513, &(0x7f00000000c0)})
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100003}, 0x94)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000010200)={0x6, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x18)
time(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
add_key(&(0x7f0000000200)='id_resolver\x00', 0x0, &(0x7f0000000000)="01000000000000000000000000001000"/28, 0xffffffffffffff01, 0xfffffffffffffff8)
openat(0xffffffffffffff9c, 0x0, 0x143142, 0x40)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x0, 0x6}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xe, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)

24.327893246s ago: executing program 32 (id=6):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="2c0000003f00070dfeffffff00000000017c0000040077000c0003"], 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0x4044000)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff}, 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r4, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {0x0, r5, 0x7ffffffe}}, 0x18)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000080)={0x13, 0x10, 0xfa00, {&(0x7f0000000300), r5, 0x2}}, 0x18)

23.95938941s ago: executing program 33 (id=7):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20003}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
getgid()
syz_clone3(&(0x7f0000001e40)={0x100a00400, 0x0, 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
gettid()
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r0, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x5, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0, 0xe, &(0x7f0000000400)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000480), &(0x7f00000004c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f0000000340)={0x0, 0x1, 0x0, 0x0, @vifc_lcl_addr=@rand_addr=0xc0586300, @private}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000680)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0xd, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x5}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r6, @ANYBLOB='\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000700), 0x6000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x9, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000008000000000000000330cccb42931d774aa1595eb801e30e7fd984c900000018480000f8ffffe34363ac5f032948a55da207a92e480206a3d36f4309e69c634148e4b68d02d26a0fa112062419b0a2aa84279dd8ef4c61091a9159bbbdcd2997e21db1f090e0832cf46c823bd525b22577a171db02378ab4b7abf95c2a5a096734025140850794be0ae8e879370e5c7fdc697b8fcda910baa0117391fc83b548f3ff05eabe6d0366136601899732d1b532891e3fd81b09082f6a9b83a330dee2c649250c9aa6ffad70e79363dd1188531b8639b527b6d68ba5f47617a8b8c523cfac6dfc4bc3c219d239543616f0eccd4a513ffe4fa864db658103091a1557db65e4816ff2d27416", @ANYRES32=r1, @ANYBLOB="000000000500000009ce7f00abf1000085100000f8ffffff9500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x5a65, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x6, 0x5}, 0x8, 0x10, 0x0, 0x0, r2, r3, 0x2, &(0x7f0000000740)=[r5, 0x1, r6, r7, 0x1], &(0x7f0000000780)=[{0x2, 0x4, 0x7, 0x1}, {0x2, 0x5, 0x7, 0x1}], 0x10, 0x9}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
timerfd_create(0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0)
timerfd_gettime(r1, &(0x7f0000000880))
r8 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r8, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r8, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0xffa1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0)
r9 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x17, 0x40, 0x6, 0x0, 0x0, 0x10609, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x4}, 0x108bcf, 0x7ff, 0xffff, 0x8, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r10}, 0x18)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x100000b, 0x12011, r9, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000040)={@random="e90c610faca2", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}}}}}}}, 0x0)

23.936158992s ago: executing program 34 (id=9):
socket(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000000640)={0x1, 0x1, 0x0, &(0x7f00000005c0)=[{0x0}], 0x0}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x4a6c0, 0x42)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_driver={0x0, 0x80805513, &(0x7f00000000c0)})
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100003}, 0x94)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000010200)={0x6, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x18)
time(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
add_key(&(0x7f0000000200)='id_resolver\x00', 0x0, &(0x7f0000000000)="01000000000000000000000000001000"/28, 0xffffffffffffff01, 0xfffffffffffffff8)
openat(0xffffffffffffff9c, 0x0, 0x143142, 0x40)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x0, 0x6}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xe, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)

6.980883298s ago: executing program 6 (id=386):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x20}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0x5, 0x0, 0xfe, 0x0, 0x13}}}}}, 0x36)

6.777953202s ago: executing program 6 (id=391):
r0 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0xa96)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r1}, 0x18)
move_mount(0xffffffffffffffff, &(0x7f00000000c0)='./mnt\x00', 0xffffffffffffffff, 0x0, 0x177)

6.664597999s ago: executing program 6 (id=395):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000bc0000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x3}, 0x18)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000200), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

6.364277338s ago: executing program 6 (id=404):
r0 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x8848}, 0x80)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000140)={<r4=>0xffffffffffffffff}, 0x111, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e24, 0x40003, @mcast1}, {0x2, 0xfff9, 0x1, @remote, 0xffffffff}, r4, 0x9dffffff}}, 0x48)
io_uring_enter(0xffffffffffffffff, 0x1, 0x2, 0xf, &(0x7f0000000000)={[0x20]}, 0x8)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000d5030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = syz_io_uring_setup(0x49b, 0x0, 0x0, 0x0)
unshare(0x62000000)
r8 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r8, 0x6, 0x0, 0x0, 0x0)
r9 = fsmount(r8, 0x0, 0x0)
sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xfff5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40e0)
r10 = openat$cgroup_subtree(r9, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000200)={[{0x2b, 'cpuset'}]}, 0x8)
syz_io_uring_submit(0x0, 0x0, 0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x50, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x50}}, 0x0)
io_uring_enter(r7, 0x5fdd, 0x217, 0xa5, 0x0, 0x0)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r12, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

4.957402099s ago: executing program 6 (id=432):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x20}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0x9, 0x0, 0xfe, 0x0, 0x13, {[@window={0x9, 0x3}, @timestamp={0x5, 0xa, 0xfffd}]}}}}}}, 0x46)

3.303234546s ago: executing program 5 (id=460):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x14dd, &(0x7f00000000c0)={0x0, 0x9328, 0x800, 0x5, 0x256}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000440)="d800000018007b29e00212ba0d8105040a601800fe0f040b067c55a1bc000900b80006990600000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ccd40dd601edef3d93452a92307ff0ff0e97031e9f05e9f16e9cb500"/216, 0xd8}], 0x1, 0x0, 0x0, 0x2663}, 0x0)

3.043268173s ago: executing program 5 (id=464):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22004004, &(0x7f00000001c0)={[{@debug}, {@orlov}, {@nodioread_nolock}, {@discard}, {@quota}, {@usrquota}, {@grpid}, {@nouid32}, {@noload}, {@debug}]}, 0x81, 0x477, &(0x7f0000000a40)="$eJzs3MtvG0UcAODfrpP0RZOolEcfUENBRBSSJhTogQsIpF6QkOAAx5CGqtRtURMkWlW0IFSOiDsScETiL+AEFwScQFzhjpAq1AuFA1q09m7rxE7qODVO8PdJa8/swzOzs5PMzngdwMCq5i9JRBYRv0TEWCO6dIdq4+36tYtzf127OJdElr38R1Lf789rF+fKXcvjdhSRiTQi/SCJfW3SXTh/4dRsrTZ/rohPLZ5+a2rh/IXHT56ePTF/Yv7MzNGjR56YfvqpmSdvSzl35nnd++7Z/XuOvfbxi3NZvP79l3l+7yi2N5ejYXzdaVajuvRc1o3UXx9e96dvLDubwslQHzPCmlQiIq+u4Xr7H4tK3Ky8sXjh/b5mDuipLMuyLS1rK2Xgcgb8jyXR7xwA/VH+o8/vf8vlP+x+9N3VZxs3QHm5rxdLY8tQpPnb1sYd+84epV+NiFcv//1pvkTbcQgAgNvr67z/81i7/t9ocnfTfqPF3NB4RByKiF0RcWdE7I6IuyIi3/eeiLh3jelXl8Vb+z8/beuqYB3K+3/PFHNbS/t/abnLeKUxTnapHonh5I2TtfnDxTmZiOEteXx6lTS+ef7nj1ba1tz/y5c8/bIvWOTj96FlA3THZxdn11HkJa6+F7F3qF35kxszAUlE7ImIvV18ft5vPvnoF/vz8OiO1u37b1n+VdyGeabs84hHGvV/OZaVv5Q0UlppfnJqa9TmD0+VV0WrH3688lJzfLgpfOv67628/re3vf6L8pfNoJyvXVh7Gld+/XDFe5pur/+R5JV6eKRY987s4uK56YiRYsWS9TM3jy3j5f55+ScOtiv/aLIr4p/PitOwr7hW74uI+yPiQJH3ByLiwYg4uEr5v3vuoTdXP0P9rf/jq9V/xHjSPF/fRaBy6tuvVkq/s/o/Ug9NFGs6+fvXaQbXc+4AAABgs0jr34FP0skb4TSdnGx8h393bE9rZxcWD1Xj7TPHG9+VH4/htBzpGmsaD50uxobL+MyyeDnmlWXb6vHJubO1Xs2pA53ZsUL7z/1W6XfugJ5b0zxa6xNtwCbmeU0YXNo/DC7tHwbX2tp/688FAJtXu/Z/KeJ6U7SnD2EA/aP/D4NL+4fBpf3D4NL+YSC1PhJfjvR186T/zcCuY+s6vB+BT/qTeqVHnxzNP9rRg0CkG6XiugikGyEbB4rAlojo9KhLPa3T5dcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5vdvAAAA///5IuKJ")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000700)={0x0, r1}, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0xfffffe75, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0xffd9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
close_range(r4, 0xffffffffffffffff, 0x0)

2.808563748s ago: executing program 5 (id=469):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000500), &(0x7f0000000540)=r1}, 0x20)
r2 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r2, &(0x7f0000000240)=[{{&(0x7f00000007c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064c6", 0x15}, {&(0x7f0000000000)="53340081ba60ccbb9d000000000000", 0xf}], 0x2}}, {{&(0x7f0000000080)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000780)="5825be06000000000000007ca2746314d1787b35", 0x14}], 0x1}}], 0x2, 0x4004040)

2.727988543s ago: executing program 5 (id=472):
socket(0xa, 0x3, 0xff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
r2 = dup2(r1, r1)
write$tun(r2, 0x0, 0x46)

2.699788436s ago: executing program 5 (id=473):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x10007ffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000580), 0x1, 0x4e8, &(0x7f00000005c0)="$eJzs3U9oVNsZAPDvTv5YY2LSUrHVFgItVrGdmESjQilmVRAtbS100T8Sk5iISSaYCagUahCLFCpddGFx1Y1ddBO6K9IiFB681Vu4eG8hCm/1njyfPHkuXOVxJ3d0jGPyYmLuY/z94DL3nEnmfHc+7p1zhnPPBPDW6o6IIxHRFBHFiOjM6gvZFpcWt/TvTvXPj6dbEgsLJx4lkUTE0f758eprJdnjluwFvpU+XInY2/xyuzMXLp4dmpgYPZeVe8qT0z0zFy7+6Mzk0Njo2OjUwMGDhw8dGDhweP2OdfP26ze//fdjd669M/fdbVuGJ9N427Pnao9jvXRHd/aetERH7RNJxKn1bixnX8s7AFbtk8LOW3nHAABsvELW92+u9P87oykWO+v37/72cWf8sS3v+AAAAIC1W1hoyh4BAACAxpUY+wMAAECDq84DONo/P17dNmruwYOfblRLvMrDwYjoWsx/9f7uxWean93T2/KG7u/9w9OI7uh48tFPvvH/dIs3dB82X03zH+YdAXlq3Z93BORpxy/yjoA8vXc17wi4NBcRt4/U6f8na+7ztS8pJ0vKxwfT/t9fZmrr9P/eHr88kXcE5OlnA3lHQJ5uPMo7Am4PRsS+et//FSrr91Vtjoi26tp+6+RQe/r5/+/7tXUvf/4XHqxjkyzxcDDixzVrO56qyX+mqykrdVS+KmxJTp+ZGN0XEVsjYne0bErLvcu00Ttw46/16r/zJM3/P5Pq93/plrZf/S4wi+NB86YX/29kqDy01uNm0cO5iB3N9fL/vP+fZLl+Xf8tXftzvfqBPZV1RXctn3/epIV/ROyqe/4/H60ly67P2lO5HPRULwp1/OuDz67Uq//+79P8n90j//lJz/+25fNfuf4/W693ZvVtXP7fzSf16p/eSvP/t0uvc/1vTX5VCbA1qzs/VC6f641oTY69XN+3+pgbVfX9qL5faf53f6/+53+1/5dk60J3RcTXX6PNuXvTd+rVXy+k+b/xO+d/ftL8j6xw/icvnP+r35l//4c/qNf2zqtp/rt+vfL5v78SzO6sRv9vZV82QXnHCQAAAAAAAMD6KFTu00kKxWf7hUKxuDjP95vRVpgozZT3ni7NTo0s3s/TFS2F6lSvzpr5oL3Z/JBquW9JuT+bO3K1c3OlXBwuTYzkffAAAADQ4Noj7v3m8n+2b3nF+D91tzPvKAEAAIC1SMf/HffaKst5fW6cDwAAAA0pHf8//tOn74bxPwAAADSs2vE/AAAA0Nh+fvx4ui1Uf/dvqjR25uz49OG+fcXJ2eHicOncdHGsVBqrrNg3ufLrTZRK0719MXu+pzw6U+6ZuXDx5GRpdqp8svK7sSdHWzbgmICVFbd+vC3vGAAAgI2zlt/1t2PHTqPu5H1lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLb4IAAD//wws/WY=")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
write$UHID_INPUT2(r2, &(0x7f0000004240)=ANY=[], 0x1001)
preadv2(r2, &(0x7f00000004c0)=[{&(0x7f0000003200)=""/4106, 0x100a}, {&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x6)

2.574746003s ago: executing program 5 (id=475):
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000f00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020100000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a01010000000000000000020000000900020073797a31000000000900010073797a300000000054000380080002400000000840000380140001006272696467655f736c6176655f31000014000100776732000000000000000000000000001400010077673200000000000000000000000000080001"], 0xa8}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000014c0)=ANY=[@ANYBLOB="180000000914010026426e12b0dbdf2508000100010000005a94d61ede281269fea22c0e46595e6706ec12326f75f9270cd8c64717d96bd6f1c43e11104fbc7cf67bab583652e314bf64a5678c29ebfc1ca5c8b93bc2ffe18b5f12f25e579195de61cdff5229e2f94ea2f539ad7b7ae8ae80e67b31687d4cb82acdb874b22d1c887d4ea95028"], 0x18}, 0x1, 0x0, 0x0, 0x90}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000680)={r7, 0x0, &(0x7f0000001b80)=""/71}, 0x20)
r8 = syz_usb_connect$printer(0x6, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010003000000ff250502240001010608ff09040003020701020909050102200001050909058202ff030c03eb000000000000000000"], &(0x7f00000002c0)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x310, 0x3, 0x3, 0x4, 0xff}, 0x19, &(0x7f0000001c00)=ANY=[@ANYBLOB="050f19000114100aff020100000f000300300000000f0000003dd3f5d813c2682056fe649f3cc81b841e7fb8a748baed6e881aaf5206dd66dbb241aafbbb5cdf1a1ef76898fde84b97ccd937b16e6fb25fcf489eee936b7986530af7814ec96eb9c9b7becd299701dd6191828b9318b53251c7928ac51f472bd8792b0110420a1e977777a246283ada9d2804f9a088507fe5221eacba2a4783ddee36a937a5dad21bab3d0f06debc1ad3b2905b57a42fcd1e9091a0639b137e"], 0x1, [{0x6b, &(0x7f0000001600)=@string={0x6b, 0x3, "d639961e8466d148c2d96c625edd3f5cd316d74cae62065332d943bda01c39ed3e2cfe81dc7adabf7ed659eaba43a321013af4d9c174f5fccbe678c6538c8a50d95dcde65f711c4b01f3f48ea4c64fb9c27edd93eb48263dd7583637a57da378542432c7e7c3adca2b"}}]})
syz_usb_control_io$printer(r8, &(0x7f00000016c0)={0x14, &(0x7f0000001740)={0x40, 0x23, 0xe3, {0xe3, 0x24, "e656e38346dd0df8f4dfa8ef9b34e2f15b5261417f697ae4dc873c0ce0c5a49087da148dab83deeb111e19d10e119ac3dd941148860ced7ff5b1b3f3519bc78fac0b40a7645236a0b90c59c8d58f3100c6b0691afe11a5a10cf1412d2f40eaeee1849e814131865561d5a9d7728d1d7998a1614f10cf222ed37ec15f4d3a15b10d235d98433231270e5e54902acb466d32b4b190d789780883860b25476cca179cacfb322a0dae55699e9e3c4965d0446ea44290775fff67aab913b4eba0d86b3008986cb58a00dd20e708ce5364d1d38af9c2028478e536942d764b8721f3b733"}}, &(0x7f0000001680)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0xc07}}}, &(0x7f0000001ac0)={0x34, &(0x7f0000001840)={0x20, 0x5, 0xed, "8e7571cafb802386adacb7e3f582269d93274e3c9b73b836f88d9b411620035efd2f8c8ddf6f11106ce8ec0dbe13c7136f9cf1f73286d7654ba44e70c2e397b618660e34a54a44e6358d6e60daa4949d7eb717cf4c76e7c9b5761ccf1bd6c57305ae47d3a395b5ac997290336c428b6028139a94a36616a223b1f3c31836ce857f88abde45d5b7256727c3ad475bc1519162734c5af53d01754448cdd21b04ce1f5eaa92e2ff46f4ed7ef1f6dea0ee5de278a261c5b0379ac753c8761cdb9de898a106c25410d909af609e0f0d20a28fad19ca70d20c2b4c3d58ea5df1302a87988fb06ed507d6111b2450d7e1"}, &(0x7f0000001940)={0x0, 0xa, 0x1, 0x8}, &(0x7f0000001980)={0x0, 0x8, 0x1, 0x80}, &(0x7f00000019c0)=ANY=[@ANYBLOB="200053000000005111e9210d04a7ebf174cce395545df7d91fe5bb73f2a67653e3048306a19e39254797ce1c27fe1068b501de056295a2aa54385afd72ed508b5d125fdd7bb1856280d5ed7a85e37bac153da3db86163f8610"], &(0x7f0000001a40)={0x20, 0x1, 0x1, 0x7}, &(0x7f0000001a80)={0x20, 0x0, 0x1, 0x5}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r10}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)=@o_path={0x0, r9, 0x4000, r10}, 0x18)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r11}, 0x10)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)

1.521644031s ago: executing program 4 (id=489):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
chown(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), &(0x7f0000000400)={0x0, 0xfb, 0xe8, 0x4, 0x5, "c1b551e85d82f82827746a92b1d334a3", "fc068ff043ec9f95d7907a41359f2d426a7ad0ef90e09f0e0d9abfc78a8b847042f6a6b752fe69eab43a2dc4bcab21f87e5e2277090ea46fccaaabe89f4d1fbca7129db49a67e14f381d4e265be16d709574da2d50d27069db9b2597faebf44a930b986192922eef160e116a308b688d4242e89058fe0802d926bd9821ec70762c46da279ade8a2a41cf8ea9342989fe2a9835590b6318d91944be3afcd3724c76737fd8553a3e6749e5d9a9547a16b97acf8bc75c1fe4ca10e0040aa9b0d0cc97fc5f881f6edea3b4262eea26dda1dab53685"}, 0xe8, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r2, 0x0, 0x401}, 0x11)
modify_ldt$write2(0x11, &(0x7f0000000100)={0x1d30, 0x0, 0x2003, 0x1}, 0x10)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)

1.285113507s ago: executing program 0 (id=492):
r0 = socket$kcm(0x29, 0x5, 0x0)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x8aef}, 0x18)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000200)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x200000000140, 0x0, 0x0, 0x200000000170, 0x2000000001a0], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff2dc2bc900000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000039a433b0d9d119945cfd3468bb94231fce42e250e9b873937bbc8e4e458f234b457bec81b091caa07bd9777026be3f432a1fee2bbab128c80e5ced29fd3df6b9a552647c61361c41f7e01672718360951e9a3a5362f47cb32a39c542248af692c892226f0541515dda970925c3868ae22b2b2fe92845f36054f5972d7fa045207c11a0011de481874891ce7163a1ef48cfa6fc7260a12b1b46c76a669bc354b6165e7de3c15771b9a8a3111b980a040b03b41644703d98c6abebb139e31ffaa9029774df4e735bb0b28fbaeb5c150538e9a2a7bed4ea326f37b6da5ad09c9a8b0da4f02c6ee09261071ca591838504fa8dbbc606ca52dfb4256579b1d2d2d25c2d81762f3090251dc95794b720490d73cdef89ce8d40329f2cb069aef3a2f3173320079859f1980cc3005943cb50ad46360af2f8c6b85f25d8d3d6202f872312982e0cd0"]}, 0x24c)
sendmmsg$inet(r0, &(0x7f0000000140), 0x0, 0x8000)
close(r0)
syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, &(0x7f0000001140)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
ppoll(&(0x7f0000000240)=[{}], 0xd8, &(0x7f0000000080)={0x0, 0x989680}, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r6, &(0x7f0000000340)=@name={0x1e, 0x2, 0x3, {{0x43, 0x1}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x40, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(0xffffffffffffffff, 0x2)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r7, 0x18, &(0x7f0000000000)={0xe008, r0, 0x5, {0x400, 0x6}, 0x2}, 0x1)
getpid()
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x8, &(0x7f00000000c0)=ANY=[@ANYRES64=r8, @ANYRES32=r8, @ANYRES8], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r9, 0x0, 0x7}, 0x18)
r10 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r10, 0xc020f509, &(0x7f0000000280)={r10, 0x7, 0x104, 0x7ff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='H'], 0x48}, 0x1, 0x0, 0x0, 0x20004810}, 0x0)

1.188291103s ago: executing program 7 (id=493):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$IPSET_CMD_GET_BYINDEX(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b"], 0xfc}, 0x1, 0x0, 0x0, 0x2000c010}, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10)

1.107371939s ago: executing program 4 (id=494):
socket(0xa, 0x3, 0xff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
r2 = dup2(r1, r1)
write$tun(r2, 0x0, 0x46)

1.08036328s ago: executing program 7 (id=495):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001180)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x2, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x247ecded, 0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x8, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xb, 0x37, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9fa1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0xb, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xa, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x6, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x10000004a56}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x402, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2d, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xc, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0x1, 0x8fc, 0xbf0, 0x9, 0x1, 0x9, 0x7ffffffd, 0x6, 0x0, 0x8, 0x800, 0x9, 0x4, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x401, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x1000004, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x4, 0x10, 0x5, 0x3, 0x10000, 0x1000005, 0x1, 0x0, 0x2, 0x6, 0x5, 0x6, 0xe5a, 0x4, 0x2, 0x1081, 0xd44, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x2, 0x89, 0x2, 0x6, 0x6, 0x9, 0xffffa3e0, 0x86b9, 0xff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb6, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x100, 0x1, 0x8001, 0x100, 0xffff9c6f, 0x20000008, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0xfffffffd, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x0, 0x5, 0x2, 0x7, 0x4, 0xfffffa0c, 0x3, 0x0, 0x2, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x4000002, 0x5, 0x10001, 0x2, 0xf, 0xffffffff, 0x1, 0x723, 0x0, 0x9, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0x2, 0x80000002, 0x0, 0x9, 0x1ff, 0xfffffffe, 0x928, 0x4, 0xffffffff, 0x5, 0x6042, 0xb85, 0x6, 0x8d8d, 0x55, 0x101, 0x3, 0x64e8, 0x8, 0xf, 0x772, 0x80a, 0xffe, 0x3, 0x3f7, 0x5, 0x8, 0x7, 0x1, 0x5d, 0x9, 0xd, 0x82]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3, 0x1}}}}]}]}, 0x898}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r4 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r4, 0x627, 0x4c1, 0x43, 0x0, 0x30)
r6 = dup(r0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x181001)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)

1.052194882s ago: executing program 4 (id=496):
r0 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000000240)=[{{&(0x7f00000007c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064c6", 0x15}, {&(0x7f0000000000)="53340081ba60ccbb9d000000000000", 0xf}], 0x2}}, {{&(0x7f0000000080)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000780)="5825be06000000000000007ca2746314d1787b35", 0x14}], 0x1}}], 0x2, 0x4004040)

984.655036ms ago: executing program 4 (id=497):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@discard}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000012fc0), r0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000f80))
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000fc0))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7030000003e7400850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000300)={0x0, 0x2904c, 0xff01, 0x10003, '\x00', [{0x0, 0x0, 0x700, 0x7, 0x0, 0x40000000000000}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000000000}]})

831.081166ms ago: executing program 4 (id=498):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@discard}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000012fc0), r0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000f80))
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000fc0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d9"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000003e7400850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000300)={0x0, 0x2904c, 0xff01, 0x10003, '\x00', [{0x0, 0x0, 0x700, 0x7, 0x0, 0x40000000000000}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000000000}]})

829.925346ms ago: executing program 7 (id=508):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001180)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x2, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x247ecded, 0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x8, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xb, 0x37, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9fa1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0xb, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xa, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x6, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x10000004a56}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x402, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2d, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xc, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0x1, 0x8fc, 0xbf0, 0x9, 0x1, 0x9, 0x7ffffffd, 0x6, 0x0, 0x8, 0x800, 0x9, 0x4, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x401, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x1000004, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x4, 0x10, 0x5, 0x3, 0x10000, 0x1000005, 0x1, 0x0, 0x2, 0x6, 0x5, 0x6, 0xe5a, 0x4, 0x2, 0x1081, 0xd44, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x2, 0x89, 0x2, 0x6, 0x6, 0x9, 0xffffa3e0, 0x86b9, 0xff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb6, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x100, 0x1, 0x8001, 0x100, 0xffff9c6f, 0x20000008, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0xfffffffd, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x0, 0x5, 0x2, 0x7, 0x4, 0xfffffa0c, 0x3, 0x0, 0x2, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x4000002, 0x5, 0x10001, 0x2, 0xf, 0xffffffff, 0x1, 0x723, 0x0, 0x9, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0x2, 0x80000002, 0x0, 0x9, 0x1ff, 0xfffffffe, 0x928, 0x4, 0xffffffff, 0x5, 0x6042, 0xb85, 0x6, 0x8d8d, 0x55, 0x101, 0x3, 0x64e8, 0x8, 0xf, 0x772, 0x80a, 0xffe, 0x3, 0x3f7, 0x5, 0x8, 0x7, 0x1, 0x5d, 0x9, 0xd, 0x82]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3, 0x1}}}}]}]}, 0x898}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r4 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_enter(r4, 0x627, 0x4c1, 0x43, 0x0, 0x30)
r6 = dup(r0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x181001)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)

777.908659ms ago: executing program 7 (id=499):
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffc, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
dup3(r0, r0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f00000006c0))
socket$kcm(0xa, 0x5, 0x0)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f00000003c0)={'ip6tnl0\x00', &(0x7f00000001c0)={'syztnl1\x00', 0x0, 0x0, 0x5, 0x0, 0x0, 0x10, @empty, @empty, 0x0, 0x7}})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socket$kcm(0x2b, 0x1, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x10000003, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80004, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x80000000, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg$unix(r3, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x10}}], 0x60}, 0x122)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8946, &(0x7f0000000080))

579.286303ms ago: executing program 0 (id=500):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@discard}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000012fc0), r0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000f80))
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000fc0))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7030000003e7400850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000300)={0x0, 0x2904c, 0xff01, 0x10003, '\x00', [{0x0, 0x0, 0x700, 0x7, 0x0, 0x40000000000000}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000000000}]})

498.226208ms ago: executing program 4 (id=501):
futex(&(0x7f000000cffc)=0x40000000, 0x8, 0x1000000, 0x0, 0x0, 0x1)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000100))
syz_open_procfs(0x0, &(0x7f0000000240)='pagemap\x00')
r1 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x18)
sendmmsg$inet6(r1, &(0x7f0000002ec0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0xb, @remote, 0x9}, 0x1c, 0x0}}], 0x1, 0x40000)
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
read$qrtrtun(r2, 0x0, 0xeffd)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe8e, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x7b}, 0x0, &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x2000000000, 0x0})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000100)={[{@grpid}, {@barrier}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000900)='kfree\x00'}, 0x18)
creat(&(0x7f0000000200)='./bus\x00', 0x0)
r5 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100)
preadv2(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

483.636049ms ago: executing program 0 (id=502):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22004004, &(0x7f00000001c0)={[{@debug}, {@orlov}, {@nodioread_nolock}, {@discard}, {@quota}, {@usrquota}, {@grpid}, {@nouid32}, {@noload}, {@debug}]}, 0x81, 0x477, &(0x7f0000000a40)="$eJzs3MtvG0UcAODfrpP0RZOolEcfUENBRBSSJhTogQsIpF6QkOAAx5CGqtRtURMkWlW0IFSOiDsScETiL+AEFwScQFzhjpAq1AuFA1q09m7rxE7qODVO8PdJa8/swzOzs5PMzngdwMCq5i9JRBYRv0TEWCO6dIdq4+36tYtzf127OJdElr38R1Lf789rF+fKXcvjdhSRiTQi/SCJfW3SXTh/4dRsrTZ/rohPLZ5+a2rh/IXHT56ePTF/Yv7MzNGjR56YfvqpmSdvSzl35nnd++7Z/XuOvfbxi3NZvP79l3l+7yi2N5ejYXzdaVajuvRc1o3UXx9e96dvLDubwslQHzPCmlQiIq+u4Xr7H4tK3Ky8sXjh/b5mDuipLMuyLS1rK2Xgcgb8jyXR7xwA/VH+o8/vf8vlP+x+9N3VZxs3QHm5rxdLY8tQpPnb1sYd+84epV+NiFcv//1pvkTbcQgAgNvr67z/81i7/t9ocnfTfqPF3NB4RByKiF0RcWdE7I6IuyIi3/eeiLh3jelXl8Vb+z8/beuqYB3K+3/PFHNbS/t/abnLeKUxTnapHonh5I2TtfnDxTmZiOEteXx6lTS+ef7nj1ba1tz/y5c8/bIvWOTj96FlA3THZxdn11HkJa6+F7F3qF35kxszAUlE7ImIvV18ft5vPvnoF/vz8OiO1u37b1n+VdyGeabs84hHGvV/OZaVv5Q0UlppfnJqa9TmD0+VV0WrH3688lJzfLgpfOv67628/re3vf6L8pfNoJyvXVh7Gld+/XDFe5pur/+R5JV6eKRY987s4uK56YiRYsWS9TM3jy3j5f55+ScOtiv/aLIr4p/PitOwr7hW74uI+yPiQJH3ByLiwYg4uEr5v3vuoTdXP0P9rf/jq9V/xHjSPF/fRaBy6tuvVkq/s/o/Ug9NFGs6+fvXaQbXc+4AAABgs0jr34FP0skb4TSdnGx8h393bE9rZxcWD1Xj7TPHG9+VH4/htBzpGmsaD50uxobL+MyyeDnmlWXb6vHJubO1Xs2pA53ZsUL7z/1W6XfugJ5b0zxa6xNtwCbmeU0YXNo/DC7tHwbX2tp/688FAJtXu/Z/KeJ6U7SnD2EA/aP/D4NL+4fBpf3D4NL+YSC1PhJfjvR186T/zcCuY+s6vB+BT/qTeqVHnxzNP9rRg0CkG6XiugikGyEbB4rAlojo9KhLPa3T5dcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5vdvAAAA///5IuKJ")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000700)={0x0, r1}, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0xfffffe75, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0xffd9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, 0x0, 0x0)
preadv(r5, 0x0, 0x0, 0xf, 0x8001)
close(0xffffffffffffffff)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r6, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
close_range(r4, 0xffffffffffffffff, 0x0)

393.823885ms ago: executing program 0 (id=503):
pipe2$9p(0x0, 0x4880)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000180)=ANY=[@ANYBLOB="e0000002ac1414aa0100"], 0x18)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2}}}}}, 0x0)

357.634417ms ago: executing program 0 (id=504):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x58}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000001a00010000000000000000000a0080", @ANYRES32=0x0, @ANYRES64=r2], 0x38}}, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x4c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xfff}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

320.221589ms ago: executing program 0 (id=505):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYRES64], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
setreuid(0xee01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000054218144019c16bebba524a5b7d05000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x1f, &(0x7f0000000800)=ANY=[@ANYBLOB="1800005ea209000000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001800000009000000000000000c00000018120000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000239b0001ffffffff186100000700400000000000010000001831000005000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x14, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x150, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffc, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xe}, {0x16}}, [@qdisc_kind_options=@q_red={{0x8}, {0x124, 0x2, [@TCA_RED_STAB={0x104, 0x2, "09000000000020008f29d158039b90627d7b60f0d5ca47f33eed46409b7c8722ce020df6b24c2e6ac7b97dc04d01be2092874115214b1ebb764511f69cd1e9f6263346363d2c639c76000067af25166c2f0f85f36aa8867406119c010400002e31dea98204000000d560eae59ea49ef95d73202a6e3b5e1eb38244e694e7410d33bc92794ad27031f2a19698b5142ddf36e2a876a4fc871207bf12a84f1d4d132f5bb7edcf2d08d677e6a7268e106b6ced3c7f53df24092ddb9e0fac6a1153c3fc88bfd1404fef22cf3e825a6e19c6a48a5444eabb459ac3ec9a278df4011773d2f2e6529ed0ad424b47ec67522477f979360b76d1008000"}, @TCA_RED_PARMS={0x14, 0x1, {0x3f26, 0x7, 0x81, 0xc, 0xb, 0x14, 0x5}}, @TCA_RED_MAX_P={0x8}]}}]}, 0x150}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
getpid()
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r4, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="c140ee1c57935319df862b280971c471f9ada0b09c01a372029505a633beb00fa050a0203421b9afad0d6b7ff1c6f7caab70877021cc5b7b2903bc7aa2db49fdff554f76ddd8c536e6abb7b43c99b04cfd4c8f6473170442", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600a00, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000002c0)=0x1)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_buf(r7, 0x6, 0x1f, 0x0, &(0x7f0000000200))
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa10000000000003da7ddab655180dd8119c607010000f8ffffffb70200000800000ab703000000000000850000002d00000095", @ANYRES32, @ANYRES64=r6, @ANYRES8=0x0], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)

104.814653ms ago: executing program 7 (id=506):
prctl$PR_SET_NAME(0xf, &(0x7f0000000400)='+j\xf5@\x00\xc9\xd2\xf5\x81\xf7\xc6\x051\xdc\xb1h-OC\xf6\xbd\xd2>\x12`\x0fO|\xf3O+\x9bf\x050\"G\x91\xf9\xb3\rCC\x88y\xb4\xadOF\xd7$\xea4\xfd\nW\xaa\xf0:\xefbj\x9f*Q+\x8c\x9e\x0eY\xb2\x8d\x1aG\x13\x0e\xdb>![\x86yI\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
move_mount(r1, &(0x7f00000000c0)='./mnt\x00', r1, 0x0, 0x177)

35.424218ms ago: executing program 7 (id=507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x10007ffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000580), 0x1, 0x4e8, &(0x7f00000005c0)="$eJzs3U9oVNsZAPDvTv5YY2LSUrHVFgItVrGdmESjQilmVRAtbS100T8Sk5iISSaYCagUahCLFCpddGFx1Y1ddBO6K9IiFB681Vu4eG8hCm/1njyfPHkuXOVxJ3d0jGPyYmLuY/z94DL3nEnmfHc+7p1zhnPPBPDW6o6IIxHRFBHFiOjM6gvZFpcWt/TvTvXPj6dbEgsLJx4lkUTE0f758eprJdnjluwFvpU+XInY2/xyuzMXLp4dmpgYPZeVe8qT0z0zFy7+6Mzk0Njo2OjUwMGDhw8dGDhweP2OdfP26ze//fdjd669M/fdbVuGJ9N427Pnao9jvXRHd/aetERH7RNJxKn1bixnX8s7AFbtk8LOW3nHAABsvELW92+u9P87oykWO+v37/72cWf8sS3v+AAAAIC1W1hoyh4BAACAxpUY+wMAAECDq84DONo/P17dNmruwYOfblRLvMrDwYjoWsx/9f7uxWean93T2/KG7u/9w9OI7uh48tFPvvH/dIs3dB82X03zH+YdAXlq3Z93BORpxy/yjoA8vXc17wi4NBcRt4/U6f8na+7ztS8pJ0vKxwfT/t9fZmrr9P/eHr88kXcE5OlnA3lHQJ5uPMo7Am4PRsS+et//FSrr91Vtjoi26tp+6+RQe/r5/+/7tXUvf/4XHqxjkyzxcDDixzVrO56qyX+mqykrdVS+KmxJTp+ZGN0XEVsjYne0bErLvcu00Ttw46/16r/zJM3/P5Pq93/plrZf/S4wi+NB86YX/29kqDy01uNm0cO5iB3N9fL/vP+fZLl+Xf8tXftzvfqBPZV1RXctn3/epIV/ROyqe/4/H60ly67P2lO5HPRULwp1/OuDz67Uq//+79P8n90j//lJz/+25fNfuf4/W693ZvVtXP7fzSf16p/eSvP/t0uvc/1vTX5VCbA1qzs/VC6f641oTY69XN+3+pgbVfX9qL5faf53f6/+53+1/5dk60J3RcTXX6PNuXvTd+rVXy+k+b/xO+d/ftL8j6xw/icvnP+r35l//4c/qNf2zqtp/rt+vfL5v78SzO6sRv9vZV82QXnHCQAAAAAAAMD6KFTu00kKxWf7hUKxuDjP95vRVpgozZT3ni7NTo0s3s/TFS2F6lSvzpr5oL3Z/JBquW9JuT+bO3K1c3OlXBwuTYzkffAAAADQ4Noj7v3m8n+2b3nF+D91tzPvKAEAAIC1SMf/HffaKst5fW6cDwAAAA0pHf8//tOn74bxPwAAADSs2vE/AAAA0Nh+fvx4ui1Uf/dvqjR25uz49OG+fcXJ2eHicOncdHGsVBqrrNg3ufLrTZRK0719MXu+pzw6U+6ZuXDx5GRpdqp8svK7sSdHWzbgmICVFbd+vC3vGAAAgI2zlt/1t2PHTqPu5H1lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLb4IAAD//wws/WY=")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
write$UHID_INPUT2(r2, &(0x7f0000004240)=ANY=[], 0x1001)
preadv2(r2, 0x0, 0x0, 0x0, 0x0, 0x6)

0s ago: executing program 6 (id=509):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@discard}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000012fc0), r0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000f80))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d9"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000003e7400850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000300)={0x0, 0x2904c, 0xff01, 0x10003, '\x00', [{0x0, 0x0, 0x700, 0x7, 0x0, 0x40000000000000}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000000000}]})

kernel console output (not intermixed with test programs):

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   41.065116][ T3553] FAULT_INJECTION: forcing a failure.
[   41.065116][ T3553] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   41.078319][ T3553] CPU: 1 UID: 0 PID: 3553 Comm: syz.4.22 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   41.078381][ T3553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   41.078393][ T3553] Call Trace:
[   41.078399][ T3553]  <TASK>
[   41.078405][ T3553]  __dump_stack+0x1d/0x30
[   41.078426][ T3553]  dump_stack_lvl+0xe8/0x140
[   41.078497][ T3553]  dump_stack+0x15/0x1b
[   41.078577][ T3553]  should_fail_ex+0x265/0x280
[   41.078596][ T3553]  should_fail+0xb/0x20
[   41.078611][ T3553]  should_fail_usercopy+0x1a/0x20
[   41.078645][ T3553]  _copy_to_user+0x20/0xa0
[   41.078674][ T3553]  simple_read_from_buffer+0xb5/0x130
[   41.078744][ T3553]  proc_fail_nth_read+0x10e/0x150
[   41.078777][ T3553]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   41.078815][ T3553]  vfs_read+0x1a8/0x770
[   41.078837][ T3553]  ? __rcu_read_unlock+0x4f/0x70
[   41.078922][ T3553]  ? __fget_files+0x184/0x1c0
[   41.078959][ T3553]  ksys_read+0xda/0x1a0
[   41.078992][ T3553]  __x64_sys_read+0x40/0x50
[   41.079017][ T3553]  x64_sys_call+0x27c0/0x3000
[   41.079092][ T3553]  do_syscall_64+0xd2/0x200
[   41.079217][ T3553]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   41.079257][ T3553]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   41.079297][ T3553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.079321][ T3553] RIP: 0033:0x7feb9cc8d9dc
[   41.079334][ T3553] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   41.079434][ T3553] RSP: 002b:00007feb9b6ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   41.079463][ T3553] RAX: ffffffffffffffda RBX: 00007feb9cee5fa0 RCX: 00007feb9cc8d9dc
[   41.079477][ T3553] RDX: 000000000000000f RSI: 00007feb9b6ef0a0 RDI: 0000000000000005
[   41.079493][ T3553] RBP: 00007feb9b6ef090 R08: 0000000000000000 R09: 0000000000000000
[   41.079507][ T3553] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[   41.079523][ T3553] R13: 00007feb9cee6038 R14: 00007feb9cee5fa0 R15: 00007fff8dd4f488
[   41.079544][ T3553]  </TASK>
[   41.080093][ T3327] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   41.290700][ T3555] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.401843][ T3559] Zero length message leads to an empty skb
[   41.464552][ T3561] loop0: detected capacity change from 0 to 512
[   41.504037][ T3561] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.586746][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.647377][ T3555] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.735440][ T3555] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.818342][ T3555] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.867196][ T3569] loop0: detected capacity change from 0 to 512
[   41.879927][ T3569] EXT4-fs: Ignoring removed orlov option
[   41.890421][ T3569] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   41.899320][ T3569] System zones: 1-12
[   41.903442][ T3569] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #13: comm syz.0.28: iget: bad i_size value: 12154757448730
[   41.919287][ T3569] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.28: couldn't read orphan inode 13 (err -117)
[   41.934345][   T52] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.942668][   T52] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.954089][   T52] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.962542][   T52] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.970972][ T3569] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.035577][ T3572] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   42.047818][ T3572] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   42.061080][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.258478][ T3584] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   42.311541][ T3588] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   42.321142][ T3589] IPv6: Can't replace route, no match found
[   42.345518][ T3591] loop4: detected capacity change from 0 to 512
[   42.352022][ T3591] EXT4-fs: Ignoring removed orlov option
[   42.378261][ T3591] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   42.404237][ T3591] System zones: 1-12
[   42.444038][ T3591] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.37: iget: bad i_size value: 12154757448730
[   42.521796][ T3591] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.37: couldn't read orphan inode 13 (err -117)
[   42.538156][ T3595] loop0: detected capacity change from 0 to 512
[   42.548153][ T3595] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   42.559075][ T3591] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.561292][ T3595] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   42.590862][ T3595] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   42.609943][ T3595] EXT4-fs (loop0): 1 truncate cleaned up
[   42.616445][ T3595] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.704906][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.789275][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.855199][ T3599] delete_channel: no stack
[   42.859838][ T3605] loop0: detected capacity change from 0 to 512
[   42.924695][ T3605] EXT4-fs: Ignoring removed orlov option
[   42.941903][ T3605] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   42.949996][ T3605] System zones: 1-12
[   42.954592][ T3605] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #13: comm syz.0.40: iget: bad i_size value: 12154757448730
[   43.001824][ T3605] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.40: couldn't read orphan inode 13 (err -117)
[   43.091929][ T3605] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.170771][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.185281][ T3612] netlink: 28 bytes leftover after parsing attributes in process `syz.4.43'.
[   43.260263][ T3616] program syz.0.44 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   43.270832][ T3615] netlink: 'syz.4.45': attribute type 1 has an invalid length.
[   43.375838][   T29] kauditd_printk_skb: 223 callbacks suppressed
[   43.375855][   T29] audit: type=1400 audit(2000000002.680:314): avc:  denied  { getopt } for  pid=3620 comm="syz.4.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   43.385036][ T3621] batman_adv: batadv0: Adding interface: dummy0
[   43.407554][ T3621] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   43.414201][   T29] audit: type=1400 audit(2000000002.680:315): avc:  denied  { create } for  pid=3620 comm="syz.4.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   43.452990][   T29] audit: type=1400 audit(2000000002.680:316): avc:  denied  { write } for  pid=3620 comm="syz.4.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   43.472912][ T3621] batman_adv: batadv0: Interface activated: dummy0
[   43.494639][   T29] audit: type=1400 audit(2000000002.790:317): avc:  denied  { ioctl } for  pid=3620 comm="syz.4.47" path="socket:[5414]" dev="sockfs" ino=5414 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   43.536285][ T3625] batadv0: mtu less than device minimum
[   43.542233][ T3625] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.545397][ T3626] IPv6: Can't replace route, no match found
[   43.553272][ T3625] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.569429][ T3625] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.580330][ T3625] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.591082][ T3625] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.601799][ T3625] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.612590][ T3625] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.623569][ T3625] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.634497][ T3625] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.666691][   T29] audit: type=1326 audit(2000000002.970:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.0.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   43.690025][   T29] audit: type=1326 audit(2000000002.970:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.0.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   43.777600][   T29] audit: type=1326 audit(2000000002.970:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.0.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   43.800956][   T29] audit: type=1326 audit(2000000002.970:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.0.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   43.813647][ T3632] bridge1: entered promiscuous mode
[   43.824829][   T29] audit: type=1326 audit(2000000002.970:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.0.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   43.852998][   T29] audit: type=1326 audit(2000000002.970:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.0.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   43.926493][ T3637] loop0: detected capacity change from 0 to 512
[   43.934825][ T3634] netlink: 76 bytes leftover after parsing attributes in process `syz.4.52'.
[   43.991821][ T3637] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.061428][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.113041][ T3641] loop4: detected capacity change from 0 to 512
[   44.138242][ T3641] EXT4-fs: Ignoring removed orlov option
[   44.168049][ T3643] loop0: detected capacity change from 0 to 512
[   44.174673][ T3641] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   44.203011][ T3641] System zones: 1-12
[   44.221026][ T3641] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.55: iget: bad i_size value: 12154757448730
[   44.255140][ T3643] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.284423][ T3641] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.55: couldn't read orphan inode 13 (err -117)
[   44.304964][ T3641] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.357427][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.454511][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.567333][ T3651] program syz.4.57 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   44.604757][ T3651] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=3651 comm=syz.4.57
[   44.677970][ T3656] loop4: detected capacity change from 0 to 128
[   44.737484][ T3656] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   44.794343][ T3656] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   44.805538][ T3660] netlink: 8 bytes leftover after parsing attributes in process `syz.0.59'.
[   44.843417][ T3659] loop0: detected capacity change from 0 to 2048
[   44.870128][    C1] hrtimer: interrupt took 47370 ns
[   44.904637][ T3659] EXT4-fs: Ignoring removed bh option
[   44.964823][ T3659] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.021145][ T3659] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   45.054463][ T3659] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[   45.066880][ T3659] EXT4-fs (loop0): This should not happen!! Data will be lost
[   45.066880][ T3659] 
[   45.076559][ T3659] EXT4-fs (loop0): Total free blocks count 0
[   45.082639][ T3659] EXT4-fs (loop0): Free/Dirty block details
[   45.088567][ T3659] EXT4-fs (loop0): free_blocks=2415919104
[   45.094321][ T3659] EXT4-fs (loop0): dirty_blocks=64
[   45.099434][ T3659] EXT4-fs (loop0): Block reservation details
[   45.105483][ T3659] EXT4-fs (loop0): i_reserved_data_blocks=4
[   45.112640][ T3660] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   45.144309][ T3659] syz.0.59 (3659) used greatest stack depth: 9880 bytes left
[   45.162515][ T3320] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   45.235883][ T3665] loop4: detected capacity change from 0 to 128
[   45.243009][ T3665] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   45.270105][ T3667] loop0: detected capacity change from 0 to 512
[   45.294554][ T3665] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   45.304373][ T3667] EXT4-fs: Ignoring removed orlov option
[   45.324278][ T3667] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   45.334430][ T3667] System zones: 1-12
[   45.344437][   T52] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   45.354111][ T3667] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #13: comm syz.0.61: iget: bad i_size value: 12154757448730
[   45.393591][ T3671] ip6t_rpfilter: unknown options
[   45.402915][ T3667] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.61: couldn't read orphan inode 13 (err -117)
[   45.434506][ T3667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.479461][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.629802][ T3675] IPv6: Can't replace route, no match found
[   45.850091][ T3679] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   45.964739][ T3681] loop0: detected capacity change from 0 to 512
[   45.994883][ T3681] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   46.025453][ T3681] EXT4-fs (loop0): 1 truncate cleaned up
[   46.044732][ T3681] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.138725][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.187870][ T3684] netlink: 28 bytes leftover after parsing attributes in process `syz.0.67'.
[   46.196848][ T3684] netlink: 28 bytes leftover after parsing attributes in process `syz.0.67'.
[   46.275672][ T3686] Driver unsupported XDP return value 0 on prog  (id 38) dev N/A, expect packet loss!
[   46.286763][ T3688] loop0: detected capacity change from 0 to 256
[   46.311285][ T3688] msdos: Bad value for 'codepage'
[   46.335411][ T3688] loop0: detected capacity change from 0 to 512
[   46.408908][ T3688] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   46.488641][ T3688] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.525834][ T3688] EXT4-fs warning (device loop0): ext4_group_add:1716: Can't resize non-sparse filesystem further
[   46.585105][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   46.643319][ T3696] netlink: 92 bytes leftover after parsing attributes in process `+\{]'.
[   47.071695][ T3712] loop0: detected capacity change from 0 to 512
[   47.097125][ T3714] netlink: 24 bytes leftover after parsing attributes in process `syz.4.79'.
[   47.106611][ T3714] netlink: 4 bytes leftover after parsing attributes in process `syz.4.79'.
[   47.145916][ T3712] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   47.164356][ T3712] EXT4-fs (loop0): orphan cleanup on readonly fs
[   47.204300][ T3712] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.78: corrupted inode contents
[   47.244505][ T3712] EXT4-fs (loop0): Remounting filesystem read-only
[   47.251223][ T3712] EXT4-fs (loop0): 1 truncate cleaned up
[   47.257022][ T3448] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   47.267682][ T3448] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   47.277849][ T3724] IPv6: Can't replace route, no match found
[   47.334220][ T3448] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   47.384574][ T3712] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   47.401282][ T3712] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.500664][ T3729] IPv6: Can't replace route, no match found
[   47.545249][ T3730] FAULT_INJECTION: forcing a failure.
[   47.545249][ T3730] name failslab, interval 1, probability 0, space 0, times 1
[   47.557995][ T3730] CPU: 0 UID: 0 PID: 3730 Comm: syz.0.83 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   47.558027][ T3730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   47.558043][ T3730] Call Trace:
[   47.558051][ T3730]  <TASK>
[   47.558058][ T3730]  __dump_stack+0x1d/0x30
[   47.558079][ T3730]  dump_stack_lvl+0xe8/0x140
[   47.558159][ T3730]  dump_stack+0x15/0x1b
[   47.558177][ T3730]  should_fail_ex+0x265/0x280
[   47.558197][ T3730]  should_failslab+0x8c/0xb0
[   47.558250][ T3730]  kmem_cache_alloc_noprof+0x50/0x480
[   47.558287][ T3730]  ? audit_log_start+0x342/0x720
[   47.558310][ T3730]  audit_log_start+0x342/0x720
[   47.558329][ T3730]  ? kstrtouint+0x76/0xc0
[   47.558393][ T3730]  audit_seccomp+0x48/0x100
[   47.558511][ T3730]  ? __seccomp_filter+0x82d/0x1250
[   47.558541][ T3730]  __seccomp_filter+0x83e/0x1250
[   47.558575][ T3730]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   47.558638][ T3730]  ? vfs_write+0x7e8/0x960
[   47.558669][ T3730]  ? __rcu_read_unlock+0x4f/0x70
[   47.558695][ T3730]  ? __fget_files+0x184/0x1c0
[   47.558755][ T3730]  __secure_computing+0x82/0x150
[   47.558798][ T3730]  syscall_trace_enter+0xcf/0x1e0
[   47.558902][ T3730]  do_syscall_64+0xac/0x200
[   47.558932][ T3730]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   47.559001][ T3730]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   47.559032][ T3730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.559054][ T3730] RIP: 0033:0x7f7fcc9eefc9
[   47.559120][ T3730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.559139][ T3730] RSP: 002b:00007f7fcb436038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[   47.559156][ T3730] RAX: ffffffffffffffda RBX: 00007f7fccc46090 RCX: 00007f7fcc9eefc9
[   47.559171][ T3730] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005
[   47.559200][ T3730] RBP: 00007f7fcb436090 R08: 0000000000000001 R09: 0000000000000000
[   47.559215][ T3730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.559305][ T3730] R13: 00007f7fccc46128 R14: 00007f7fccc46090 R15: 00007ffda33a8978
[   47.559322][ T3730]  </TASK>
[   47.971886][ T3735] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=3735 comm=syz.4.85
[   48.079585][ T3744] bond0: (slave bridge0): Releasing backup interface
[   48.089007][ T3744] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.096353][ T3744] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.161433][ T3744] batman_adv: batadv0: Interface deactivated: dummy0
[   48.168223][ T3744] batman_adv: batadv0: Removing interface: dummy0
[   48.239937][ T3744] bridge_slave_0: left allmulticast mode
[   48.245799][ T3744] bridge_slave_0: left promiscuous mode
[   48.251563][ T3744] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.394421][ T3744] bridge_slave_1: left allmulticast mode
[   48.400122][ T3744] bridge_slave_1: left promiscuous mode
[   48.405908][ T3744] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.425996][ T3748] program syz.0.88 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   48.474780][   T29] kauditd_printk_skb: 217 callbacks suppressed
[   48.474797][   T29] audit: type=1400 audit(2000000007.780:533): avc:  denied  { execute } for  pid=3750 comm="syz.0.89" name="file0" dev="tmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   48.474910][ T3751] process 'syz.0.89' launched './file0' with NULL argv: empty string added
[   48.534428][   T29] audit: type=1400 audit(2000000007.840:534): avc:  denied  { execute_no_trans } for  pid=3750 comm="syz.0.89" path="/42/file0" dev="tmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   48.534572][ T3744] bond0: (slave bond_slave_0): Releasing backup interface
[   48.605564][ T3753] loop0: detected capacity change from 0 to 512
[   48.624653][ T3744] bond0: (slave bond_slave_1): Releasing backup interface
[   48.644240][ T3753] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   48.666302][ T3744] team0: Port device team_slave_0 removed
[   48.688054][ T3753] EXT4-fs (loop0): 1 truncate cleaned up
[   48.693993][ T3744] team0: Port device team_slave_1 removed
[   48.701356][ T3744] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   48.708783][ T3744] batman_adv: batadv0: Removing interface: batadv_slave_0
[   48.716861][ T3753] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.732278][ T3744] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   48.739767][ T3744] batman_adv: batadv0: Removing interface: batadv_slave_1
[   48.766437][ T3744] net_ratelimit: 10 callbacks suppressed
[   48.766455][ T3744] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   48.869423][ T3327] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.942655][ T3760] pimreg: entered allmulticast mode
[   48.948802][ T3757] pimreg: left allmulticast mode
[   49.066312][ T3764] IPv6: Can't replace route, no match found
[   49.165114][ T3766] IPv6: Can't replace route, no match found
[   49.222204][   T29] audit: type=1400 audit(2000000008.520:535): avc:  denied  { write } for  pid=3770 comm="syz.0.96" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   49.246356][   T29] audit: type=1400 audit(2000000008.520:536): avc:  denied  { cpu } for  pid=3770 comm="syz.0.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   49.265263][   T29] audit: type=1400 audit(2000000008.520:537): avc:  denied  { ioctl } for  pid=3770 comm="syz.0.96" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   49.294667][   T29] audit: type=1326 audit(2000000008.550:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3772 comm="syz.4.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb9cc8efc9 code=0x7ffc0000
[   49.317951][   T29] audit: type=1326 audit(2000000008.550:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3772 comm="syz.4.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb9cc8efc9 code=0x7ffc0000
[   49.341090][   T29] audit: type=1326 audit(2000000008.550:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3772 comm="syz.4.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb9cc8efc9 code=0x7ffc0000
[   49.364426][   T29] audit: type=1326 audit(2000000008.550:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3772 comm="syz.4.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb9cc8efc9 code=0x7ffc0000
[   49.387584][   T29] audit: type=1326 audit(2000000008.550:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3772 comm="syz.4.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb9cc8efc9 code=0x7ffc0000
[   50.084786][ T3778] xt_connbytes: Forcing CT accounting to be enabled
[   50.110609][ T3780] netlink: 'syz.4.99': attribute type 1 has an invalid length.
[   50.608144][ T3785] netlink: 4 bytes leftover after parsing attributes in process `syz.4.101'.
[   50.626530][ T3785] hsr_slave_0: left promiscuous mode
[   50.644922][ T3785] hsr_slave_1: left promiscuous mode
[   51.485649][ T3807] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   51.593076][ T3809] loop4: detected capacity change from 0 to 512
[   51.630101][ T3809] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.695002][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.780292][ T3816] netlink: 12 bytes leftover after parsing attributes in process `syz.4.110'.
[   51.818335][ T3814] serio: Serial port ptm0
[   51.906727][ T3824] loop4: detected capacity change from 0 to 512
[   51.955059][ T3824] EXT4-fs (loop4): orphan cleanup on readonly fs
[   51.976104][ T3824] EXT4-fs warning (device loop4): ext4_xattr_inode_get:560: inode #11: comm syz.4.112: EA inode hash validation failed
[   52.016098][ T3824] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   52.064375][ T3824] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.112: corrupted inode contents
[   52.083730][ T3824] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #15: comm syz.4.112: mark_inode_dirty error
[   52.104567][ T3824] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.112: corrupted inode contents
[   52.147397][ T3833] SELinux:  Context @ is not valid (left unmapped).
[   52.164542][ T3824] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2996: inode #15: comm syz.4.112: mark_inode_dirty error
[   52.206105][ T3824] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2999: inode #15: comm syz.4.112: mark inode dirty (error -117)
[   52.248648][ T3824] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[   52.275074][ T3824] EXT4-fs (loop4): 1 orphan inode deleted
[   52.289317][ T3824] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   52.345668][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.388715][ T3836] netlink: 'syz.4.116': attribute type 2 has an invalid length.
[   52.466191][ T3838] loop9: detected capacity change from 0 to 7
[   52.479108][ T3838] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.495838][ T3838] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.503741][ T3838]  loop9: unable to read partition table
[   52.524127][ T3838] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[   52.524127][ T3838] 
) failed (rc=-5)
[   52.535395][ T3742] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.564325][ T3742] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.594386][ T3742] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.602304][ T3742] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.641255][ T3742] Buffer I/O error on dev loop9, logical block 0, async page read
[   52.679944][ T3843] netlink: 'syz.4.119': attribute type 1 has an invalid length.
[   52.716586][ T3845] loop4: detected capacity change from 0 to 512
[   52.742438][ T3845] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.840221][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.887890][ T3849] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   52.937378][ T3851] FAULT_INJECTION: forcing a failure.
[   52.937378][ T3851] name failslab, interval 1, probability 0, space 0, times 0
[   52.950069][ T3851] CPU: 0 UID: 0 PID: 3851 Comm: syz.0.122 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.950094][ T3851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.950112][ T3851] Call Trace:
[   52.950120][ T3851]  <TASK>
[   52.950128][ T3851]  __dump_stack+0x1d/0x30
[   52.950240][ T3851]  dump_stack_lvl+0xe8/0x140
[   52.950266][ T3851]  dump_stack+0x15/0x1b
[   52.950288][ T3851]  should_fail_ex+0x265/0x280
[   52.950372][ T3851]  should_failslab+0x8c/0xb0
[   52.950408][ T3851]  kmem_cache_alloc_noprof+0x50/0x480
[   52.950441][ T3851]  ? audit_log_start+0x342/0x720
[   52.950462][ T3851]  audit_log_start+0x342/0x720
[   52.950481][ T3851]  ? strncpy_from_user+0x177/0x230
[   52.950607][ T3851]  audit_seccomp+0x48/0x100
[   52.950797][ T3851]  ? __seccomp_filter+0x82d/0x1250
[   52.950853][ T3851]  __seccomp_filter+0x83e/0x1250
[   52.950899][ T3851]  __secure_computing+0x82/0x150
[   52.950943][ T3851]  syscall_trace_enter+0xcf/0x1e0
[   52.950975][ T3851]  do_syscall_64+0xac/0x200
[   52.951078][ T3851]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.951172][ T3851]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.951201][ T3851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.951235][ T3851] RIP: 0033:0x7f7fcc9ed9dc
[   52.951249][ T3851] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   52.951265][ T3851] RSP: 002b:00007f7fcb457030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   52.951327][ T3851] RAX: ffffffffffffffda RBX: 00007f7fccc45fa0 RCX: 00007f7fcc9ed9dc
[   52.951342][ T3851] RDX: 000000000000000f RSI: 00007f7fcb4570a0 RDI: 0000000000000006
[   52.951356][ T3851] RBP: 00007f7fcb457090 R08: 0000000000000000 R09: 0000000000000000
[   52.951442][ T3851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.951454][ T3851] R13: 00007f7fccc46038 R14: 00007f7fccc45fa0 R15: 00007ffda33a8978
[   52.951474][ T3851]  </TASK>
[   53.246788][ T3860] loop4: detected capacity change from 0 to 512
[   53.295796][ T3860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.326189][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.356395][ T3864] netlink: 12 bytes leftover after parsing attributes in process `syz.0.126'.
[   53.363754][ T3866] dvmrp0: entered allmulticast mode
[   53.373183][ T3864] netlink: 24 bytes leftover after parsing attributes in process `syz.0.126'.
[   53.384050][ T3864] netlink: 48 bytes leftover after parsing attributes in process `syz.0.126'.
[   53.471402][ T3872] FAULT_INJECTION: forcing a failure.
[   53.471402][ T3872] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.484648][ T3872] CPU: 1 UID: 0 PID: 3872 Comm: syz.0.129 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.484680][ T3872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   53.484696][ T3872] Call Trace:
[   53.484703][ T3872]  <TASK>
[   53.484712][ T3872]  __dump_stack+0x1d/0x30
[   53.484737][ T3872]  dump_stack_lvl+0xe8/0x140
[   53.484756][ T3872]  dump_stack+0x15/0x1b
[   53.484830][ T3872]  should_fail_ex+0x265/0x280
[   53.484855][ T3872]  should_fail+0xb/0x20
[   53.484927][ T3872]  should_fail_usercopy+0x1a/0x20
[   53.484954][ T3872]  copy_folio_from_iter_atomic+0x278/0x11b0
[   53.484993][ T3872]  ? shmem_write_begin+0xa8/0x190
[   53.485027][ T3872]  ? shmem_write_begin+0xe1/0x190
[   53.485053][ T3872]  generic_perform_write+0x2c2/0x490
[   53.485095][ T3872]  shmem_file_write_iter+0xc5/0xf0
[   53.485128][ T3872]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   53.485223][ T3872]  vfs_write+0x52a/0x960
[   53.485260][ T3872]  ksys_write+0xda/0x1a0
[   53.485288][ T3872]  __x64_sys_write+0x40/0x50
[   53.485347][ T3872]  x64_sys_call+0x2802/0x3000
[   53.485375][ T3872]  do_syscall_64+0xd2/0x200
[   53.485455][ T3872]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.485485][ T3872]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   53.485559][ T3872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.485586][ T3872] RIP: 0033:0x7f7fcc9eefc9
[   53.485600][ T3872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.485694][ T3872] RSP: 002b:00007f7fcb457038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   53.485718][ T3872] RAX: ffffffffffffffda RBX: 00007f7fccc45fa0 RCX: 00007f7fcc9eefc9
[   53.485733][ T3872] RDX: 0000000000040010 RSI: 0000200000000180 RDI: 0000000000000008
[   53.485747][ T3872] RBP: 00007f7fcb457090 R08: 0000000000000000 R09: 0000000000000000
[   53.485763][ T3872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.485809][ T3872] R13: 00007f7fccc46038 R14: 00007f7fccc45fa0 R15: 00007ffda33a8978
[   53.485830][ T3872]  </TASK>
[   53.732893][   T29] kauditd_printk_skb: 47 callbacks suppressed
[   53.732911][   T29] audit: type=1400 audit(2000000013.030:588): avc:  denied  { execmem } for  pid=3874 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   53.802585][   T29] audit: type=1326 audit(2000000013.100:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz.0.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   53.825957][   T29] audit: type=1326 audit(2000000013.100:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz.0.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   53.870431][   T29] audit: type=1326 audit(2000000013.150:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz.0.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   53.893736][   T29] audit: type=1326 audit(2000000013.150:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz.0.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   53.915335][ T3879] dvmrp1: entered allmulticast mode
[   53.917119][   T29] audit: type=1326 audit(2000000013.150:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz.0.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   53.925265][ T3879] netlink: 20 bytes leftover after parsing attributes in process `syz.0.131'.
[   53.945417][   T29] audit: type=1326 audit(2000000013.160:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz.0.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   53.977534][   T29] audit: type=1326 audit(2000000013.160:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz.0.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   54.000973][   T29] audit: type=1326 audit(2000000013.160:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz.0.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   54.024221][   T29] audit: type=1326 audit(2000000013.160:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz.0.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   54.166237][ T3448] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.252526][ T3898] netlink: 'syz.4.134': attribute type 1 has an invalid length.
[   54.301364][ T3448] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.362699][ T3877] chnl_net:caif_netlink_parms(): no params data found
[   54.399141][ T3914] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=3914 comm=syz.4.136
[   54.413768][ T3448] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.461918][ T3877] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.469810][ T3877] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.480858][ T3922] loop4: detected capacity change from 0 to 512
[   54.482430][ T3877] bridge_slave_0: entered allmulticast mode
[   54.507906][ T3877] bridge_slave_0: entered promiscuous mode
[   54.517374][ T3877] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.524582][ T3877] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.531779][ T3877] bridge_slave_1: entered allmulticast mode
[   54.538419][ T3877] bridge_slave_1: entered promiscuous mode
[   54.557624][ T3448] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.576819][ T3877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.587575][ T3877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.661842][ T3877] team0: Port device team_slave_0 added
[   54.672240][ T3877] team0: Port device team_slave_1 added
[   54.700288][ T3889] chnl_net:caif_netlink_parms(): no params data found
[   54.740368][ T3935] loop4: detected capacity change from 0 to 512
[   54.749096][ T3877] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.756174][ T3877] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.782196][ T3877] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.783331][ T3935] EXT4-fs: Ignoring removed orlov option
[   54.802634][ T3937] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   54.813463][ T3935] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   54.821545][ T3935] System zones: 1-12
[   54.826922][ T3877] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.833961][ T3877] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.859963][ T3877] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.872127][ T3935] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.144: iget: bad i_size value: 12154757448730
[   54.890045][ T3935] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.144: couldn't read orphan inode 13 (err -117)
[   54.905043][ T3935] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.964764][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.999713][ T3448] bridge_slave_1: left allmulticast mode
[   55.006111][ T3448] bridge_slave_1: left promiscuous mode
[   55.011834][ T3448] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.023714][ T3448] bridge_slave_0: left allmulticast mode
[   55.029438][ T3448] bridge_slave_0: left promiscuous mode
[   55.036017][ T3448] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.116692][ T3448] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   55.127501][ T3448] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   55.136971][ T3448] bond0 (unregistering): Released all slaves
[   55.151626][ T3889] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.159438][ T3889] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.166952][ T3889] bridge_slave_0: entered allmulticast mode
[   55.173328][ T3889] bridge_slave_0: entered promiscuous mode
[   55.192649][ T3877] hsr_slave_0: entered promiscuous mode
[   55.198812][ T3877] hsr_slave_1: entered promiscuous mode
[   55.205022][ T3877] debugfs: 'hsr0' already exists in 'hsr'
[   55.210854][ T3877] Cannot create hsr debugfs directory
[   55.218668][ T3448] hsr_slave_0: left promiscuous mode
[   55.224460][ T3448] hsr_slave_1: left promiscuous mode
[   55.230304][ T3448] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   55.237826][ T3448] batman_adv: batadv0: Removing interface: batadv_slave_0
[   55.246338][ T3448] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   55.253740][ T3448] batman_adv: batadv0: Removing interface: batadv_slave_1
[   55.267889][ T3448] veth1_macvtap: left promiscuous mode
[   55.273454][ T3448] veth0_macvtap: left promiscuous mode
[   55.279911][ T3448] veth1_vlan: left promiscuous mode
[   55.290351][ T3974] netlink: 24 bytes leftover after parsing attributes in process `syz.4.151'.
[   55.291347][ T3448] veth0_vlan: left promiscuous mode
[   55.365143][ T3448] team0 (unregistering): Port device team_slave_1 removed
[   55.375087][ T3448] team0 (unregistering): Port device team_slave_0 removed
[   55.407049][ T3889] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.414244][ T3889] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.421367][ T3889] bridge_slave_1: entered allmulticast mode
[   55.428114][ T3889] bridge_slave_1: entered promiscuous mode
[   55.446193][ T3974] IPVS: Error connecting to the multicast addr
[   55.480844][ T3889] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.498231][ T3978] loop4: detected capacity change from 0 to 512
[   55.505369][ T3889] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.526753][ T3891] chnl_net:caif_netlink_parms(): no params data found
[   55.535739][ T3978] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.555549][ T3889] team0: Port device team_slave_0 added
[   55.570507][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.583711][ T3889] team0: Port device team_slave_1 added
[   55.613390][ T3889] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.620568][ T3889] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   55.647180][ T3889] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.665030][ T3889] batman_adv: batadv0: Adding interface: batadv_slave_1
[   55.672006][ T3889] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   55.698750][ T3889] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.749835][ T3891] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.757644][ T3891] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.766222][ T3891] bridge_slave_0: entered allmulticast mode
[   55.772704][ T3891] bridge_slave_0: entered promiscuous mode
[   55.785410][ T3991] netlink: 'syz.4.154': attribute type 4 has an invalid length.
[   55.787827][ T3889] hsr_slave_0: entered promiscuous mode
[   55.799475][ T3889] hsr_slave_1: entered promiscuous mode
[   55.809754][ T3891] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.816977][ T3891] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.825074][ T3891] bridge_slave_1: entered allmulticast mode
[   55.831842][ T3891] bridge_slave_1: entered promiscuous mode
[   55.842863][ T3991] netlink: 'syz.4.154': attribute type 4 has an invalid length.
[   55.909289][ T3991] loop4: detected capacity change from 0 to 1024
[   55.916036][ T3991] EXT4-fs: Ignoring removed nomblk_io_submit option
[   55.922685][ T3991] EXT4-fs: inline encryption not supported
[   55.928729][ T3991] EXT4-fs: Ignoring removed i_version option
[   55.949892][ T3991] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.964136][ T3891] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.988565][ T3891] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.003602][ T3448] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.037556][ T3877] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   56.041368][ T4012] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   56.064635][ T3891] team0: Port device team_slave_0 added
[   56.073519][ T3877] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   56.096341][ T3448] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.108964][ T3891] team0: Port device team_slave_1 added
[   56.115649][ T3877] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   56.134750][ T3877] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   56.149669][ T3448] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.176069][ T3891] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.183060][ T3891] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   56.210000][ T3891] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.228571][ T3891] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.236277][ T3891] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   56.262225][ T3891] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.287963][ T3448] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.338597][ T3891] hsr_slave_0: entered promiscuous mode
[   56.344835][ T3891] hsr_slave_1: entered promiscuous mode
[   56.350697][ T3891] debugfs: 'hsr0' already exists in 'hsr'
[   56.357018][ T3891] Cannot create hsr debugfs directory
[   56.383171][ T3889] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   56.396896][ T3889] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   56.409987][ T3889] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   56.424251][ T3889] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   56.499933][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.541833][ T4053] loop4: detected capacity change from 0 to 128
[   56.549236][ T3448] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.594233][ T4053] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   56.602145][ T4053] FAT-fs (loop4): Filesystem has been set read-only
[   56.609503][ T4053] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   56.633768][ T4053] syz.4.162: attempt to access beyond end of device
[   56.633768][ T4053] loop4: rw=2049, sector=2065, nr_sectors = 8 limit=128
[   56.651119][ T3448] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.678186][ T3877] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.689016][ T4053] netlink: 20 bytes leftover after parsing attributes in process `syz.4.162'.
[   56.694738][ T3877] 8021q: adding VLAN 0 to HW filter on device team0
[   56.712289][ T3448] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.745247][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.752357][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.787586][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.794713][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.807273][ T4069] bridge1: entered promiscuous mode
[   56.816502][ T3891] netdevsim netdevsim7 netdevsim0: renamed from eth0
[   56.839324][ T3448] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.863778][ T3891] netdevsim netdevsim7 netdevsim1: renamed from eth1
[   56.887141][ T3891] netdevsim netdevsim7 netdevsim2: renamed from eth2
[   56.904825][ T3889] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.927862][ T3891] netdevsim netdevsim7 netdevsim3: renamed from eth3
[   56.969005][ T3889] 8021q: adding VLAN 0 to HW filter on device team0
[   57.010859][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.018010][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.038252][ T3448] bridge_slave_1: left allmulticast mode
[   57.043925][ T3448] bridge_slave_1: left promiscuous mode
[   57.050364][ T3448] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.059686][ T3448] bridge_slave_0: left allmulticast mode
[   57.065420][ T3448] bridge_slave_0: left promiscuous mode
[   57.071128][ T3448] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.081359][ T3448] bridge_slave_1: left allmulticast mode
[   57.087218][ T3448] bridge_slave_1: left promiscuous mode
[   57.092944][ T3448] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.101191][ T3448] bridge_slave_0: left allmulticast mode
[   57.106908][ T3448] bridge_slave_0: left promiscuous mode
[   57.112656][ T3448] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.227184][ T3448] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   57.237845][ T3448] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   57.247854][ T3448] bond0 (unregistering): Released all slaves
[   57.317391][ T3448] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   57.328371][ T3448] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   57.341445][ T3448] bond0 (unregistering): Released all slaves
[   57.363158][ T3889] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   57.373573][ T3889] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   57.393074][   T90] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.400170][   T90] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.433716][ T4111] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   57.450976][ T3877] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.469096][ T3448] hsr_slave_0: left promiscuous mode
[   57.500011][ T3448] hsr_slave_1: left promiscuous mode
[   57.519548][ T3448] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   57.527384][ T3448] batman_adv: batadv0: Removing interface: batadv_slave_0
[   57.544678][ T3448] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   57.552105][ T3448] batman_adv: batadv0: Removing interface: batadv_slave_1
[   57.562529][ T3448] hsr_slave_0: left promiscuous mode
[   57.570596][ T4124] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=4124 comm=syz.0.175
[   57.583354][ T3448] hsr_slave_1: left promiscuous mode
[   57.589323][ T3448] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   57.597455][ T3448] batman_adv: batadv0: Removing interface: batadv_slave_0
[   57.605380][ T3448] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   57.612828][ T3448] batman_adv: batadv0: Removing interface: batadv_slave_1
[   57.627727][ T3448] veth1_macvtap: left promiscuous mode
[   57.633386][ T3448] veth0_macvtap: left promiscuous mode
[   57.639145][ T3448] veth1_vlan: left promiscuous mode
[   57.644500][ T3448] veth0_vlan: left promiscuous mode
[   57.650246][ T3448] veth1_macvtap: left promiscuous mode
[   57.657486][ T3448] veth0_macvtap: left promiscuous mode
[   57.663118][ T3448] veth1_vlan: left promiscuous mode
[   57.668731][ T3448] veth0_vlan: left promiscuous mode
[   57.769083][ T3448] team0 (unregistering): Port device team_slave_1 removed
[   57.779499][ T3448] team0 (unregistering): Port device team_slave_0 removed
[   57.833994][ T3448] team0 (unregistering): Port device team_slave_1 removed
[   57.843593][ T3448] team0 (unregistering): Port device team_slave_0 removed
[   57.887503][ T4129] can0: slcan on ttyS3.
[   57.956556][ T3889] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.972765][ T4143] loop4: detected capacity change from 0 to 1764
[   57.996260][ T3891] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.005348][ T4143] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   58.014723][ T4131] can0 (unregistered): slcan off ttyS3.
[   58.033550][ T3891] 8021q: adding VLAN 0 to HW filter on device team0
[   58.037717][ T4143] ISOFS: unable to read i-node block
[   58.048396][ T4143] isofs_fill_super: get root inode failed
[   58.057042][ T4132] can0: slcan on ttyS3.
[   58.066729][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.073863][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.110052][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.117189][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.145612][ T3891] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   58.155993][ T4143] syz.4.178 uses obsolete (PF_INET,SOCK_PACKET)
[   58.156912][ T3891] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   58.232243][ T3877] veth0_vlan: entered promiscuous mode
[   58.249813][ T3877] veth1_vlan: entered promiscuous mode
[   58.271026][ T3891] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.301082][ T3877] veth0_macvtap: entered promiscuous mode
[   58.320688][ T3877] veth1_macvtap: entered promiscuous mode
[   58.355439][ T3877] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.386991][ T3889] veth0_vlan: entered promiscuous mode
[   58.401158][ T3889] veth1_vlan: entered promiscuous mode
[   58.422661][ T3877] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.452064][ T3889] veth0_macvtap: entered promiscuous mode
[   58.471343][ T2908] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.489198][ T3889] veth1_macvtap: entered promiscuous mode
[   58.515147][ T2908] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.534880][ T4128] can0 (unregistered): slcan off ttyS3.
[   58.570403][ T3889] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.579198][ T2908] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.611341][ T3889] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.625194][ T3448] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.664435][ T3448] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.681077][ T4208] loop5: detected capacity change from 0 to 512
[   58.692193][ T2908] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.708117][ T4208] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   58.709611][ T2908] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.731317][ T2908] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.754538][ T4208] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   58.779725][ T3891] veth0_vlan: entered promiscuous mode
[   58.788753][ T4208] EXT4-fs (loop5): 1 truncate cleaned up
[   58.796467][ T3891] veth1_vlan: entered promiscuous mode
[   58.796548][ T4216] netlink: 12 bytes leftover after parsing attributes in process `syz.0.181'.
[   58.802481][ T4208] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.871355][ T3891] veth0_macvtap: entered promiscuous mode
[   58.923195][ T3891] veth1_macvtap: entered promiscuous mode
[   58.951756][ T3891] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.965150][   T29] kauditd_printk_skb: 396 callbacks suppressed
[   58.965178][   T29] audit: type=1326 audit(2000000018.260:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4226 comm="syz.6.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   58.994772][   T29] audit: type=1326 audit(2000000018.260:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4226 comm="syz.6.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   59.023141][ T3891] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.054312][   T31] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.064119][   T29] audit: type=1326 audit(2000000018.320:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4226 comm="syz.6.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   59.087535][   T29] audit: type=1326 audit(2000000018.320:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4226 comm="syz.6.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   59.110946][   T29] audit: type=1326 audit(2000000018.320:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4226 comm="syz.6.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   59.134247][   T29] audit: type=1326 audit(2000000018.320:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4226 comm="syz.6.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   59.148190][ T4228] loop4: detected capacity change from 0 to 512
[   59.157534][   T29] audit: type=1326 audit(2000000018.320:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4226 comm="syz.6.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   59.187358][   T29] audit: type=1326 audit(2000000018.320:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4226 comm="syz.6.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   59.210715][   T29] audit: type=1326 audit(2000000018.320:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4226 comm="syz.6.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   59.234275][   T29] audit: type=1326 audit(2000000018.320:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4226 comm="syz.6.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   59.297266][   T31] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.306487][ T4237] netlink: 'syz.6.183': attribute type 21 has an invalid length.
[   59.306705][   T31] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.314366][ T4237] netlink: 164 bytes leftover after parsing attributes in process `syz.6.183'.
[   59.370626][ T4241] random: crng reseeded on system resumption
[   59.381585][   T31] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.410705][ T3877] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.452076][ T4249] netlink: 24 bytes leftover after parsing attributes in process `syz.5.187'.
[   59.597174][ T4255] loop6: detected capacity change from 0 to 512
[   59.768933][ T4262] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=4262 comm=syz.5.191
[   59.816973][ T4264] capability: warning: `syz.0.190' uses deprecated v2 capabilities in a way that may be insecure
[   59.833996][ T4255] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   59.900633][ T4266] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   59.921793][ T4255] EXT4-fs (loop6): 1 truncate cleaned up
[   59.946625][ T4255] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.986745][ T4277] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   60.014130][ T4255] EXT4-fs error (device loop6): __ext4_iget:5443: inode #12: block 2: comm syz.6.188: invalid block
[   60.053550][ T4255] EXT4-fs (loop6): Remounting filesystem read-only
[   60.089924][ T4289] loop7: detected capacity change from 0 to 512
[   60.109664][ T3889] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.167751][ T4295] loop5: detected capacity change from 0 to 512
[   60.192403][ T4295] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.215875][ T4302] loop6: detected capacity change from 0 to 2048
[   60.270821][ T4306] loop7: detected capacity change from 0 to 1024
[   60.311448][ T3877] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.312781][ T4302] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.339389][ T4306] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.340291][ T4302] FAULT_INJECTION: forcing a failure.
[   60.340291][ T4302] name failslab, interval 1, probability 0, space 0, times 0
[   60.364895][ T4302] CPU: 0 UID: 0 PID: 4302 Comm: syz.6.198 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.364927][ T4302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.364938][ T4302] Call Trace:
[   60.364945][ T4302]  <TASK>
[   60.364951][ T4302]  __dump_stack+0x1d/0x30
[   60.364977][ T4302]  dump_stack_lvl+0xe8/0x140
[   60.365052][ T4302]  dump_stack+0x15/0x1b
[   60.365068][ T4302]  should_fail_ex+0x265/0x280
[   60.365086][ T4302]  ? __pfx_ext4_alloc_inode+0x10/0x10
[   60.365115][ T4302]  should_failslab+0x8c/0xb0
[   60.365167][ T4302]  kmem_cache_alloc_lru_noprof+0x55/0x490
[   60.365256][ T4302]  ? ext4_alloc_inode+0x38/0x310
[   60.365285][ T4302]  ? ext4_search_dir+0x1c4/0x1e0
[   60.365351][ T4302]  ? __pfx_ext4_alloc_inode+0x10/0x10
[   60.365381][ T4302]  ext4_alloc_inode+0x38/0x310
[   60.365466][ T4302]  ? __pfx_ext4_alloc_inode+0x10/0x10
[   60.365496][ T4302]  alloc_inode+0x40/0x170
[   60.365521][ T4302]  iget_locked+0xf9/0x5d0
[   60.365602][ T4302]  __ext4_iget+0x152/0x22d0
[   60.365670][ T4302]  ? kmem_cache_alloc_lru_noprof+0x2c1/0x490
[   60.365728][ T4302]  ? __d_alloc+0x3d/0x340
[   60.365770][ T4302]  ext4_lookup+0x161/0x390
[   60.365807][ T4302]  lookup_one_qstr_excl+0xcb/0x250
[   60.365871][ T4302]  do_renameat2+0x380/0x9e0
[   60.365989][ T4302]  __x64_sys_rename+0x58/0x70
[   60.366017][ T4302]  x64_sys_call+0x1f9/0x3000
[   60.366039][ T4302]  do_syscall_64+0xd2/0x200
[   60.366058][ T4302]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.366095][ T4302]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   60.366133][ T4302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.366176][ T4302] RIP: 0033:0x7f9a843cefc9
[   60.366195][ T4302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.366216][ T4302] RSP: 002b:00007f9a82e2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   60.366240][ T4302] RAX: ffffffffffffffda RBX: 00007f9a84625fa0 RCX: 00007f9a843cefc9
[   60.366253][ T4302] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000200000000180
[   60.366265][ T4302] RBP: 00007f9a82e2f090 R08: 0000000000000000 R09: 0000000000000000
[   60.366276][ T4302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.366244][ T4306] netlink: 12 bytes leftover after parsing attributes in process `syz.7.200'.
[   60.366288][ T4302] R13: 00007f9a84626038 R14: 00007f9a84625fa0 R15: 00007ffcae2f18a8
[   60.366324][ T4302]  </TASK>
[   60.612373][ T3889] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.708916][ T3891] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.755691][ T4348] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   60.788920][ T4348] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   60.877745][ T4364] loop7: detected capacity change from 0 to 512
[   60.911687][ T4371] FAULT_INJECTION: forcing a failure.
[   60.911687][ T4371] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.925536][ T4371] CPU: 0 UID: 0 PID: 4371 Comm: syz.0.215 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.925631][ T4371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.925643][ T4371] Call Trace:
[   60.925648][ T4371]  <TASK>
[   60.925683][ T4371]  __dump_stack+0x1d/0x30
[   60.925709][ T4371]  dump_stack_lvl+0xe8/0x140
[   60.925729][ T4371]  dump_stack+0x15/0x1b
[   60.925746][ T4371]  should_fail_ex+0x265/0x280
[   60.925787][ T4371]  should_fail+0xb/0x20
[   60.925807][ T4371]  should_fail_usercopy+0x1a/0x20
[   60.925832][ T4371]  _copy_from_user+0x1c/0xb0
[   60.925863][ T4371]  __se_sys_name_to_handle_at+0x250/0x640
[   60.925930][ T4371]  __x64_sys_name_to_handle_at+0x67/0x80
[   60.925971][ T4371]  x64_sys_call+0x1552/0x3000
[   60.925999][ T4371]  do_syscall_64+0xd2/0x200
[   60.926070][ T4371]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.926102][ T4371]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   60.926142][ T4371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.926162][ T4371] RIP: 0033:0x7f7fcc9eefc9
[   60.926256][ T4371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.926283][ T4371] RSP: 002b:00007f7fcb457038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[   60.926302][ T4371] RAX: ffffffffffffffda RBX: 00007f7fccc45fa0 RCX: 00007f7fcc9eefc9
[   60.926315][ T4371] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006
[   60.926329][ T4371] RBP: 00007f7fcb457090 R08: 0000000000000200 R09: 0000000000000000
[   60.926341][ T4371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.926352][ T4371] R13: 00007f7fccc46038 R14: 00007f7fccc45fa0 R15: 00007ffda33a8978
[   60.926381][ T4371]  </TASK>
[   61.173831][ T4364] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.187428][ T4383] netlink: 60 bytes leftover after parsing attributes in process `syz.6.216'.
[   61.261840][ T3891] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.349688][ T4392] loop4: detected capacity change from 0 to 1764
[   61.407453][ T4404] ref_tracker: memory allocation failure, unreliable refcount tracker.
[   61.425501][ T4401] netlink: 24 bytes leftover after parsing attributes in process `syz.0.223'.
[   61.498829][ T4259] IPVS: starting estimator thread 0...
[   61.614562][ T4415] syz.0.223 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   61.644323][ T4412] IPVS: using max 2496 ests per chain, 124800 per kthread
[   61.664582][ T4417] veth0_to_team: entered promiscuous mode
[   62.106883][ T4435] loop5: detected capacity change from 0 to 128
[   62.174247][ T4435] FAT-fs (loop5): error, corrupted directory (invalid entries)
[   62.181882][ T4435] FAT-fs (loop5): Filesystem has been set read-only
[   62.591452][ T4449] loop6: detected capacity change from 0 to 512
[   62.634572][ T4449] EXT4-fs: Ignoring removed orlov option
[   62.717591][ T4449] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   62.795677][ T4449] System zones: 1-12
[   62.802774][ T4449] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #13: comm syz.6.234: iget: bad i_size value: 12154757448730
[   62.904285][ T4449] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.234: couldn't read orphan inode 13 (err -117)
[   62.935404][ T4449] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.961489][ T4455] loop5: detected capacity change from 0 to 512
[   63.004810][ T4455] EXT4-fs: Ignoring removed orlov option
[   63.019457][ T4457] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   63.045747][ T4455] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   63.076287][ T3889] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.085252][ T4455] System zones: 1-12
[   63.089648][ T4455] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #13: comm syz.5.235: iget: bad i_size value: 12154757448730
[   63.112877][ T4455] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.235: couldn't read orphan inode 13 (err -117)
[   63.210427][ T4464] loop6: detected capacity change from 0 to 512
[   63.335594][ T4472] loop5: detected capacity change from 0 to 128
[   63.375474][ T4472] FAULT_INJECTION: forcing a failure.
[   63.375474][ T4472] name failslab, interval 1, probability 0, space 0, times 0
[   63.388176][ T4472] CPU: 1 UID: 0 PID: 4472 Comm: syz.5.239 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.388233][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   63.388247][ T4472] Call Trace:
[   63.388254][ T4472]  <TASK>
[   63.388263][ T4472]  __dump_stack+0x1d/0x30
[   63.388290][ T4472]  dump_stack_lvl+0xe8/0x140
[   63.388358][ T4472]  dump_stack+0x15/0x1b
[   63.388378][ T4472]  should_fail_ex+0x265/0x280
[   63.388400][ T4472]  should_failslab+0x8c/0xb0
[   63.388433][ T4472]  kmem_cache_alloc_lru_noprof+0x55/0x490
[   63.388475][ T4472]  ? __d_alloc+0x3d/0x340
[   63.388563][ T4472]  __d_alloc+0x3d/0x340
[   63.388601][ T4472]  d_alloc+0x2e/0x100
[   63.388638][ T4472]  lookup_one_qstr_excl+0x99/0x250
[   63.388748][ T4472]  filename_create+0x149/0x230
[   63.388778][ T4472]  do_mkdirat+0x52/0x3f0
[   63.388809][ T4472]  __x64_sys_mkdir+0x42/0x50
[   63.388837][ T4472]  x64_sys_call+0x2db9/0x3000
[   63.388901][ T4472]  do_syscall_64+0xd2/0x200
[   63.388924][ T4472]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   63.388958][ T4472]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   63.388990][ T4472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.389015][ T4472] RIP: 0033:0x7f06f3edefc9
[   63.389032][ T4472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.389053][ T4472] RSP: 002b:00007f06f293f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   63.389099][ T4472] RAX: ffffffffffffffda RBX: 00007f06f4135fa0 RCX: 00007f06f3edefc9
[   63.389114][ T4472] RDX: 0000000000000000 RSI: fffffffffffffffe RDI: 0000200000000300
[   63.389143][ T4472] RBP: 00007f06f293f090 R08: 0000000000000000 R09: 0000000000000000
[   63.389158][ T4472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.389173][ T4472] R13: 00007f06f4136038 R14: 00007f06f4135fa0 R15: 00007ffcdd1aa1b8
[   63.389196][ T4472]  </TASK>
[   63.749541][ T4483] loop6: detected capacity change from 0 to 512
[   63.767161][ T4486] loop7: detected capacity change from 0 to 1024
[   63.804496][ T4486] netlink: 12 bytes leftover after parsing attributes in process `syz.7.245'.
[   63.988927][   T29] kauditd_printk_skb: 227 callbacks suppressed
[   63.988943][   T29] audit: type=1326 audit(2000000023.290:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4505 comm="syz.6.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   64.065970][   T29] audit: type=1326 audit(2000000023.320:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4505 comm="syz.6.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   64.090025][   T29] audit: type=1326 audit(2000000023.320:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4505 comm="syz.6.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   64.113439][   T29] audit: type=1326 audit(2000000023.320:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4505 comm="syz.6.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   64.137635][   T29] audit: type=1326 audit(2000000023.320:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4505 comm="syz.6.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   64.161122][   T29] audit: type=1326 audit(2000000023.320:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4505 comm="syz.6.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   64.185271][   T29] audit: type=1326 audit(2000000023.320:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4505 comm="syz.6.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   64.195837][ T4515] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=4515 comm=syz.6.252
[   64.208625][   T29] audit: type=1326 audit(2000000023.320:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4505 comm="syz.6.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   64.245428][   T29] audit: type=1326 audit(2000000023.320:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4505 comm="syz.6.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   64.268871][   T29] audit: type=1326 audit(2000000023.320:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4505 comm="syz.6.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a843cefc9 code=0x7ffc0000
[   64.299680][ T4519] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=4519 comm=syz.4.253
[   64.377837][ T4521] IPVS: length: 24 != 147480
[   64.479273][ T4535] loop7: detected capacity change from 0 to 512
[   64.515455][ T4537] loop6: detected capacity change from 0 to 2048
[   64.575850][ T4537] EXT4-fs: Ignoring removed bh option
[   64.596261][ T4546] netlink: 12 bytes leftover after parsing attributes in process `syz.0.262'.
[   64.634882][ T4537] IPv6: NLM_F_CREATE should be specified when creating new route
[   64.658181][ T4555] loop4: detected capacity change from 0 to 512
[   64.704993][ T4558] netlink: 40 bytes leftover after parsing attributes in process `syz.5.265'.
[   64.725118][ T4555] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   64.736011][ T4537] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   64.792879][ T4555] EXT4-fs (loop4): 1 truncate cleaned up
[   64.841946][ T4537] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[   64.855160][ T4537] EXT4-fs (loop6): This should not happen!! Data will be lost
[   64.855160][ T4537] 
[   64.864845][ T4537] EXT4-fs (loop6): Total free blocks count 0
[   64.870968][ T4537] EXT4-fs (loop6): Free/Dirty block details
[   64.876953][ T4537] EXT4-fs (loop6): free_blocks=2415919104
[   64.882688][ T4537] EXT4-fs (loop6): dirty_blocks=32
[   64.888579][ T4537] EXT4-fs (loop6): Block reservation details
[   64.894618][ T4537] EXT4-fs (loop6): i_reserved_data_blocks=2
[   64.906458][ T4565] loop5: detected capacity change from 0 to 512
[   64.915712][ T4565] ------------[ cut here ]------------
[   64.921196][ T4565] EA inode 11 i_nlink=2
[   64.921502][ T4565] WARNING: CPU: 0 PID: 4565 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[   64.936570][ T4565] Modules linked in:
[   64.940486][ T4565] CPU: 0 UID: 0 PID: 4565 Comm: syz.5.267 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.950161][ T4565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   64.960965][ T4565] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[   64.967604][ T4565] Code: 90 49 8d 7e 40 e8 76 fd b8 ff 4d 8b 6e 40 4c 89 e7 e8 8a f8 b8 ff 41 8b 56 48 48 c7 c7 a5 c8 55 86 4c 89 ee e8 87 fb 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 08 c9 b5 03 0f 1f 84 00 00 00 00 00
[   64.976061][ T4537] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   64.987255][ T4565] RSP: 0018:ffffc9000185f5a0 EFLAGS: 00010246
[   64.999567][ T4537] EXT4-fs (loop6): This should not happen!! Data will be lost
[   64.999567][ T4537] 
[   65.001356][ T4570] netlink: 212 bytes leftover after parsing attributes in process `syz.7.268'.
[   65.006319][ T4565] 
[   65.006327][ T4565] RAX: 9b0b39005169be00 RBX: ffff88811a86c1a8 RCX: 0000000000080000
[   65.036494][ T4565] RDX: ffffc900151e2000 RSI: 0000000000003e7b RDI: 0000000000003e7c
[   65.044631][ T4565] RBP: 0000000000000002 R08: 0001c9000185f427 R09: 0000000000000000
[   65.052656][ T4565] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811a86c158
[   65.061375][ T4565] R13: 000000000000000b R14: ffff88811a86c110 R15: 0000000000000001
[   65.069436][ T4565] FS:  00007f06f293f6c0(0000) GS:ffff8882aee13000(0000) knlGS:0000000000000000
[   65.078435][ T4565] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   65.085736][ T4565] CR2: 00007f06f3ec22e0 CR3: 000000011fdf2000 CR4: 00000000003506f0
[   65.093739][ T4565] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   65.101856][ T4565] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   65.110033][ T4565] Call Trace:
[   65.113332][ T4565]  <TASK>
[   65.117031][ T4565]  ext4_xattr_set_entry+0x77f/0x1020
[   65.122437][ T4565]  ext4_xattr_ibody_set+0x184/0x3c0
[   65.127704][ T4565]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[   65.133628][ T4565]  __ext4_expand_extra_isize+0x246/0x280
[   65.139380][ T4565]  __ext4_mark_inode_dirty+0x29d/0x3f0
[   65.145613][ T4565]  ext4_evict_inode+0x80e/0xd90
[   65.150575][ T4565]  ? __pfx_ext4_evict_inode+0x10/0x10
[   65.156015][ T4565]  evict+0x2e3/0x550
[   65.159995][ T4565]  ? __dquot_initialize+0x146/0x7c0
[   65.165445][ T4565]  iput+0x4ed/0x650
[   65.169303][ T4565]  ext4_process_orphan+0x1a9/0x1c0
[   65.175244][ T4565]  ext4_orphan_cleanup+0x6a8/0xa00
[   65.180456][ T4565]  ext4_fill_super+0x3483/0x3810
[   65.185467][ T4565]  ? snprintf+0x86/0xb0
[   65.189730][ T4565]  ? set_blocksize+0x1a8/0x310
[   65.194584][ T4565]  ? sb_set_blocksize+0xe3/0x100
[   65.199556][ T4565]  ? setup_bdev_super+0x30e/0x370
[   65.205297][ T4565]  ? __pfx_ext4_fill_super+0x10/0x10
[   65.210672][ T4565]  get_tree_bdev_flags+0x291/0x300
[   65.215859][ T4565]  ? __pfx_ext4_fill_super+0x10/0x10
[   65.221250][ T4565]  get_tree_bdev+0x1f/0x30
[   65.225701][ T4565]  ext4_get_tree+0x1c/0x30
[   65.230137][ T4565]  vfs_get_tree+0x57/0x1d0
[   65.235280][ T4565]  do_new_mount+0x24d/0x660
[   65.239876][ T4565]  path_mount+0x4a5/0xb70
[   65.244324][ T4565]  ? user_path_at+0x109/0x130
[   65.249149][ T4565]  __se_sys_mount+0x28c/0x2e0
[   65.253919][ T4565]  __x64_sys_mount+0x67/0x80
[   65.258632][ T4565]  x64_sys_call+0x2b51/0x3000
[   65.263424][ T4565]  do_syscall_64+0xd2/0x200
[   65.268700][ T4565]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.274812][ T4565]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   65.280583][ T4565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.286541][ T4565] RIP: 0033:0x7f06f3ee076a
[   65.290979][ T4565] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.311322][ T4565] RSP: 002b:00007f06f293ee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   65.319808][ T4565] RAX: ffffffffffffffda RBX: 00007f06f293eef0 RCX: 00007f06f3ee076a
[   65.327987][ T4565] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f06f293eeb0
[   65.336740][ T4565] RBP: 0000200000000180 R08: 00007f06f293eef0 R09: 0000000000800700
[   65.344745][ T4565] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   65.352732][ T4565] R13: 00007f06f293eeb0 R14: 000000000000046f R15: 00002000000007c0
[   65.360831][ T4565]  </TASK>
[   65.363870][ T4565] ---[ end trace 0000000000000000 ]---
[   65.370203][ T4565] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #18: comm syz.5.267: iget: bad extra_isize 90 (inode size 256)
[   65.384191][ T4565] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.267: error while reading EA inode 18 err=-117
[   65.397768][ T4565] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #18: comm syz.5.267: iget: bad extra_isize 90 (inode size 256)
[   65.415037][ T4565] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.267: error while reading EA inode 18 err=-117
[   65.429406][ T4565] EXT4-fs (loop5): 1 orphan inode deleted
[   65.488654][ T4579] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=4579 comm=syz.4.269
[   65.526362][ T4574] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.550529][ T4583] vhci_hcd: default hub control req: 1f0f v0000 i0005 l0
[   65.552643][ T4580] netlink: 65432 bytes leftover after parsing attributes in process `syz.6.270'.
[   65.581629][ T4588] loop4: detected capacity change from 0 to 512
[   65.790322][ T4574] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.977108][ T4574] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.079072][ T4574] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.113888][ T4607] loop5: detected capacity change from 0 to 512
[   66.123895][ T4607] EXT4-fs: Ignoring removed orlov option
[   66.133029][ T4607] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   66.141355][ T4607] System zones: 1-12
[   66.153326][ T2908] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.167463][ T4607] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #13: comm syz.5.279: iget: bad i_size value: 12154757448730
[   66.178706][   T90] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.191731][ T4607] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.279: couldn't read orphan inode 13 (err -117)
[   66.206623][   T90] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.237115][   T31] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.260621][ T4612] netlink: 'syz.7.281': attribute type 30 has an invalid length.
[   66.337717][ T4620] loop6: detected capacity change from 0 to 764
[   66.346433][ T4620] ISOFS: Logical zone size(255) < hardware blocksize(2048)
[   66.407153][ T4626] loop5: detected capacity change from 0 to 512
[   66.473241][ T4637] FAULT_INJECTION: forcing a failure.
[   66.473241][ T4637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.486377][ T4637] CPU: 1 UID: 0 PID: 4637 Comm: syz.6.289 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   66.486457][ T4637] Tainted: [W]=WARN
[   66.486463][ T4637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   66.486475][ T4637] Call Trace:
[   66.486494][ T4637]  <TASK>
[   66.486562][ T4637]  __dump_stack+0x1d/0x30
[   66.486587][ T4637]  dump_stack_lvl+0xe8/0x140
[   66.486605][ T4637]  dump_stack+0x15/0x1b
[   66.486620][ T4637]  should_fail_ex+0x265/0x280
[   66.486682][ T4637]  should_fail+0xb/0x20
[   66.486699][ T4637]  should_fail_usercopy+0x1a/0x20
[   66.486722][ T4637]  _copy_to_iter+0x251/0xe70
[   66.486748][ T4637]  ? ipmr_vif_seq_show+0x138/0x150
[   66.486781][ T4637]  seq_read_iter+0x776/0x950
[   66.486863][ T4637]  seq_read+0x270/0x2b0
[   66.486895][ T4637]  ? __pfx_seq_read+0x10/0x10
[   66.486913][ T4637]  proc_reg_read+0x128/0x1c0
[   66.486943][ T4637]  ? __pfx_proc_reg_read+0x10/0x10
[   66.486966][ T4637]  vfs_read+0x1a8/0x770
[   66.486992][ T4637]  ? __rcu_read_unlock+0x4f/0x70
[   66.487092][ T4637]  ? __fget_files+0x184/0x1c0
[   66.487206][ T4637]  ksys_read+0xda/0x1a0
[   66.487298][ T4637]  __x64_sys_read+0x40/0x50
[   66.487326][ T4637]  x64_sys_call+0x27c0/0x3000
[   66.487351][ T4637]  do_syscall_64+0xd2/0x200
[   66.487371][ T4637]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.487521][ T4637]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   66.487559][ T4637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.487641][ T4637] RIP: 0033:0x7f9a843cefc9
[   66.487658][ T4637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.487679][ T4637] RSP: 002b:00007f9a82e2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   66.487700][ T4637] RAX: ffffffffffffffda RBX: 00007f9a84625fa0 RCX: 00007f9a843cefc9
[   66.487714][ T4637] RDX: 0000000000000008 RSI: 0000200000000180 RDI: 0000000000000003
[   66.487724][ T4637] RBP: 00007f9a82e2f090 R08: 0000000000000000 R09: 0000000000000000
[   66.487735][ T4637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.487746][ T4637] R13: 00007f9a84626038 R14: 00007f9a84625fa0 R15: 00007ffcae2f18a8
[   66.487823][ T4637]  </TASK>
[   66.743708][ T4641] loop5: detected capacity change from 0 to 512
[   66.765709][ T4640] netlink: 8 bytes leftover after parsing attributes in process `syz.7.287'.
[   66.777578][ T4640] netlink: 'syz.7.287': attribute type 2 has an invalid length.
[   66.785324][ T4640] netlink: 'syz.7.287': attribute type 1 has an invalid length.
[   66.794272][ T4641] EXT4-fs: Ignoring removed orlov option
[   66.801764][ T4641] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   66.810448][ T4641] System zones: 1-12
[   66.815088][ T4641] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #13: comm syz.5.290: iget: bad i_size value: 12154757448730
[   66.827915][ T4647] loop4: detected capacity change from 0 to 512
[   66.835980][ T4641] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.290: couldn't read orphan inode 13 (err -117)
[   66.921596][ T4656] loop5: detected capacity change from 0 to 1024
[   66.975982][ T4659] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   67.070362][ T4671] loop6: detected capacity change from 0 to 512
[   67.077985][ T4671] EXT4-fs: Ignoring removed orlov option
[   67.089387][ T4671] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   67.097912][ T4671] System zones: 1-12
[   67.104507][ T4671] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #13: comm syz.6.301: iget: bad i_size value: 12154757448730
[   67.114838][ T4677] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=4677 comm=syz.4.302
[   67.148002][ T4671] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.301: couldn't read orphan inode 13 (err -117)
[   67.192689][ T4683] SELinux: failed to load policy
[   67.323943][ T4699] loop4: detected capacity change from 0 to 512
[   67.326934][ T4697] loop6: detected capacity change from 0 to 1024
[   67.422231][ T4711] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=4711 comm=syz.6.314
[   67.603286][ T4726] loop6: detected capacity change from 0 to 2048
[   67.635311][ T4726] EXT4-fs: Ignoring removed bh option
[   67.661792][ T4735] loop4: detected capacity change from 0 to 512
[   67.710937][ T4740] netlink: 'syz.6.323': attribute type 30 has an invalid length.
[   67.747500][ T4744] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   67.786305][ T4747] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   67.860658][ T4751] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=4751 comm=syz.4.327
[   68.028484][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[   68.059559][ T4767] futex_wake_op: syz.6.333 tries to shift op by 144; fix this program
[   68.071352][ T4764] netlink: 8 bytes leftover after parsing attributes in process `syz.4.329'.
[   68.101974][ T4770] FAULT_INJECTION: forcing a failure.
[   68.101974][ T4770] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.115256][ T4770] CPU: 1 UID: 0 PID: 4770 Comm: syz.0.332 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   68.115295][ T4770] Tainted: [W]=WARN
[   68.115301][ T4770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   68.115313][ T4770] Call Trace:
[   68.115373][ T4770]  <TASK>
[   68.115379][ T4770]  __dump_stack+0x1d/0x30
[   68.115401][ T4770]  dump_stack_lvl+0xe8/0x140
[   68.115420][ T4770]  dump_stack+0x15/0x1b
[   68.115468][ T4770]  should_fail_ex+0x265/0x280
[   68.115491][ T4770]  should_fail+0xb/0x20
[   68.115511][ T4770]  should_fail_usercopy+0x1a/0x20
[   68.115551][ T4770]  _copy_to_user+0x20/0xa0
[   68.115583][ T4770]  simple_read_from_buffer+0xb5/0x130
[   68.115623][ T4770]  proc_fail_nth_read+0x10e/0x150
[   68.115758][ T4770]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   68.115797][ T4770]  vfs_read+0x1a8/0x770
[   68.115849][ T4770]  ? __rcu_read_unlock+0x4f/0x70
[   68.115874][ T4770]  ? __fget_files+0x184/0x1c0
[   68.115910][ T4770]  ksys_read+0xda/0x1a0
[   68.115942][ T4770]  __x64_sys_read+0x40/0x50
[   68.116006][ T4770]  x64_sys_call+0x27c0/0x3000
[   68.116078][ T4770]  do_syscall_64+0xd2/0x200
[   68.116125][ T4770]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   68.116172][ T4770]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   68.116212][ T4770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.116238][ T4770] RIP: 0033:0x7f7fcc9ed9dc
[   68.116253][ T4770] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   68.116348][ T4770] RSP: 002b:00007f7fcb457030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   68.116370][ T4770] RAX: ffffffffffffffda RBX: 00007f7fccc45fa0 RCX: 00007f7fcc9ed9dc
[   68.116416][ T4770] RDX: 000000000000000f RSI: 00007f7fcb4570a0 RDI: 0000000000000006
[   68.116430][ T4770] RBP: 00007f7fcb457090 R08: 0000000000000000 R09: 0000000000000000
[   68.116447][ T4770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   68.116458][ T4770] R13: 00007f7fccc46038 R14: 00007f7fccc45fa0 R15: 00007ffda33a8978
[   68.116551][ T4770]  </TASK>
[   68.129642][ T4771] Bluetooth: hci0: Frame reassembly failed (-90)
[   68.388174][ T4784] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   68.402183][ T4781] loop7: detected capacity change from 0 to 512
[   68.441168][ T4790] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[   68.493844][ T4793] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=4793 comm=syz.7.339
[   68.534853][ T4796] can0: slcan on ttyS3.
[   68.908781][ T4820] can0 (unregistered): slcan off ttyS3.
[   69.164263][   T29] kauditd_printk_skb: 313 callbacks suppressed
[   69.164294][   T29] audit: type=1326 audit(2000000028.410:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.7.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803e8aefc9 code=0x7ffc0000
[   69.194736][   T29] audit: type=1326 audit(2000000028.410:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.7.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803e8aefc9 code=0x7ffc0000
[   69.218120][   T29] audit: type=1326 audit(2000000028.420:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.7.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f803e8aefc9 code=0x7ffc0000
[   69.242325][   T29] audit: type=1326 audit(2000000028.420:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.7.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803e8aefc9 code=0x7ffc0000
[   69.265754][   T29] audit: type=1326 audit(2000000028.420:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.7.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803e8aefc9 code=0x7ffc0000
[   69.289879][   T29] audit: type=1326 audit(2000000028.420:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.7.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f803e8aefc9 code=0x7ffc0000
[   69.313230][   T29] audit: type=1326 audit(2000000028.420:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.7.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803e8aefc9 code=0x7ffc0000
[   69.337195][   T29] audit: type=1326 audit(2000000028.420:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.7.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803e8aefc9 code=0x7ffc0000
[   69.360614][   T29] audit: type=1326 audit(2000000028.440:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.7.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f803e8aefc9 code=0x7ffc0000
[   69.384604][   T29] audit: type=1326 audit(2000000028.440:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4824 comm="syz.7.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803e8aefc9 code=0x7ffc0000
[   69.498971][ T4850] FAULT_INJECTION: forcing a failure.
[   69.498971][ T4850] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.512245][ T4850] CPU: 1 UID: 0 PID: 4850 Comm: syz.7.348 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   69.512311][ T4850] Tainted: [W]=WARN
[   69.512319][ T4850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   69.512336][ T4850] Call Trace:
[   69.512343][ T4850]  <TASK>
[   69.512351][ T4850]  __dump_stack+0x1d/0x30
[   69.512379][ T4850]  dump_stack_lvl+0xe8/0x140
[   69.512417][ T4850]  dump_stack+0x15/0x1b
[   69.512439][ T4850]  should_fail_ex+0x265/0x280
[   69.512507][ T4850]  should_fail+0xb/0x20
[   69.512523][ T4850]  should_fail_usercopy+0x1a/0x20
[   69.512543][ T4850]  _copy_from_iter+0xd2/0xe80
[   69.512564][ T4850]  ? __build_skb_around+0x1ab/0x200
[   69.512597][ T4850]  ? __alloc_skb+0x223/0x320
[   69.512711][ T4850]  netlink_sendmsg+0x471/0x6b0
[   69.512746][ T4850]  ? __pfx_netlink_sendmsg+0x10/0x10
[   69.512774][ T4850]  __sock_sendmsg+0x145/0x180
[   69.512803][ T4850]  ____sys_sendmsg+0x31e/0x4e0
[   69.512844][ T4850]  ___sys_sendmsg+0x17b/0x1d0
[   69.512950][ T4850]  __x64_sys_sendmsg+0xd4/0x160
[   69.513032][ T4850]  x64_sys_call+0x191e/0x3000
[   69.513060][ T4850]  do_syscall_64+0xd2/0x200
[   69.513163][ T4850]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   69.513198][ T4850]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   69.513236][ T4850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.513352][ T4850] RIP: 0033:0x7f803e8aefc9
[   69.513370][ T4850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.513391][ T4850] RSP: 002b:00007f803d30f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   69.513414][ T4850] RAX: ffffffffffffffda RBX: 00007f803eb05fa0 RCX: 00007f803e8aefc9
[   69.513429][ T4850] RDX: 0000000024000000 RSI: 0000200000009b40 RDI: 0000000000000006
[   69.513443][ T4850] RBP: 00007f803d30f090 R08: 0000000000000000 R09: 0000000000000000
[   69.513458][ T4850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.513472][ T4850] R13: 00007f803eb06038 R14: 00007f803eb05fa0 R15: 00007ffe994e41b8
[   69.513521][ T4850]  </TASK>
[   69.536210][ T4852] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   69.773431][ T4879] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   69.792443][ T4877] loop5: detected capacity change from 0 to 512
[   69.890899][ T4884] loop7: detected capacity change from 0 to 8192
[   70.054343][ T3618] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   70.055219][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   70.539374][ T4915] loop6: detected capacity change from 0 to 512
[   70.750551][ T4941] loop6: detected capacity change from 0 to 512
[   70.777350][ T4941] EXT4-fs: Ignoring removed orlov option
[   70.817876][ T4946] SELinux:  Context � is not valid (left unmapped).
[   70.833002][ T4941] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   70.871695][ T4941] System zones: 1-12
[   70.877784][ T4941] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #13: comm syz.6.372: iget: bad i_size value: 12154757448730
[   70.895540][ T4959] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   70.900736][ T4941] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.372: couldn't read orphan inode 13 (err -117)
[   70.922198][ T4956] loop7: detected capacity change from 0 to 512
[   70.936670][ T4941] EXT4-fs mount: 38 callbacks suppressed
[   70.936706][ T4941] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.967689][ T4956] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.016304][ T3891] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.061046][ T3889] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.072215][ T4972] can0: slcan on ttyS3.
[   71.140144][ T4972] netlink: 60 bytes leftover after parsing attributes in process `syz.5.382'.
[   71.224557][ T5000] netlink: 4 bytes leftover after parsing attributes in process `wޣ��'.
[   71.233190][ T5000] netlink: 4 bytes leftover after parsing attributes in process `wޣ��'.
[   71.285040][ T4971] can0 (unregistered): slcan off ttyS3.
[   71.321807][ T5013] xt_hashlimit: max too large, truncated to 1048576
[   71.326862][ T5000] netlink: 4 bytes leftover after parsing attributes in process `wޣ��'.
[   71.337085][ T5000] netlink: 4 bytes leftover after parsing attributes in process `wޣ��'.
[   71.383456][ T5021] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   71.395282][ T5000] netlink: 4 bytes leftover after parsing attributes in process `wޣ��'.
[   71.403842][ T5000] netlink: 4 bytes leftover after parsing attributes in process `wޣ��'.
[   71.408797][ T5025] loop6: detected capacity change from 0 to 512
[   71.443313][ T5027] loop5: detected capacity change from 0 to 256
[   71.450376][ T5027] vfat: Bad value for 'uid'
[   71.455085][ T5027] vfat: Bad value for 'uid'
[   71.498239][ T5025] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.520656][ T5025] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.545098][ T5041] netlink: 4 bytes leftover after parsing attributes in process `syz.4.397'.
[   71.578162][ T5044] loop7: detected capacity change from 0 to 512
[   71.585440][ T5044] EXT4-fs: Ignoring removed orlov option
[   71.638145][ T5044] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   71.656923][ T5044] System zones: 1-12
[   71.677729][ T3889] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.720393][ T5044] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #13: comm syz.7.401: iget: bad i_size value: 12154757448730
[   71.734781][ T5044] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.401: couldn't read orphan inode 13 (err -117)
[   71.759985][ T5069] loop5: detected capacity change from 0 to 1024
[   71.768016][ T5044] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.793547][ T5065] loop4: detected capacity change from 0 to 512
[   71.800694][ T5063] netlink: 96 bytes leftover after parsing attributes in process `syz.0.405'.
[   71.811035][ T5069] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.845282][ T5065] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   71.874495][ T5065] EXT4-fs (loop4): orphan cleanup on readonly fs
[   71.881936][ T3891] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.901885][ T5065] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.406: corrupted inode contents
[   71.925953][ T3877] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.942278][ T5076] FAULT_INJECTION: forcing a failure.
[   71.942278][ T5076] name failslab, interval 1, probability 0, space 0, times 0
[   71.955003][ T5076] CPU: 1 UID: 0 PID: 5076 Comm: syz.0.409 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   71.955033][ T5076] Tainted: [W]=WARN
[   71.955039][ T5076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   71.955050][ T5076] Call Trace:
[   71.955056][ T5076]  <TASK>
[   71.955063][ T5076]  __dump_stack+0x1d/0x30
[   71.955087][ T5076]  dump_stack_lvl+0xe8/0x140
[   71.955113][ T5076]  dump_stack+0x15/0x1b
[   71.955186][ T5076]  should_fail_ex+0x265/0x280
[   71.955268][ T5076]  should_failslab+0x8c/0xb0
[   71.955359][ T5076]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   71.955390][ T5076]  ? __alloc_skb+0x101/0x320
[   71.955468][ T5076]  __alloc_skb+0x101/0x320
[   71.955567][ T5076]  ? selinux_capable+0x31/0x40
[   71.955596][ T5076]  alloc_skb_with_frags+0x7d/0x470
[   71.955653][ T5076]  ? capable+0x7c/0xb0
[   71.955675][ T5076]  ? mm_account_pinned_pages+0x47/0x230
[   71.955720][ T5076]  tcp_send_rcvq+0xef/0x2b0
[   71.955771][ T5076]  tcp_sendmsg_locked+0x27d0/0x2c00
[   71.955802][ T5076]  ? mntput_no_expire+0x6f/0x440
[   71.955882][ T5076]  ? __rcu_read_unlock+0x4f/0x70
[   71.955971][ T5076]  ? avc_has_perm_noaudit+0x1b1/0x200
[   71.955994][ T5076]  ? avc_has_perm+0xf7/0x180
[   71.956019][ T5076]  ? _raw_spin_unlock_bh+0x36/0x40
[   71.956046][ T5076]  ? __pfx_tcp_sendmsg+0x10/0x10
[   71.956091][ T5076]  tcp_sendmsg+0x2f/0x50
[   71.956117][ T5076]  inet_sendmsg+0x76/0xd0
[   71.956195][ T5076]  __sock_sendmsg+0x102/0x180
[   71.956218][ T5076]  __sys_sendto+0x268/0x330
[   71.956261][ T5076]  __x64_sys_sendto+0x76/0x90
[   71.956363][ T5076]  x64_sys_call+0x2d14/0x3000
[   71.956392][ T5076]  do_syscall_64+0xd2/0x200
[   71.956409][ T5076]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   71.956438][ T5076]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   71.956510][ T5076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.956549][ T5076] RIP: 0033:0x7f7fcc9eefc9
[   71.956640][ T5076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.956656][ T5076] RSP: 002b:00007f7fcb457038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   71.956674][ T5076] RAX: ffffffffffffffda RBX: 00007f7fccc45fa0 RCX: 00007f7fcc9eefc9
[   71.956685][ T5076] RDX: 00000000000fffff RSI: 0000200000000140 RDI: 0000000000000003
[   71.956704][ T5076] RBP: 00007f7fcb457090 R08: 0000000000000000 R09: 0000000000000000
[   71.956719][ T5076] R10: 00000000040008c1 R11: 0000000000000246 R12: 0000000000000001
[   71.956731][ T5076] R13: 00007f7fccc46038 R14: 00007f7fccc45fa0 R15: 00007ffda33a8978
[   71.956814][ T5076]  </TASK>
[   72.028315][ T5065] EXT4-fs (loop4): Remounting filesystem read-only
[   72.230901][ T5065] EXT4-fs (loop4): 1 truncate cleaned up
[   72.244284][   T90] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   72.254883][   T90] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   72.276429][   T90] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   72.294758][ T5065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.322785][ T5077] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.339292][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.454593][ T5077] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.539282][ T5077] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.642499][ T5077] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.682853][ T5105] loop4: detected capacity change from 0 to 512
[   72.711395][ T5105] EXT4-fs: Ignoring removed orlov option
[   72.733756][ T5105] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   72.741940][ T5105] System zones: 1-12
[   72.794427][ T5105] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.419: iget: bad i_size value: 12154757448730
[   72.831852][ T5105] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.419: couldn't read orphan inode 13 (err -117)
[   72.867905][ T5105] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.898859][   T31] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.912497][   T31] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.944796][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.015087][   T31] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.057165][   T31] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.071157][ T5132] xt_hashlimit: max too large, truncated to 1048576
[   73.106835][ T5132] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   73.168140][ T5145] FAULT_INJECTION: forcing a failure.
[   73.168140][ T5145] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.168188][ T5141] loop5: detected capacity change from 0 to 2048
[   73.181389][ T5145] CPU: 1 UID: 0 PID: 5145 Comm: syz.4.430 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   73.181435][ T5145] Tainted: [W]=WARN
[   73.181444][ T5145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   73.181479][ T5145] Call Trace:
[   73.181487][ T5145]  <TASK>
[   73.181497][ T5145]  __dump_stack+0x1d/0x30
[   73.181527][ T5145]  dump_stack_lvl+0xe8/0x140
[   73.181557][ T5145]  dump_stack+0x15/0x1b
[   73.181580][ T5145]  should_fail_ex+0x265/0x280
[   73.181691][ T5145]  should_fail+0xb/0x20
[   73.181714][ T5145]  should_fail_usercopy+0x1a/0x20
[   73.181866][ T5145]  _copy_to_user+0x20/0xa0
[   73.181901][ T5145]  simple_read_from_buffer+0xb5/0x130
[   73.181936][ T5145]  proc_fail_nth_read+0x10e/0x150
[   73.182045][ T5145]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   73.182157][ T5145]  vfs_read+0x1a8/0x770
[   73.182188][ T5145]  ? __rcu_read_unlock+0x4f/0x70
[   73.182223][ T5145]  ? __fget_files+0x184/0x1c0
[   73.182340][ T5145]  ksys_read+0xda/0x1a0
[   73.182374][ T5145]  __x64_sys_read+0x40/0x50
[   73.182465][ T5145]  x64_sys_call+0x27c0/0x3000
[   73.182499][ T5145]  do_syscall_64+0xd2/0x200
[   73.182529][ T5145]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   73.182568][ T5145]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   73.182648][ T5145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.182679][ T5145] RIP: 0033:0x7feb9cc8d9dc
[   73.182700][ T5145] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   73.182725][ T5145] RSP: 002b:00007feb9b6ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   73.182749][ T5145] RAX: ffffffffffffffda RBX: 00007feb9cee5fa0 RCX: 00007feb9cc8d9dc
[   73.182843][ T5145] RDX: 000000000000000f RSI: 00007feb9b6ef0a0 RDI: 0000000000000006
[   73.182859][ T5145] RBP: 00007feb9b6ef090 R08: 0000000000000000 R09: 0000000000000000
[   73.182929][ T5145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   73.182946][ T5145] R13: 00007feb9cee6038 R14: 00007feb9cee5fa0 R15: 00007fff8dd4f488
[   73.182972][ T5145]  </TASK>
[   73.292181][ T5134] loop7: detected capacity change from 0 to 8192
[   73.424622][ T5134] msdos: Unknown parameter '��U���־7��g�
[   73.424622][ T5134] ��9J�W��Am�FU��`�
^sd�?�V�/�D��“�d��W��՛� ���N�{���>��q���䍁by�&���f>`�% J^PeUUXu�t_��O���d�9g_��3�}���X'
[   73.472661][ T5159] loop5: detected capacity change from 0 to 512
[   73.480956][ T5159] EXT4-fs: Ignoring removed orlov option
[   73.497060][ T5134] netlink: 'syz.7.431': attribute type 21 has an invalid length.
[   73.504351][ T5159] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   73.512890][ T5159] System zones: 1-12
[   73.518474][ T5159] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #13: comm syz.5.437: iget: bad i_size value: 12154757448730
[   73.531340][ T5159] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.437: couldn't read orphan inode 13 (err -117)
[   73.544014][ T5159] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.606458][ T3877] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.625638][ T5169] loop4: detected capacity change from 0 to 512
[   73.632275][ T5169] EXT4-fs: Ignoring removed orlov option
[   73.642534][ T5169] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   73.659451][ T5169] System zones: 1-12
[   73.663607][ T5169] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.441: iget: bad i_size value: 12154757448730
[   73.665422][ T5164] syz.7.438 (5164) used greatest stack depth: 9496 bytes left
[   73.676518][ T5169] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.441: couldn't read orphan inode 13 (err -117)
[   73.677124][ T5169] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.743862][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.746940][ T5176] loop7: detected capacity change from 0 to 1024
[   73.766946][ T5176] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.812370][ T5184] loop4: detected capacity change from 0 to 1024
[   73.827966][ T3891] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.856303][ T5184] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.900009][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.923300][ T5201] loop4: detected capacity change from 0 to 512
[   73.932224][ T5201] EXT4-fs: Ignoring removed orlov option
[   73.951196][ T5201] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   73.964965][ T5201] System zones: 1-12
[   73.970341][ T5196] loop7: detected capacity change from 0 to 8192
[   73.977996][ T5201] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.447: iget: bad i_size value: 12154757448730
[   73.988559][ T5196] FAULT_INJECTION: forcing a failure.
[   73.988559][ T5196] name failslab, interval 1, probability 0, space 0, times 0
[   74.003183][ T5196] CPU: 1 UID: 0 PID: 5196 Comm: syz.7.446 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   74.003222][ T5196] Tainted: [W]=WARN
[   74.003230][ T5196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   74.003257][ T5196] Call Trace:
[   74.003264][ T5196]  <TASK>
[   74.003319][ T5196]  __dump_stack+0x1d/0x30
[   74.003346][ T5196]  dump_stack_lvl+0xe8/0x140
[   74.003371][ T5196]  dump_stack+0x15/0x1b
[   74.003392][ T5196]  should_fail_ex+0x265/0x280
[   74.003414][ T5196]  ? alloc_pipe_info+0xae/0x350
[   74.003446][ T5196]  should_failslab+0x8c/0xb0
[   74.003556][ T5196]  __kmalloc_cache_noprof+0x4c/0x4a0
[   74.003672][ T5196]  alloc_pipe_info+0xae/0x350
[   74.003703][ T5196]  splice_direct_to_actor+0x592/0x680
[   74.003735][ T5196]  ? kstrtouint_from_user+0x9f/0xf0
[   74.003760][ T5196]  ? __pfx_direct_splice_actor+0x10/0x10
[   74.003826][ T5196]  ? __rcu_read_unlock+0x4f/0x70
[   74.003852][ T5196]  ? get_pid_task+0x96/0xd0
[   74.003873][ T5196]  ? avc_policy_seqno+0x15/0x30
[   74.003946][ T5196]  ? selinux_file_permission+0x1e4/0x320
[   74.004019][ T5196]  do_splice_direct+0xda/0x150
[   74.004048][ T5196]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   74.004086][ T5196]  do_sendfile+0x380/0x650
[   74.004132][ T5196]  __x64_sys_sendfile64+0x105/0x150
[   74.004221][ T5196]  x64_sys_call+0x2bb4/0x3000
[   74.004248][ T5196]  do_syscall_64+0xd2/0x200
[   74.004270][ T5196]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   74.004337][ T5196]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   74.004388][ T5196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.004484][ T5196] RIP: 0033:0x7f803e8aefc9
[   74.004503][ T5196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.004545][ T5196] RSP: 002b:00007f803d30f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   74.004564][ T5196] RAX: ffffffffffffffda RBX: 00007f803eb05fa0 RCX: 00007f803e8aefc9
[   74.004583][ T5196] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[   74.004595][ T5196] RBP: 00007f803d30f090 R08: 0000000000000000 R09: 0000000000000000
[   74.004606][ T5196] R10: 000000007a680000 R11: 0000000000000246 R12: 0000000000000001
[   74.004617][ T5196] R13: 00007f803eb06038 R14: 00007f803eb05fa0 R15: 00007ffe994e41b8
[   74.004712][ T5196]  </TASK>
[   74.134356][ T5201] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.447: couldn't read orphan inode 13 (err -117)
[   74.254530][ T5201] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.318799][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.338132][   T29] kauditd_printk_skb: 263 callbacks suppressed
[   74.338147][   T29] audit: type=1326 audit(2000000033.640:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5233 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   74.457632][   T29] audit: type=1326 audit(2000000033.680:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5233 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   74.481012][   T29] audit: type=1326 audit(2000000033.680:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5233 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   74.505051][   T29] audit: type=1326 audit(2000000033.680:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5233 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   74.528400][   T29] audit: type=1326 audit(2000000033.680:1825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5233 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   74.552362][   T29] audit: type=1326 audit(2000000033.680:1826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5233 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   74.575689][   T29] audit: type=1326 audit(2000000033.680:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5233 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   74.599686][   T29] audit: type=1326 audit(2000000033.680:1828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5233 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   74.623294][   T29] audit: type=1326 audit(2000000033.680:1829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5233 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   74.647237][   T29] audit: type=1326 audit(2000000033.680:1830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5233 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f7fcc9eefc9 code=0x7ffc0000
[   74.718075][ T5276] loop4: detected capacity change from 0 to 512
[   74.763006][ T5283] loop7: detected capacity change from 0 to 512
[   74.771102][ T5276] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.788663][ T5283] EXT4-fs: Ignoring removed orlov option
[   74.805444][ T5283] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   74.814991][ T5283] System zones: 1-12
[   74.820619][ T5283] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #13: comm syz.7.461: iget: bad i_size value: 12154757448730
[   74.848308][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.862315][ T5295] IPv6: Can't replace route, no match found
[   74.876060][ T5283] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.461: couldn't read orphan inode 13 (err -117)
[   74.888559][ T5283] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.910649][ T5300] loop4: detected capacity change from 0 to 512
[   74.929757][ T5300] EXT4-fs: Ignoring removed orlov option
[   74.972126][ T3891] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.989533][ T5300] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   75.006733][ T5308] loop5: detected capacity change from 0 to 512
[   75.015002][ T5300] System zones: 1-12
[   75.020731][ T5308] EXT4-fs: Ignoring removed orlov option
[   75.029723][ T5300] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.462: iget: bad i_size value: 12154757448730
[   75.057395][ T5300] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.462: couldn't read orphan inode 13 (err -117)
[   75.070072][ T5300] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.083340][ T5308] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   75.099561][ T5308] System zones: 1-12
[   75.109631][ T5308] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #13: comm syz.5.464: iget: bad i_size value: 12154757448730
[   75.123239][ T5308] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.464: couldn't read orphan inode 13 (err -117)
[   75.125365][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.151489][ T5308] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.233502][ T3877] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.255262][ T5332] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=5332 comm=syz.4.467
[   75.304272][ T5345] loop4: detected capacity change from 0 to 512
[   75.355943][ T5355] loop5: detected capacity change from 0 to 512
[   75.363446][ T5345] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.386631][ T5355] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.399772][ T5351] netlink: 'syz.0.470': attribute type 4 has an invalid length.
[   75.412287][ T5351] netlink: 'syz.0.470': attribute type 4 has an invalid length.
[   75.421521][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.469958][ T3877] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.659721][ T5393] loop4: detected capacity change from 0 to 512
[   75.667610][ T5393] EXT4-fs: Ignoring removed orlov option
[   75.688963][ T5393] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e80ee11c, mo2=0002]
[   75.697277][ T5393] System zones: 1-12
[   75.704967][ T5393] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.478: iget: bad i_size value: 12154757448730
[   75.719671][ T5393] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.478: couldn't read orphan inode 13 (err -117)
[   75.733475][ T5393] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.303077][ T5415] netlink: 12 bytes leftover after parsing attributes in process `syz.7.487'.
[   76.525171][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.130886][ T5437] loop4: detected capacity change from 0 to 1024
[   77.148663][ T5437] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.212641][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.249772][ T5444] loop4: detected capacity change from 0 to 1024
[   77.340691][ T5444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.551240][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.021225][ T5468] loop7: detected capacity change from 0 to 512
[   78.050659][ T5470] loop4: detected capacity change from 0 to 512
[   78.059009][ T5471] loop6: detected capacity change from 0 to 1024
[   78.069191][ T5470] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.501: inode has both inline data and extents flags
[   78.089846][ T5468] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.104869][ T5470] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.501: couldn't read orphan inode 15 (err -117)
[   78.131714][ T3742] ==================================================================
[   78.133457][ T5470] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.139842][ T3742] BUG: KCSAN: data-race in fill_mg_cmtime / shmem_mknod
[   78.139889][ T3742] 
[   78.139894][ T3742] write to 0xffff88811add6f74 of 4 bytes by task 4707 on cpu 1:
[   78.139909][ T3742]  shmem_mknod+0x137/0x180
[   78.139933][ T3742]  shmem_create+0x34/0x50
[   78.178470][ T3742]  path_openat+0x1105/0x2170
[   78.183077][ T3742]  do_filp_open+0x109/0x230
[   78.187591][ T3742]  do_sys_openat2+0xa6/0x110
[   78.192190][ T3742]  __x64_sys_openat+0xf2/0x120
[   78.196962][ T3742]  x64_sys_call+0x2eab/0x3000
[   78.201647][ T3742]  do_syscall_64+0xd2/0x200
[   78.206155][ T3742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.212063][ T3742] 
[   78.214385][ T3742] read to 0xffff88811add6f74 of 4 bytes by task 3742 on cpu 0:
[   78.221966][ T3742]  fill_mg_cmtime+0x5b/0x260
[   78.226589][ T3742]  generic_fillattr+0x24a/0x340
[   78.231455][ T3742]  shmem_getattr+0x181/0x200
[   78.236052][ T3742]  vfs_getattr_nosec+0x146/0x1e0
[   78.241005][ T3742]  __se_sys_newfstat+0x96/0x2e0
[   78.245865][ T3742]  __x64_sys_newfstat+0x31/0x40
[   78.250737][ T3742]  x64_sys_call+0x2768/0x3000
[   78.255433][ T3742]  do_syscall_64+0xd2/0x200
[   78.259946][ T3742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.265843][ T3742] 
[   78.268171][ T3742] value changed: 0x1908b3b4 -> 0x19a14a34
[   78.273885][ T3742] 
[   78.276205][ T3742] Reported by Kernel Concurrency Sanitizer on:
[   78.282359][ T3742] CPU: 0 UID: 0 PID: 3742 Comm: udevd Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   78.293209][ T3742] Tainted: [W]=WARN
[   78.297007][ T3742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   78.307069][ T3742] ==================================================================
[   78.330291][ T5471] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.366423][ T3891] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.405254][ T3889] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.827600][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.