last executing test programs:

2.283756793s ago: executing program 3 (id=1199):
r0 = socket$inet(0x2, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES16=r1, @ANYBLOB="0000000000000000b70300000088b000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x67}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r3 = openat$selinux_create(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
pwrite64(r3, &(0x7f0000000000)="3703c70f70e244b7878fedf0c0c6c2ff2f524255d61dbfb25921e3d3686454b93e5842722103c5c67b0da4173b9e63544ee1f32fc67080b7b83c0a31", 0x3c, 0x2)
getsockopt$inet_int(r0, 0x84, 0xb, 0x0, &(0x7f0000000080))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000010000ebff0000b5baff2778dd9a8d25af19fcb7f000000000000100000000000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00'}, 0x18)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000800)={'filter\x00', 0x104, 0x4, 0x3c8, 0x110, 0x110, 0x110, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@empty, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac}, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 'dvmrp0\x00', 'netdevsim0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010101, 0x8, 0x1}}}, {{@arp={@loopback, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg0\x00', 'veth0\x00', {}, {}, 0x0, 0x20}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x80ca, 0x8}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)

2.175436227s ago: executing program 3 (id=1203):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}}], {0x14, 0x10}}, 0x5c}}, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2020000}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r5, 0x0, 0x3}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=")
r6 = open(&(0x7f0000000000)='./file1\x00', 0x143142, 0x80)
sendfile(r6, r6, 0x0, 0x1000000201205)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x78, 0x2c, 0xd27, 0xfffffffc, 0xfbff, {0x0, 0x0, 0x0, r8, {0xc, 0xfff1}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x48, 0x2, [@TCA_FLOW_EMATCHES={0x44, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x38, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x34, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x20, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x2}, {0x0, 0x7, 0x2}}}, @TCA_EM_META_RVALUE={0x6, 0x3, [@TCF_META_TYPE_VAR="5bb4"]}]}}]}]}]}}]}, 0x78}}, 0x20040054)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26, 0x0, 0x8}, 0x28)

1.945142458s ago: executing program 1 (id=1207):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'vxcan1\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000080004000000000004000500a9930000100000000000000020"], 0x24, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002c80)='/proc/sysvipc/shm\x00', 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r6, 0x6b396000)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace(0x8, r7)
r8 = syz_pidfd_open(r7, 0x0)
process_mrelease(r8, 0x700000000000000)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000040)={&(0x7f0000000440)={0xa04, r2, 0x10, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0xa4, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x3c, 0x4, "47d24f012657797351873c151eb85ad11e7a6fcde4f2f5a57efa1c202213bd60e99f67d3d5d9330e7fed862dc9b3e03f9aaf886c77e50b91"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x18, 0x5, "1f0121ac475d84da4e5f1716fc1b5545cc5d1ec3"}, @ETHTOOL_A_BITSET_BITS={0x30, 0x3, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '*[\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffb44}]}]}]}, @ETHTOOL_A_FEATURES_WANTED={0x308, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x34, 0x4, "60c71d6c968045b845053c8f6bab93abf3682cef85dd134f7583d5723263064d7852189951830138a9841a6284f6f710"}, @ETHTOOL_A_BITSET_MASK={0xc0, 0x5, "34c83a2eeb73b7247a0dcb8540c1994bb968107895819161afbf44f28cc539976f633431f0a3592ccff47cb3c488a143ab9f1fa824a1c90ac52768394c1f5ed848acdd38462fd1567c8b50df2be0924fbd68d993d4b4e7c8d814419481f8ffbc6598f39f9c4813973e140eee7e63925660522e6c09e6bbddb3de2d42d76ec57e6e4ee2252d3b93d7e5d0edb3c364df4b15da6b6bd9b142b677c9233bfa99a5d988ac4626c4e36783dd5962f950eec0738ff2a83a2b60b7c0c59a5190"}, @ETHTOOL_A_BITSET_BITS={0x11c, 0x3, 0x0, 0x1, [{0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '-[\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '{]${:\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ':\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '@@)\'-(\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x18, 0x2, '}-\'-(/}$&(\\@%/%/&/{\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x55}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '#^\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '-+.\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '&%\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '@.+\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_MASK={0xf0, 0x5, "1b045da140760f5886b8c7ad814c798dfb046cba0008922d2dafc8012db263f45b19e9ffc27ab3bb3d81e095d918a3afe371aefefabf6970b823aceeb346fcd79192ef9574b5ceb2c14d9454820e5480aae841f60654f99db06918e1be102a3c68905b076ad816a62625a3be4b2df741c8eb13cdeea5cb07a19f52aa1ce81445a6825eb6e969007239c6eeb5a1bcb5ba7b2af5b0be83d68473fb0a6cecf71dcbb86df02c32cf06946be504b2491ad9fc07d9dc35b644f05101e20c5108a1d9b9d59520d953562d3594ec7e85fbd0ea551d51d54cf3254d3cb9a60923708a73a3e9583177db21caff888a4df4"}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_WANTED={0x5b4, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x178, 0x3, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000000}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '+,-\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '$.\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '$\\((\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '#{\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '+\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000000}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '*C\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '[\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffb}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ':\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, ',\',(/]$\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xdf69}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ',@!\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '/\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '+{*\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '-\xa1\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}]}]}, @ETHTOOL_A_BITSET_VALUE={0xc1, 0x4, "ae8f976ec1a2e26c8122eb86055632b31b1c8405ee8efcc75513d6c011aaacb8f74c17e1376b1dc0df76210ba8a6487a8e91feea029cea4f95a7bbe516d8bc3b80578a025cfdf42b0851d935f427e7fb2f1a9f8bf09004b17fa43e65511f010943091c6524f682dc6e8e443ef8e80df26e6aaf9d91d05d77f17a4d4e89b819eb00e3c90170dffde600a0a8b3f76604493e47cfb2d46a276ae62036b675ee7704e5f19cd3e9614b653fbc2f88c2ec87e43b1ff9bd7d6110a8f0444208a8"}, @ETHTOOL_A_BITSET_VALUE={0xe7, 0x4, "ce8251a5165d693e09dfe5a07f45907ed71e89960e6e9366794f6e75df5a75144267d36ffa3b875deb14922a5a6ed667ca1ca16ac20dd1a71d6ba03d2258fb44e1c6e3a9ae6d1999e632301cc61d5eaaff2f5c82107cf46004d2f5c9ede9b17b7728f5ac6add3ff9b18d2310b6dcc4446a62bea971ab861195ae171b1e687af2a147ca7a8d0393072793b1bc43ed079d2a560359871a93b7a329f7e4ca0682bf2d83175c6572ababb0c042858f43fd7331d09d496a31d6c293f8920100e31c6d9b4ffe741b0de139f6a75c0eb8afae5ac1f6ada72b3b244ef4b8df7e2c8d48bf2dd44a"}, @ETHTOOL_A_BITSET_BITS={0xc0, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '-\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x81}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1580}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ']\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x16, 0x2, '#%#:)[%![]!+{][-\'\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x200}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5f}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3ff}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffffff81}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '#/$\x00'}]}]}, @ETHTOOL_A_BITSET_MASK={0xab, 0x5, "2a624624bc247555b29c3ffa8c9cabc03f72263e205b6734208eb3576314a177a176fb8ef9837340d548289ccc63a40b576a18aef54da9bdfc9954e55bb4e985963affa144d28f5f69d54a32ba8b4639f19203ee684b8f1079ee8cabe613ca366d086e32ccf002f4bec1b8f5b90f5a76ce7745e16bfac6e08729937ec62229484e1fe63bd711a8a432adaad099dca2edb3fe7d3f9bcf9f1962e0022fa5946993bd4fe0303068cd"}, @ETHTOOL_A_BITSET_BITS={0x44, 0x3, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '*\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '^&!\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '-!\\\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_MASK={0xd9, 0x5, "d02247102a3fe3a3d8c9f8a46c37485c8182f7b5811ece9804bdd71d8839d6356f3377fb7216f00e8fd3bd43aaae9c9bb2b479d05da4a86bb4aa4080208002dd3d76b82b2e8d91bd33b3c5550d1d54c7e4e364d59c83801ddf0750306c61cd4091544efa3e077c0cd58bdb472f9cfcde6f46b61e9cb1f17b44d0b15f050153248bc0dcf6deaf9642d06ba9b8b5c12544ac5f5f21ad8709c089ff9973f919f182993c18a2549340dbef5e24813c7a0dfc7a7dc000d56da1408edbf31efdfb084fbd7d911a9773ef23aca6ddedee0a93af93e3ada617"}]}, @ETHTOOL_A_FEATURES_WANTED={0x90, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8c, 0x3, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb71}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '^*%\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffe00}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fff}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '@\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xd}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffffffff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}]}]}]}, 0xa04}, 0x1, 0x0, 0x0, 0x904}, 0x4000)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000140)={@multicast2, @loopback}, 0x10)

1.696321138s ago: executing program 0 (id=1211):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000240)={[{@noblock_validity}, {}, {@oldalloc}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@grpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x19, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x20000002}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @ldst={0x1, 0x2, 0x2, 0x7, 0x1, 0xfffffffffffffffe, 0x1}, @call={0x85, 0x0, 0x0, 0xa8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0xcc55}, @alu={0x4, 0x0, 0x8, 0x4, 0x7, 0x30, 0xfffffffffffffff0}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3ff}, @exit], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0x6a11, 0x63, &(0x7f00000001c0)=""/99, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0x3, 0x7, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r4, 0x0)
r5 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x1e9)
pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00'})
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0x20000045, &(0x7f0000000140)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000001000010440000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="421c0000000000001c001280090001007866726d1a0000000c0002800800010001000000"], 0x3c}}, 0x0)

1.075451094s ago: executing program 0 (id=1215):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xffffffff}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f00000003c0), 0x400)

1.026659747s ago: executing program 0 (id=1217):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4402000012000100000000991e7efa4d674b34cbc1cca80000000000ac141400000000000000000000000000000000000000000014000d00200100000000000006000000c2a6678edd9d3d6b02209b234814d4da07541f73ea9a14187b218777c00ca8222aa581e9"], 0x44}}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r2, &(0x7f00000004c0)={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x482}, 0x1c)
readv(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @remote, 'geneve0\x00'}}, 0x1e)
r4 = socket$l2tp(0x2, 0x2, 0x73)
sendmsg$sock(r4, &(0x7f0000000980)={&(0x7f0000000300)=@nl=@unspec, 0x80, 0x0}, 0x8004)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
connect$pppoe(r3, &(0x7f0000000040)={0x18, 0x0, {0x0, @empty, 'netpci0\x00'}}, 0x1e)

1.017342987s ago: executing program 1 (id=1218):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000fd2000/0x2000)=nil, 0x2000, 0x3000009, 0x10, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
syz_usbip_server_init(0x6)

980.444898ms ago: executing program 4 (id=1219):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1}, 0x18)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000580)="d8000000200081044e81f782db44b90402000000e8fe55a11800150006001c0000000e120900100000000401a80016000a0011400600000003080000004dcf5c0468c1d67f6f94007134cf6ee08088568ab35d6e7016bb234841ef52b49816277ce06bbace806069438e6fb599e0ced72a6ba86cf917cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b10d414f00004d9db22fe7c9f8775730d16a4683f1aea4edbb57a5025ccca9e00360db70100000040fad95667e006d8df969b3ef35ce34d4a13821f4fbb9ad809d561cdce81ed0bffece0b42a9e", 0xd8}], 0x1}, 0x0)

919.187382ms ago: executing program 0 (id=1220):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={&(0x7f0000000340), 0x7}, 0x4, 0x0, 0x10000, 0x7, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x200000000c0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1d)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r2)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r4, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000400))
syz_mount_image$iso9660(&(0x7f0000000780), &(0x7f0000000100)='./file7\x00', 0x21488b, &(0x7f0000020100)=ANY=[@ANYBLOB='map=acorn,sbsector=0x0000000000000000,uid=', @ANYRESDEC=0x0, @ANYBLOB="0000b18eb07a9dbec07d91edf772ce16e8f4545927e1e38533740c5b1da10b839e273fa468d364205a63adda5262cda8e690d1049c884d79e243210c733da8adfb6db6f3b3464aca805a08f3cacf9bce83fd7888eb1f09a8a7f55959926a7fd5ac27fd519bccdcfda872f503656169", @ANYBLOB="8e923b81c8172f5a", @ANYBLOB="48aa122ce7bad1d4005fd66df97f8ec44bbc8f22ca2298ce346671617bb371da3c639abd9ee548b49a9c10009f28579f82efb3cf18d7e4f7d0cda9f6feec4c5df95db277defa1414ccf2075e6fd144cdc78c1f843f1574502ce415c27f3cec8893fe5950104e7d7b43440fd107294cf00fe8000000000000", @ANYRESOCT], 0x1, 0x65f, &(0x7f000001fa80)="$eJzs3V1rG9kdx/HfyLKsuBBKW5YQ8nCSdMGhqSLJGweRQquOjuzZlTRiRm5tKCzpxl5C5GybpND4ZslNH2D7BvZub5bSF1HoZem76GVhae8WejPLPMiyLcmyHcXZ3Xw/Jp6jmf/M+Z8zyhzG0swIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIcRvlcsVRy+usb5jJ3Ebgt5PSnKTR5enW5nUzLdwcU9XnB+qVnPifikVdSGdd+MFw8Vvxr+u6lL66pGI8KWr3O299997387nB+kckfBqKxrbtsEKWpDFPn+8+ut/vbz2ZcSJfA8odI2jVdrzQ99r1VWu80De1lZXy7bVmaJpeQeFm2LNt4wY21/MDs+TeNJVabdnY0qa/3llt1Ft2MPPuj6vl8op5dyHr2dvvlkJ3zWu1vM5qEhMvjmPumk9+lYbYetuY7Yf9reVpScZBleMEVacFVcvVaqVSrVZW7tTu3C2X8yMzyodoJGLmb1p8w8zu4A28pFw8/v/bkVoqqqN1bciM/XHVUCBf7QnLM4Px/+3b9sh694//g1H+wnDxRSXj/5X01ZVJ4/+EXIxMssK4Jc6E+af7earn2tUj3VdffW3pyWy2e3V2Gb7an1UpL3kK5ctTW3Wtyspkc4xqWtGKynpfa2oqlFFTnlqyCrWpUD1ZtZN9EsiqnpRiS3J1U0YV1VTTsoysStqUr3V1tKqG6voyiqJtPUz6ffmIHDUIqhwnqHpE0KTx/9cfp1lPHf8dMf5/qw2OX8eJAV67KDv/P6GrryYbAAAAAADwKjjJX9+d5LP7y5IiNb2WLb/utAAAAAAAwAwln/xfiifzcemynAnn/9HZ5wYAAAAAAGbDSa6xcyQtJl/qd4ZXQh3nSwBzZ5AiAAAAAAB4Scnn/1cKUpTce+2qnBOd/wMAAAAAgG+AP+27x35+cI/daPCxfk5S2F1w/v7fBQXzzovuxg+dnXq8pL6TxYx8A6DXvOicz27Um0wKkpJXrr3kXE6DsptgOoPVv9iedq9/JziUQGFu8OeLaQms5LNX+kTX0phrxXT6YDenZElay2LTa9mS67fuVVSvn8/17Ebvd48f/l4K9tq5/bC/Vfrgo/6DJJcX8awXO3EeHx9IJzctl2fK+uLy2BafU3NQ5Z877UUnqbc8aP+c6ju5/RUdr/1/0PU05vpiOl3cVdYTSfuLcfsrpWSXDVsft+rTvw5bXznc8nE7YkIWxSSLG2nMjaUb6WSQX5bFj+akaunwPijEb8FhX1T3ZzG9L5z/jfTFlCzivliOs/hHvKHhO+FAFssny2JkjwDA67I9HIWSm5iP3mP/8Lh7mqPc9NH9ZwdrefZplF5wOCfls88mjqylqPiI/t6XUULJgTV/ce8ou3NN+qekli1n40pRE47o5ZcY3eK6/jZ8BlKW9si48v8oiu5Vknr/sldvOqp+Fq/w2cR6w1Z1Lu7C2892fqOssdGHWx9uPa5Wl1fK75TLd6qaT5qRTRh7AABjTH/GztQI5529s+oH/3k7LR0Y8b6395WCkj7QR+rrgW4NHiFwdfxWF/d9DeHW6FlrHHtOOhxb0a2JZ3XJWJrG/nKz8NM0KPk9r8EqB0fq4XaXX+k+AADgrF2vZYUJ4/Bxxv9bWkojli7uO+/eO2c/NJYffkLwpDG3cmZ9AADAm8YGXziLvT86QeB136/UapV6b82awHffM4HXWLXG6/Rs4K7VO6vWdAO/57t+y3QDLXgNG5pwvdv1g55p+oHp+qG3YZpey5rs0e+hbdc7Pc8Nuy1bD61x/U6v7vZMwwtd013/ecsL12yQrBx2res1Pbfe8/yOCf31wLUlY0Jr9wV6DdvpeU0vLnZMN/Da9WDT/MJvrbetadjQDbxuz083OKjL6zT9oJ1stqToxA86BADg2+jp891H9/v9rSeTCskZ/ZSYYaEwboODuvjEGQCAr4fRUXqi4pkkBAAAAAAAAAAAAAAAAAAAAAAARky/pO+EhflxFwtKe3N+e/5Y23E068ROUsidfvV/HRFzbm/OoPv3x7x4DS1VWsjPfsvnTnLZ6AwKP9lOe3RiTLxw7KKFvX2Rn/1/h7jw+PMJi6Ioio5efeFgHxaOauDBQl7Sk8JpdwGX6gJvgK8CAAD//276Rg4=")
r5 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_mreq(r6, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff09004500001c000000008002907800000000e000030000009078006400d2"], 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_GET(r8, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800002}, 0xc, &(0x7f0000000380)={&(0x7f0000000740)={0x170, r9, 0x8, 0x70bd27, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xffffffff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xcc}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x6}}]}, 0x170}, 0x1, 0x0, 0x0, 0x4008801}, 0x20008000)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', <r10=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r10, {}, {}, {0xfff3}}}, 0x24}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r7, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r11}, 0x10)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), r12)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r12, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000010c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="010300000020000000ee15660000080006000200000018000180140002007665746830"], 0x34}}, 0x44800)
sendmsg$NFC_CMD_DEP_LINK_UP(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)

901.716581ms ago: executing program 0 (id=1221):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0x60, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000004c0)='kfree\x00', r1}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
msgsnd(0x0, 0x0, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b000000", @ANYBLOB, @ANYRES16=r2], 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
syz_emit_ethernet(0xcc, &(0x7f0000000980)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @generic={{0x9, 0x4, 0x2, 0x8, 0xbe, 0x68, 0x0, 0x7, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x18}, @loopback, {[@lsrr={0x83, 0xf, 0x27, [@broadcast, @broadcast, @loopback]}]}}, "4100c172acc9158ff14d1a26ed91e8e6bebb47e9ddb204ccc1fde3c537cb5ee0e6404df7fade535b0a774d61eaccc0af0d00000000000000fe9ce21d791d05295dff7f0000a7bbc8cf743dcadd55f408bb1b43426ed3a458a95a4b145a0f34dc173dc1de49047808b2a6121453e31e3aac6f5f39864428e70a817187a88116e19c77bce702f602ab6ee9dde6a5cc17b7b70d47ccb4186d4f4d16"}}}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r4, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x4000010)

891.909452ms ago: executing program 4 (id=1222):
r0 = syz_io_uring_setup(0x1104, &(0x7f00000004c0)={0x0, 0xfffffffd, 0x1000, 0xfffffffe, 0xcb}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1fc, 0x0, 0x1})
io_uring_enter(r0, 0x47fa, 0xfd5d, 0x200000000000000, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x200, 0x21db}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x1034}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="09000000020018006d0500000200000000000000", @ANYRES32, @ANYRES64=0x0, @ANYRESOCT=r5, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2f4, &(0x7f0000000900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOn8oKVMKYVKEb6fhMxhzj3tvZ2SnNt02Lrz+nEhZ2k5vSLBmJKAiMi2yIgExRNwj0E7jkqzF3Jx8NvH/2/dvXcjnclMzig1lZ69lFJKDY++e/Is7g5bH5DNkQdbX1NfNv/e/Hfr5+yjvKXyliqWKkpXc6XPFX3ONNRC3ipoSk2bhm4ZKl+0jLKTLzn5nFlaXKwqvbgwlFgsG5al9GJVFYyqqpRUpVxVoYd6vqg0TVNDCUEn2ZWZGT19yOL5Hk8Gv0m5nNZDIhLfk8mu9GVCAACgr1r7/6CoXvb/q+c2KoO314bd/n896tf/X/7kPNau/j8mIr79v/f8vv2/3l3/v7cjOluO1P/jZBiN7jkVaIT1ZDmtJ9y/X9vL+6tjdkD/DwAAAAAAAAAAAAAAAAAAAADAn2C7VkvWarWkd/R+6rmYiDT/3iIkIlePf8bopXbXf6Dz9ccp0LhxLzwsYr5ayi5lnaM7YENETDFkTJLyw34/uOqxd+eRqhuR9+ayW7+8lA3ZmXRO8nb9uCQj0lpfq01dz0yOK8fu+ogkmutTkpS//OtTvvVRuXC+qV6TpHyYl5KYsmDPo1H/fFypazczLfVxexwAAAAAAKeBpnb47t81rV3eqd/ZX7d+PhBq7K/HfPfnYfkv3N+1AwAAAABwVljVpwXdNI3yPkFcOo9xgsgBxrQG4W4GdxF4Kzxolfddhh5P42CB9+S7UjH3ZM9flkAXL0ubICiHqRqtr0YddRXex0btxsj0xPFfQTv4583b7717wCtrsQ4rPXwQ2v8NEHG//gUAAADgFGk0/d6Zif5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+g4/jtav9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//9p2gTn")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)

846.507735ms ago: executing program 0 (id=1223):
r0 = msgget$private(0x0, 0x190)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x24000000)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
msgctl$IPC_INFO(r0, 0x3, &(0x7f0000000380)=""/157)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000180)={0xa, 0x4e22, 0x8, @loopback}, 0x1c)
listen(r4, 0x5)
accept4(r4, &(0x7f0000000240)=@x25, 0x0, 0x80800)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0xfffffffe}, 0x1c)

661.886412ms ago: executing program 4 (id=1224):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r2, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)

601.462445ms ago: executing program 4 (id=1226):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
semop(0x0, 0x0, 0x0)
r3 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000005980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@rights={{0x14, 0x1, 0x1, [r5]}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0x38, 0x800}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80)=[@rights={{0x14, 0x1, 0x1, [r5]}}], 0x18, 0x40810}}], 0x2, 0x0)
recvmsg(r4, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)

529.751568ms ago: executing program 4 (id=1229):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
write$cgroup_pid(r1, 0x0, 0x0)
r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, 0x0, 0x0)

486.35104ms ago: executing program 4 (id=1230):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3M9rHGUfAPDvTJO2b5v33bzgQTwJFSvUTtJU7UmIeC4U+gfUsJmEkEk2ZDe1iQFbDx4EQUXwRy/6H3hRBC+l/4MieFPwIGhN40HwsLKT3a1ud9PYJl2onw/Mzvd5Zme+zzc7PGRgnw3gX+vJ1ksSMRYRFyKi0u5PI+JwGR2NuLrzvttbm9Xtrc1qEs3mxVtJ67Syr3OtpL0/HuUp8XhE3ByNOPXG3Xnr6xuLM0WRr7bbE42llYn6+sbphaWZ+Xw+X56anDx79oWp55+b3Lda337ts1/e+vLlrz8+t/THi7eenU1iuqw7eurYTzt/k9GY7ulfPohkQ9RsNpvDHgMAAPeWlv+dRoyU+0ocKiMAAADgUdI80gQAAAAeeUkMewQAAADAwep8D+D21ma1sz3M7x/8/FJEjN9ZW7zdzT9SriGOOFquTzi2nfxtZUKycxo8kKvXIuLGdJ/7P2nff/evd+V68oDXY//daM0/0/3mv7Q7/0Sf+Wek89sJD6gz/23fNf/dyX9owPx3YY85jqye/GZg/msRT4z0y5908ycD8r+yx/yfj333/aBjzU8jTkb//H/NtcvvQ0zMLRR5+7VvjhNfvH5qt/qPDcqf7F7/yh7r/+H61PyguaSV/5kTu3/+/fK37ol32uNII+Ld9r7Vfq8nx9M3Jz/arf7ZAfXf6/P/ZI/1f/Xmxo97fCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU0ogYiyTNunGaZlnE8Yh4LI6lRa3eODVXW1uebR2LGI/RdG6hyCcjorLTTlrtM2V8pz3V0z4bEf+PiPcr/ynbWbVWzA67eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALqOR8RYJGkWEWlE/FZJ0ywb9qgAAACAfTc+7AEAAAAAB87zPwAAADz6PP8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8GF8+dbW3N7a7Paas9eXl9brF0+PZvXF7OltWpWra2uZPO12nyRZ9Xa0r2uV9RqK+diee3KRCOvNybq6xuXlmpry41LC0sz8/mlfPShVAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/NVZuSZpFRFrGaZplEf+NiPEYTeYWinwyIv4XEd9WRo+02meGPWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2XX19Y3GmKPJVgUAg6AbDnpkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiG+vrG4kxR5Kv1YY8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4Up/SiKitZ2sPDXWe/Rw8nul3EfEq9cvfnBlptFYPdPq/7Xb3/iw3T81jPEDAAAAvTrP6Z3neAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgL2qr28szhRFvnqAwbBrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7s+fAQAA//8gLc9Y")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_usb_connect$cdc_ncm(0x0, 0xc4, &(0x7f0000000400)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xb2, 0x2, 0x1, 0x4a, 0x60, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x7, 0x24, 0x6, 0x0, 0x1, "441f"}, {0x5, 0x24, 0x0, 0x7e74}, {0xd, 0x24, 0xf, 0x1, 0xe02, 0x67de, 0x0, 0x2}, {0x6, 0x24, 0x1a, 0x5, 0x20}, [@mbim={0xc, 0x24, 0x1b, 0x8, 0x40, 0x2, 0x4d, 0xfff8, 0x56}, @acm={0x4, 0x24, 0x2, 0x8}, @mdlm={0x15, 0x24, 0x12, 0x1000}, @obex={0x5, 0x24, 0x15, 0x3}, @mdlm={0x15, 0x24, 0x12, 0x2}, @mdlm={0x15, 0x24, 0x12, 0x99f1}]}, {{0x9, 0x5, 0x81, 0x3, 0x0, 0xfb, 0x0, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x9, 0x1, 0x1}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x0, 0xbf, 0x9}}}}}}}]}}, &(0x7f0000000300)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x201, 0xd, 0x80, 0x9, 0x10, 0x5}, 0x15, &(0x7f0000000280)={0x5, 0xf, 0x15, 0x3, [@ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x420fac2fbbd1ad7e, 0x6, 0x5, 0x9}, @ptm_cap={0x3}]}})
r2 = dup(r1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
sendmsg$inet6(r1, &(0x7f0000000100)={&(0x7f0000000140)={0xa, 0x4e24, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000840)='{', 0x1}], 0x1}, 0x20048843)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e20, @empty}}, 0x1000, 0x1ff, 0xffff18b6, 0x4, 0x384, 0x7fffffff, 0x1b}, 0x9c)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e24, 0x3, @loopback, 0x2}}, 0xfffffffd, 0x4, 0x2, 0x7, 0x45, 0x2, 0x5}, &(0x7f00000000c0)=0x9c)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
pwritev2(r4, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x1ffc, 0x2000003})
lsetxattr$trusted_overlay_upper(&(0x7f0000000500)='./file1\x00', &(0x7f0000000540), &(0x7f0000000580)={0x0, 0xfb, 0x45, 0xa, 0x3, "b9c37d233d5d73b83f70397aa75e1e1a", "0a5504b8c2d1c52693f1e3cc9d0dd37f1f70d6ffe5b0b4421edcce6ebfa513af571af449ac27a790d5e0f2e213e4839c"}, 0x45, 0x0)
write$P9_RMKNOD(r0, &(0x7f0000001080)={0x14, 0x13, 0x1, {0x1, 0x2}}, 0x14)

483.3556ms ago: executing program 3 (id=1231):
r0 = socket$inet(0x2, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES16=r1, @ANYBLOB="0000000000000000b70300000088b000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x67}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r3 = openat$selinux_create(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
pwrite64(r3, &(0x7f0000000000)="3703c70f70e244b7878fedf0c0c6c2ff2f524255d61dbfb25921e3d3686454b93e5842722103c5c67b0da4173b9e63544ee1f32fc67080b7b83c0a31", 0x3c, 0x2)
getsockopt$inet_int(r0, 0x84, 0xb, 0x0, &(0x7f0000000080))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000010000ebff0000b5baff2778dd9a8d25af19fcb7f000000000000100000000000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r5=>r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYRESHEX=r5], &(0x7f0000000380)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r6}, 0x18)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0x0, 0x60, &(0x7f0000000800)={'filter\x00', 0x104, 0x4, 0x3c8, 0x110, 0x110, 0x110, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@empty, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac}, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 'dvmrp0\x00', 'netdevsim0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010101, 0x8, 0x1}}}, {{@arp={@loopback, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg0\x00', 'veth0\x00', {}, {}, 0x0, 0x20}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x80ca, 0x8}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r8}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val={'init_itable', 0x3d, 0x200}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@data_journal}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_access\x00', &(0x7f0000001440)=ANY=[@ANYBLOB="0200000001000000000000000400050000000000100000000000000020"], 0x24, 0x3)

464.393671ms ago: executing program 1 (id=1233):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1}, 0x18)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000580)="d8000000200081044e81f782db44b90402000000e8fe55a11800150006001c0000000e120900100000000401a80016000a0011400600000003080000004dcf5c0468c1d67f6f94007134cf6ee08088568ab35d6e7016bb234841ef52b49816277ce06bbace806069438e6fb599e0ced72a6ba86cf917cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b10d414f00004d9db22fe7c9f8775730d16a4683f1aea4edbb57a5025ccca9e00360db70100000040fad95667e006d8df969b3ef35ce34d4a13821f4fbb9ad809d561cdce81ed0bffece0b42a9e", 0xd8}], 0x1}, 0x0)

453.486931ms ago: executing program 2 (id=1234):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000180)={0x0, 0x40000000001, 0x7})
munlockall()
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8e}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3, <r4=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f00000001c0)=r2}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
pipe2(&(0x7f0000001cc0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000280)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="7472616e733d01000080000000003d", @ANYRESHEX=r6, @ANYRES32=r3, @ANYRESHEX=r0, @ANYBLOB=',access=', @ANYRESDEC, @ANYRESHEX=r1])
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sigaltstack(&(0x7f0000000000)={0x0, 0x80000001, 0x54797c198fc260f8}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002b80)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r7, 0xc018937c, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r9=>r4, {0x1}}, './file0\x00'})
ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x2400, 0x4)
getresuid(0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r8, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000a40)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="595326bd7000fddbdf256b00000010001d800c00008005000900ba000000"], 0x24}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000)

412.083743ms ago: executing program 1 (id=1235):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f00000000c0))
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7dc470d00281f324, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='mm_collapse_huge_page_swapin\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@fallback=r4, 0x35, 0x0, 0x6, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0], <r6=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000014c0)=ANY=[@ANYRES32=r5, @ANYBLOB="30000000eb4b1e9991d601000000", @ANYRES32, @ANYRES32, @ANYBLOB], 0x20)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={@fallback, 0xffffffffffffffff, 0xb, 0x0, 0xffffffffffffffff, @void, @value, @void, @void, r6}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000004c0)={@ifindex, 0xffffffffffffffff, 0x19, 0x10, 0x0, @void, @value=r0, @void, @void, r6}, 0x20)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB='\r\x00', @ANYRES32=r3, @ANYBLOB="84f2f6772866a8106b934ffd020062", @ANYBLOB, @ANYRES64=r6], 0x20)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r7, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000380)=@generic={&(0x7f0000000340)='./bus\x00', 0x0, 0x10}, 0x18)
syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')

366.076795ms ago: executing program 1 (id=1236):
r0 = syz_io_uring_setup(0x1104, &(0x7f00000004c0)={0x0, 0xfffffffd, 0x1000, 0xfffffffe, 0xcb}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1fc, 0x0, 0x1})
io_uring_enter(r0, 0x47fa, 0xfd5d, 0x200000000000000, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x200, 0x21db}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x1034}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2f4, &(0x7f0000000900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOn8oKVMKYVKEb6fhMxhzj3tvZ2SnNt02Lrz+nEhZ2k5vSLBmJKAiMi2yIgExRNwj0E7jkqzF3Jx8NvH/2/dvXcjnclMzig1lZ69lFJKDY++e/Is7g5bH5DNkQdbX1NfNv/e/Hfr5+yjvKXyliqWKkpXc6XPFX3ONNRC3ipoSk2bhm4ZKl+0jLKTLzn5nFlaXKwqvbgwlFgsG5al9GJVFYyqqpRUpVxVoYd6vqg0TVNDCUEn2ZWZGT19yOL5Hk8Gv0m5nNZDIhLfk8mu9GVCAACgr1r7/6CoXvb/q+c2KoO314bd/n896tf/X/7kPNau/j8mIr79v/f8vv2/3l3/v7cjOluO1P/jZBiN7jkVaIT1ZDmtJ9y/X9vL+6tjdkD/DwAAAAAAAAAAAAAAAAAAAADAn2C7VkvWarWkd/R+6rmYiDT/3iIkIlePf8bopXbXf6Dz9ccp0LhxLzwsYr5ayi5lnaM7YENETDFkTJLyw34/uOqxd+eRqhuR9+ayW7+8lA3ZmXRO8nb9uCQj0lpfq01dz0yOK8fu+ogkmutTkpS//OtTvvVRuXC+qV6TpHyYl5KYsmDPo1H/fFypazczLfVxexwAAAAAAKeBpnb47t81rV3eqd/ZX7d+PhBq7K/HfPfnYfkv3N+1AwAAAABwVljVpwXdNI3yPkFcOo9xgsgBxrQG4W4GdxF4Kzxolfddhh5P42CB9+S7UjH3ZM9flkAXL0ubICiHqRqtr0YddRXex0btxsj0xPFfQTv4583b7717wCtrsQ4rPXwQ2v8NEHG//gUAAADgFGk0/d6Zif5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+g4/jtav9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//9p2gTn")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000040), 0x208e24b)

343.159036ms ago: executing program 3 (id=1237):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x121c02, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r2, 0x40107446, &(0x7f00000003c0)={0x2, &(0x7f0000000080)=[{0x50, 0x1, 0x2, 0x6}, {0x6, 0x0, 0x3, 0x365}]})
write$ppp(r2, &(0x7f0000000400)="6b27e58a4a", 0x5)

242.2471ms ago: executing program 3 (id=1238):
r0 = syz_io_uring_setup(0x1104, &(0x7f00000004c0)={0x0, 0xfffffffd, 0x1000, 0xfffffffe, 0xcb}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1fc, 0x0, 0x1})
io_uring_enter(r0, 0x47fa, 0xfd5d, 0x200000000000000, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x200, 0x21db}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x1034}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="09000000020018006d0500000200000000000000", @ANYRES32, @ANYRES64=0x0, @ANYRESOCT=r5, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000004c0), 0x1000, r6}, 0x38)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2f4, &(0x7f0000000900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOn8oKVMKYVKEb6fhMxhzj3tvZ2SnNt02Lrz+nEhZ2k5vSLBmJKAiMi2yIgExRNwj0E7jkqzF3Jx8NvH/2/dvXcjnclMzig1lZ69lFJKDY++e/Is7g5bH5DNkQdbX1NfNv/e/Hfr5+yjvKXyliqWKkpXc6XPFX3ONNRC3ipoSk2bhm4ZKl+0jLKTLzn5nFlaXKwqvbgwlFgsG5al9GJVFYyqqpRUpVxVoYd6vqg0TVNDCUEn2ZWZGT19yOL5Hk8Gv0m5nNZDIhLfk8mu9GVCAACgr1r7/6CoXvb/q+c2KoO314bd/n896tf/X/7kPNau/j8mIr79v/f8vv2/3l3/v7cjOluO1P/jZBiN7jkVaIT1ZDmtJ9y/X9vL+6tjdkD/DwAAAAAAAAAAAAAAAAAAAADAn2C7VkvWarWkd/R+6rmYiDT/3iIkIlePf8bopXbXf6Dz9ccp0LhxLzwsYr5ayi5lnaM7YENETDFkTJLyw34/uOqxd+eRqhuR9+ayW7+8lA3ZmXRO8nb9uCQj0lpfq01dz0yOK8fu+ogkmutTkpS//OtTvvVRuXC+qV6TpHyYl5KYsmDPo1H/fFypazczLfVxexwAAAAAAKeBpnb47t81rV3eqd/ZX7d+PhBq7K/HfPfnYfkv3N+1AwAAAABwVljVpwXdNI3yPkFcOo9xgsgBxrQG4W4GdxF4Kzxolfddhh5P42CB9+S7UjH3ZM9flkAXL0ubICiHqRqtr0YddRXex0btxsj0xPFfQTv4583b7717wCtrsQ4rPXwQ2v8NEHG//gUAAADgFGk0/d6Zif5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+g4/jtav9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//9p2gTn")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
fdatasync(r7)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x3)
epoll_create(0x9)
socket$netlink(0x10, 0x3, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000400)='kfree\x00', r8, 0x0, 0x4}, 0x18)
r9 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r9, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x2e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x330b9072}, 0x94)

222.085641ms ago: executing program 2 (id=1239):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b000000000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r2, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)

180.695772ms ago: executing program 2 (id=1240):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c30000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="120000001d000000080000000b"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)=r2}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r4, &(0x7f0000000000), 0x0}, 0x20)

111.425986ms ago: executing program 2 (id=1241):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
write$cgroup_pid(r1, 0x0, 0x0)
r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, 0x0, 0x0)

110.332976ms ago: executing program 2 (id=1242):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x41, &(0x7f0000000780)={&(0x7f0000000580)=@newqdisc={0x6c, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x9}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{0x9, 0x8, 0x0, 0x4, 0x4, 0x22}, [@TCA_NETEM_RATE={0x14, 0x6, {0xe1, 0x20000000, 0x0, 0x3}}, @TCA_NETEM_RATE64={0xc, 0x8, 0xe61c6a5c983a3b81}]}}}]}, 0x6c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
futex(&(0x7f0000000140), 0x189, 0x0, &(0x7f0000000a40), 0x0, 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @volatile={0x0, 0x0, 0x0, 0x9, 0x1}]}}, 0x0, 0x3a}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b702000001010000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001f7ff04b7050000240000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c061c6238975d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4988a0d411a9872971c7c56f0979bd10b97163c066d0e196bf0fb04e500b0c0502df9de9ca3c00cb9a323d9b401bf4e418d07fa22f0610a70f2bdf4000200000000b0c2c125080963f6324bb7b80197aa3161f45346b100000000000000000089e399f6609876b588743794298b79dc192dff048fc207c81f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be06000000000000005064caec04a367c23d9fb6a6991ddb737d527d6acb15426406991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54fc5b29d27643453ad9226e3550ee5520211d9370175fba303f003073afd1ec9f7c6133f260c6882a146880b9387f1beb5418618bc83a3becf9bb5d80eff7da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb2f30a246c3b2f60000fc4deb91da1368b0960b8d69bd99c64893d44f962524429dc0584b8e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7073be648b12bb1fee58958d6a6f31bfe568215dfbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc348ef2ac3781b847611fcb0a26acafdd6d9a1b17dcb9f7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb0200000000000000cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d944763a4bf5e138d810e29a31f08f7dea7762d2d8f7e1d24cabe17ad4135d8872935ceac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cd43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c106beb49a71c62df5544ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f481112ab8a82247e927fb6f256830dab3671f00500d36a17790bab7d0e89e6c15314f2b963bfc867953476b0505c7d728326d666f39e82cfcf7e7a85df288d75df24c5e4d529c349923f9a4fb882310391dd58b4cbd8def239a227724d39c3e6c40e20e07e68a22888a5c3941b7a765b92bcb37f302487bcbd93ccf3a104021ff34ddf7ffcca1a04eae963e25516a114573779b24a341dfb2e80f1f345c6d96493ffc2a18478b5bf3aab2ea59c51cf0678e1a57d0ea042d911548ff612002ddb2d54d42fbdde42b56887003d27468225b2594a05044baf314113e889468cf13dd92aa0d7744db6b56557a5adad95cb9a69d4de50642b4b9d6d3ba7eb534b00d0fea62f0a61535dfc4da06e7f8695be614c557caed7eb0120516e1351fed7d8ffa31c8f4be364185469cfc5f25c90d71bce745dd2d58a30e0844f12c4cbbdd7a08465e665c2620d78673dfb6d9263ed7def8924cfcd48a8a3534f1a3eac9ee9f18a18106ba3d7c7a62330f5c0e98cb7982dd7bad02c8dba9c13894185bfc4bd2520b6e2043fcb3fc5eb55ecf9e6e363ea2ac40a14a6f00f0ffffa0fdb6487c51ef12c2e88beeb5aa6f6a4151cfb90644e50630ed474df7d1635afcb1ea3f6c47b5acbba2ce5099a9387f74d1ffbd1da497613174f76a656ba5bacccbb58dddaf9a3510d65383829a51e0f41e661fa80ca1eaaa6cf0824305ba4ec80400c50ffe83ccb0e6fef321190c58aca8c7c8c6d26ff5cbc2cadebda8e1219e04f8dacffd33db1a0a2e74c9eb978d80a12d0b5327bfd053000000000000000000be0d02a14708504412fa93d335992b2983c5addc191b4a21c7b340d0536b01958e15315eb5f3f9f4992c18f666359f40295fa73284c4b607669bae75bd68c3e2b770c324a0ab26b6065d7e95a7bd80052db57506ec7cc861bf3998d07484c66630ca8173fea3f06ed1dfc70a8b90418e2dc76137e0f68cb1c8a908aef9f009f85647dba54e05028c33d94d463fb20d2e7547184b8d3611e45dff02144387f342ef9b9bf650e9d049bf65258a7bc094a6965e24611c077e1ca0891362a9d68f3ec7610c0449acf18459110500a09b75885cd79ba32776e4a511c8a4ad922b000000000002ef507ec6fc7f5dc431b9d8cbd9003972bf1dc6a71bedad8e19efc3edd2a7a7e555d5f3176af69920471e6e5bcb8966c813c132d65e2b99d3015e06b372e1aefaae14ee3fbc6349af362c19b59c214de66912d1a9a98d92dc197a51c29443de62caca334c46d110e50896fe50d0477771d387f40c8ef05750ca651e6e69a237dcf78666d6ab2bda1f853525494e4efdd93be38bb5fc671f8794002d7a951fd336aaf4ed1166cb459df70218c571ba1c40b028234505e5477effff26af8812c2fbb8785a223fce0a0601c2a3b58bea8c6216eadabcabe86ab46e4cd3d58ef7ce8d3c4b0bc5952e81dfc0a490d8568db6f9c51fe703c6864fae0053d2f91f49e977cdc1962dbc28c29471a72199862bc8fc6e211d13d8579cab4fba94b2b613c9b8148d05e0690a4c4ab35aabc45801d2b82081e62b23a01b58b1ffb624f63ad2246796796160cd3682374364edac52f1becb7c6eff50823b75fb2ef516ec4ec1cb20a2535b504502d744f2099674e58f2c117c980cf0d041c8e45c4f166bab4aa5ed200ef4dcff96f7c9c1ab8c22db0f439b23b04bcd41ffc3a0e01976ca1cf43e12d7d72f3faa4979faabd62e2dc54a980eae4d5e8c6498de331c3aba1144ef1190ea6cda641d9416c4560cab2d819eac7b04c70f141754c3ffd79da363fe8859afee531710caf1b2bf5a51142f4755cbb700c28083525a9093790096cb93417f1216000000000000000000000000000040ceb244e4cae2b65a76d41793aabccd3d0c50486eae6793e1f54814a8ee2779c14ca94759266200229b58c12279817869e831cade7b09ddffffff9d93e2ad25eed43c0b9ee4fd209b5b919a42f676b9d7236fc8dd5040899d0676291407ce9ac8101dd3512f5b3ac8cf8179d1749de324000030d0f942ec4604c28d5c287d1435956784003a53eb5f0436ead88d7acf0166dbd9f30a9b259c8a9b9faf1356faf269cded935b07863e4fdad8aab52686c81babd1c08f6700a2fadd413443022ea5c774ffefdd426abed08d437a4db48611fc82a18ab9f54758a1aad86d95cd186ceb55fafa3930090467b8b7bb8ae7e1c8b4b4106a381cb67fdb86def4de2076dc538bb97502b4b4350e633dc0a53c2fc9a01bc5cfae0245f1fab843c633446f5f3a43226109b7dafe7815773bd6969f04cbe15236b90000000000000000000000000000000000000000000000000000ff0779b9c0057addb2efe11b8b3a706569f1522b57d71bb0beccab7c8fe9e1330b2f501b2ac3cfe9e2f505e833217557abb257d61a73a758543651b250f8d8ef9c8481bb28a137d15040b0181c28dfad7c17b30c452a64c43a117cb948247c33abc765a6ba695c3cea5e32a4d11c9b4be91c60932bae2dcbec2ff4268e03aad15efc6004e6b3d7f0edf8b5d4ae7846a6d43c16c90b7c5dc13ac2ff0439ab693498964cad2bb533bcd240778b7e49145c48efde42b44c01517f1a7c7707b4c4fc0900e7086ec40354504590696282286db9030f0320e2fcba8723939005347b3c99e3f1310d41ab328c1f351b3f744ff1973431000000000000000000000000000000000000003495d69aaf9a1d83e83511a3bf44fe753b8ad83bc34ea4d46b397e000fd267c50122aa5aaf8474ec2e57d960d963900bef84a4b3c7dd01ae4d6b5522aa8a35ae7996e298bcfe3f31a34e3e12c58cf172a4d3677a67b52041ec21ae8003aa1c9969178b1b00e4d12ac9741fd788fb6260ec043c013907523c77f8acc20b9e2fd224ca8f21fab2b10991881e0a12f4e1c4f54b9ca7c9a0c8298d60b8b6eaa023418992d6d62b0e9faca4a3b3a845e859137cd933ef5eb8db16f159f32505725da51414562d064b551246dacd586f42d04d3fed3c087bb52ae4bc09f3846c785d1b278e661ed01fbc2415288bc9c808c4aef648d431b3029da0dec8886c3ee9cad996843d00a3b5eb54e270dd2e96c8f2fdb4c27c2d1bd467f2a14867dec67730d8a68329839d9feff688dfbe25c73f936338e7b057980da58a6303d95f17712d667d5a1066ae457ae32925ce658b559c1182a74e267da57fe25b19153f1cdebaddf3f7a3479c09f2303dff449c0513b552a75ed48215cc31264a6ff648a95daa0d599dbce303b3b5307572df30429a3b4b115cab0a018f2501272048dd9e69877535e20078e7c28a98f26ace7a266bdc15ce904f25ec7fb2434ee7b5b69bed702ba1e7ed72942f452f1a98a2d949450091075efa823b11f5f5eccd921c04c7c15a5a05750cd85b1300fc00ce275de7559e117f87cb6c3c9a4b9f96149e3fcffa44d7000000000000000000d43d07d546acb7009c0c4f6e57b8577d2113bfca1939b9bf757265e175c1863a7c8d7640675830dc11d5d59546daf2385a7074f770c8333b21e2fb660141bc4f1ed45f703da6ac2557ab6952bd0c300000000000000000005b44bff4e3966fdfc9b720412bec09936b08e440c774e2224f2d338fab2ae59379378ca34eeedbd9a323a889f295e5d3bae64fc48ba123668e6a0be1e732aa5e2a0d4373a0b76d84f018d45bdf6f12d6d5d23a0331c3ae5e99a2bcdb52386135ea15890007e1cba5e52a04971139272012ae5542ba109a9d2f49798ce2fc6f639735e0222cd08075418239042bfe47c363973d3245ce507e838dfd90ae442a96fa1343029be56de31c2eff226c05f0ae3dbe2281e7bc02db39342d5b54ad3616733a5aa7753613423a0c5e2844a6e08fa5b76e18f7e24e967f6f83c546718d0f20959376427cdd449a4be3d75fd3e51e1b7f8690855af8eddbd3fd556b4460d0091e3623933f1a11db14aea54af6c49725bfa51fed222dc379995f48b1aab94441767c8bccbfd966d814715203bd8f549cd57d6a87295bf16aa25fb4e7fcaa8cec5e5c03b0095861bf2fed70ffb46bbb78ba90ca272ead9b3d2959fd9dbaabd1d51a60b474cef4c700faf718b810e4d3527a4663ee9fbc0000000000000000000000000000000000000000000000000061abf7a66b7b3f57ff83"], &(0x7f0000000340)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="5aee41dea43e63a3f7fb7f11c72b", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r6}, &(0x7f0000000200), &(0x7f0000000340)}, 0x20)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000180)={{0x0, 0x0, 0x0, 0x0, 0xee00, 0x140, 0x3ff}, 0x0, 0x0, 0xffffffff, 0xc, 0x5, 0xc0e, 0x7, 0x4, 0x1, 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

52.356988ms ago: executing program 1 (id=1243):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xffffffff}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f00000003c0), 0x400)

11.23526ms ago: executing program 2 (id=1244):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
fsetxattr(r0, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)='@\x00', 0x3c8, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x1, 0x8, 0x7, 0x9ce6}]})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x635c, 0x1f480, 0x0, 0x399})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000006080)=@newtfilter={0x38, 0x2c, 0xd27, 0x8030bd29, 0x2, {0x0, 0x0, 0x0, 0x0, {0xfff1, 0xa}, {}, {0x9}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_ACT={0x4}, @TCA_FW_ACT={0x4}]}}]}, 0x38}}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x4}]}, {0xffffffffffffff1f}, {0xc}, {0xfffffffffffffcdc}}}]}]}, 0x68}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYRES16=r4], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000040c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c0000000c0a01010000000000eb00000a0000070900020000007a31000000000900010073797a3100000000100003800c0000800800034000000002140000001100010000000000000000000100000a"], 0x64}, 0x1, 0x0, 0x0, 0x24000850}, 0x4000040)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0x541b, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
close_range(r6, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3}, 0x10)
setrlimit(0x9, &(0x7f0000000080)={0x8606, 0xffff})
io_setup(0x8f0, &(0x7f0000002400))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x4, &(0x7f0000000040)=@framed={{}, [@alu={0x4, 0x0, 0xd, 0x0, 0x0, 0x0, 0x10}]}, &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x94)
io_uring_enter(r1, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd)

0s ago: executing program 3 (id=1245):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x3}, 0x18)
madvise(&(0x7f0000fec000/0x12000)=nil, 0x12000, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000a00)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@barrier}, {@quota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r3, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
fadvise64(r3, 0x7f, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffff"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_GET(r4, 0x4b72, &(0x7f0000000000)={0x1, 0x1, 0x12, 0x12, 0x132, &(0x7f00000003c0)})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$KDSKBSENT(r4, 0x4b49, &(0x7f0000000ac0)={0xfb, "58cf24090f402f26bca8eb1982f0f96370d3b439824025d93140c01d38fb7da0bb78fc2fe406f0a7b424d3e05f4c76f71d0be92de43b09849d969d944d329658b3a1ae19a16a5a080acf66fc4aea24b762e8ce3d65ac49284f8e124bfbeeaa748df517e357a40ec794ba231e83607c6d658e5361d5286dec6c04aef29f00edc3747b0784ddcb486691a3addf3f08b5d14c9afba928c78fe2a9205091302141705277ee88105aa5f07fc29f6bc246e7706cd8d4eaf95de10d5dc677d7085cc9c012477ca2465a1eec3fcf9fcbeda4bc90fa4d678536c3e034af4f03da25f43a3ad1564cd9c1c6e36759c599bbe3bcf6c302e28cbac76c8c0488e75baa6246b25bc775486a73461153be7720001062d7635896ab651493ea3aaba4bca1f9565593949f45d5a2bbc45ee008bfddb832049a629fc7154d2b32d23210cd534bfac9de1bb46ea14a690a25b15e7e838800a7a689ea8eb18c0cc4d4912ca13420fe147f9bc9a63a577caf05ce5217103ce22c67d1fc51821145a6f22a237ca589cda1e6c5672346eaf2bbc69b63d704aa76933ec7cc73e938f57e722260858663f72e6a29fc4443e6129de6a25253d1d43e8f31cbab8936487e6012bdc7b9ed355e72d15890f0ba281d351525335f361dc4451e3ca79580a41f23f4bd94b58f4da086678ef245ac477d07e8c8751c45d4974b57ecc0b972e9c549c0dbeccb5ce2b9a5d6"})
getsockopt$CAN_RAW_JOIN_FILTERS(0xffffffffffffffff, 0x65, 0x6, 0x0, 0x0)

kernel console output (not intermixed with test programs):

][ T4525] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.299: bg 0: block 345: padding at end of block bitmap is not set
[   45.350733][ T4525] EXT4-fs (loop2): Remounting filesystem read-only
[   45.357403][ T1660] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   45.408761][ T4525] syz.2.299 (4525) used greatest stack depth: 10328 bytes left
[   45.498655][ T4541] loop3: detected capacity change from 0 to 512
[   45.510218][ T4541] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.530068][ T4541] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.306: lblock 23 mapped to illegal pblock 18 (length 1)
[   45.560128][ T4557] EXT4-fs: Ignoring removed oldalloc option
[   45.566242][ T4557] EXT4-fs: Ignoring removed nomblk_io_submit option
[   45.613357][ T4564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   45.622344][ T4564] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   45.700804][ T4574] hsr_slave_0: left promiscuous mode
[   45.706688][ T4574] hsr_slave_1: left promiscuous mode
[   45.742886][ T4579] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   45.750472][ T4579] batman_adv: batadv0: Removing interface: batadv_slave_0
[   45.758130][ T4579] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   45.765535][ T4579] batman_adv: batadv0: Removing interface: batadv_slave_1
[   45.776476][ T4580] netlink: 'syz.0.314': attribute type 15 has an invalid length.
[   45.991069][ T4605] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[   46.077329][ T4615] FAULT_INJECTION: forcing a failure.
[   46.077329][ T4615] name failslab, interval 1, probability 0, space 0, times 0
[   46.089962][ T4615] CPU: 0 UID: 0 PID: 4615 Comm: syz.4.328 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.089987][ T4615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   46.090072][ T4615] Call Trace:
[   46.090078][ T4615]  <TASK>
[   46.090085][ T4615]  __dump_stack+0x1d/0x30
[   46.090105][ T4615]  dump_stack_lvl+0xe8/0x140
[   46.090124][ T4615]  dump_stack+0x15/0x1b
[   46.090142][ T4615]  should_fail_ex+0x265/0x280
[   46.090241][ T4615]  should_failslab+0x8c/0xb0
[   46.090277][ T4615]  kmem_cache_alloc_node_noprof+0x57/0x4c0
[   46.090318][ T4615]  ? __alloc_skb+0x324/0x4d0
[   46.090337][ T4615]  __alloc_skb+0x324/0x4d0
[   46.090353][ T4615]  ? __alloc_skb+0x24d/0x4d0
[   46.090371][ T4615]  netlink_alloc_large_skb+0xbf/0xf0
[   46.090396][ T4615]  netlink_sendmsg+0x3cf/0x6b0
[   46.090473][ T4615]  ? __pfx_netlink_sendmsg+0x10/0x10
[   46.090498][ T4615]  __sock_sendmsg+0x145/0x180
[   46.090599][ T4615]  ____sys_sendmsg+0x31e/0x4a0
[   46.090623][ T4615]  ___sys_sendmsg+0x17b/0x1d0
[   46.090747][ T4615]  __x64_sys_sendmsg+0xd4/0x160
[   46.090776][ T4615]  x64_sys_call+0x17ba/0x3000
[   46.090797][ T4615]  do_syscall_64+0xd8/0x2a0
[   46.090878][ T4615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.090898][ T4615] RIP: 0033:0x7fe007b7f749
[   46.090911][ T4615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.090928][ T4615] RSP: 002b:00007fe0065df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   46.090950][ T4615] RAX: ffffffffffffffda RBX: 00007fe007dd5fa0 RCX: 00007fe007b7f749
[   46.090964][ T4615] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000007
[   46.091020][ T4615] RBP: 00007fe0065df090 R08: 0000000000000000 R09: 0000000000000000
[   46.091031][ T4615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.091043][ T4615] R13: 00007fe007dd6038 R14: 00007fe007dd5fa0 R15: 00007ffda5a3b008
[   46.091065][ T4615]  </TASK>
[   46.342644][ T4630] sch_fq: defrate 4294967295 ignored.
[   46.389907][ T4636] FAULT_INJECTION: forcing a failure.
[   46.389907][ T4636] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   46.403160][ T4636] CPU: 1 UID: 0 PID: 4636 Comm: syz.1.337 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.403255][ T4636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   46.403268][ T4636] Call Trace:
[   46.403274][ T4636]  <TASK>
[   46.403281][ T4636]  __dump_stack+0x1d/0x30
[   46.403305][ T4636]  dump_stack_lvl+0xe8/0x140
[   46.403328][ T4636]  dump_stack+0x15/0x1b
[   46.403348][ T4636]  should_fail_ex+0x265/0x280
[   46.403436][ T4636]  should_fail+0xb/0x20
[   46.403576][ T4636]  should_fail_usercopy+0x1a/0x20
[   46.403624][ T4636]  _copy_from_user+0x1c/0xb0
[   46.403642][ T4636]  user_termio_to_kernel_termios+0x4e/0x140
[   46.403672][ T4636]  set_termios+0x101/0x4d0
[   46.403765][ T4636]  tty_mode_ioctl+0x379/0x5c0
[   46.403830][ T4636]  n_tty_ioctl_helper+0x91/0x210
[   46.403922][ T4636]  n_tty_ioctl+0x101/0x200
[   46.403978][ T4636]  ? __pfx_n_tty_ioctl+0x10/0x10
[   46.404001][ T4636]  tty_ioctl+0x83f/0xb80
[   46.404018][ T4636]  ? __pfx_tty_ioctl+0x10/0x10
[   46.404035][ T4636]  __se_sys_ioctl+0xce/0x140
[   46.404207][ T4636]  __x64_sys_ioctl+0x43/0x50
[   46.404234][ T4636]  x64_sys_call+0x14b0/0x3000
[   46.404254][ T4636]  do_syscall_64+0xd8/0x2a0
[   46.404348][ T4636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.404366][ T4636] RIP: 0033:0x7f2b132af749
[   46.404379][ T4636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.404393][ T4636] RSP: 002b:00007f2b11d17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   46.404435][ T4636] RAX: ffffffffffffffda RBX: 00007f2b13505fa0 RCX: 00007f2b132af749
[   46.404446][ T4636] RDX: 0000200000000400 RSI: 0000000000005406 RDI: 0000000000000006
[   46.404457][ T4636] RBP: 00007f2b11d17090 R08: 0000000000000000 R09: 0000000000000000
[   46.404468][ T4636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.404478][ T4636] R13: 00007f2b13506038 R14: 00007f2b13505fa0 R15: 00007ffcd02e9bb8
[   46.404493][ T4636]  </TASK>
[   46.676446][ T4652] FAULT_INJECTION: forcing a failure.
[   46.676446][ T4652] name failslab, interval 1, probability 0, space 0, times 0
[   46.689094][ T4652] CPU: 0 UID: 0 PID: 4652 Comm: syz.1.341 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.689123][ T4652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   46.689170][ T4652] Call Trace:
[   46.689177][ T4652]  <TASK>
[   46.689186][ T4652]  __dump_stack+0x1d/0x30
[   46.689212][ T4652]  dump_stack_lvl+0xe8/0x140
[   46.689314][ T4652]  dump_stack+0x15/0x1b
[   46.689334][ T4652]  should_fail_ex+0x265/0x280
[   46.689367][ T4652]  ? ip_ra_control+0xd6/0x2c0
[   46.689392][ T4652]  should_failslab+0x8c/0xb0
[   46.689457][ T4652]  __kmalloc_cache_noprof+0x4c/0x4c0
[   46.689479][ T4652]  ? __pfx_mrtsock_destruct+0x10/0x10
[   46.689500][ T4652]  ip_ra_control+0xd6/0x2c0
[   46.689521][ T4652]  ? __pfx_mrtsock_destruct+0x10/0x10
[   46.689583][ T4652]  ip_mroute_setsockopt+0x32b/0x960
[   46.689606][ T4652]  do_ip_setsockopt+0xcea/0x2240
[   46.689631][ T4652]  ip_setsockopt+0x58/0x110
[   46.689721][ T4652]  raw_setsockopt+0xbd/0x150
[   46.689833][ T4652]  sock_common_setsockopt+0x69/0x80
[   46.689866][ T4652]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   46.689894][ T4652]  __sys_setsockopt+0x184/0x200
[   46.689920][ T4652]  __x64_sys_setsockopt+0x64/0x80
[   46.690015][ T4652]  x64_sys_call+0x21d5/0x3000
[   46.690041][ T4652]  do_syscall_64+0xd8/0x2a0
[   46.690074][ T4652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.690099][ T4652] RIP: 0033:0x7f2b132af749
[   46.690192][ T4652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.690211][ T4652] RSP: 002b:00007f2b11d17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   46.690236][ T4652] RAX: ffffffffffffffda RBX: 00007f2b13505fa0 RCX: 00007f2b132af749
[   46.690247][ T4652] RDX: 00000000000000c8 RSI: 0000000000000000 RDI: 0000000000000006
[   46.690259][ T4652] RBP: 00007f2b11d17090 R08: 0000000000000004 R09: 0000000000000000
[   46.690274][ T4652] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[   46.690327][ T4652] R13: 00007f2b13506038 R14: 00007f2b13505fa0 R15: 00007ffcd02e9bb8
[   46.690346][ T4652]  </TASK>
[   46.690502][ T4647] 9pnet: Could not find request transport: 

[   46.904635][ T4663] usb usb8: usbfs: process 4663 (syz.4.340) did not claim interface 0 before use
[   46.949036][ T4643]  loop4: p1 p2 p3 p4
[   46.953357][ T4643] loop4: p1 size 3523149824 extends beyond EOD, truncated
[   46.962425][ T4643] loop4: p2 start 4293394688 is beyond EOD, truncated
[   46.969381][ T4643] loop4: p3 start 150994944 is beyond EOD, truncated
[   46.976093][ T4643] loop4: p4 size 50331648 extends beyond EOD, truncated
[   47.009959][ T4674] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   47.017377][ T4674] batman_adv: batadv0: Removing interface: batadv_slave_0
[   47.027045][ T4674] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   47.027293][ T4670] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.034694][ T4674] batman_adv: batadv0: Removing interface: batadv_slave_1
[   47.183153][ T4679] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.210314][ T4679] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.351: lblock 23 mapped to illegal pblock 18 (length 1)
[   47.296953][ T4711] FAULT_INJECTION: forcing a failure.
[   47.296953][ T4711] name failslab, interval 1, probability 0, space 0, times 0
[   47.309647][ T4711] CPU: 1 UID: 0 PID: 4711 Comm: syz.2.360 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   47.309754][ T4711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   47.309766][ T4711] Call Trace:
[   47.309772][ T4711]  <TASK>
[   47.309779][ T4711]  __dump_stack+0x1d/0x30
[   47.309807][ T4711]  dump_stack_lvl+0xe8/0x140
[   47.309827][ T4711]  dump_stack+0x15/0x1b
[   47.309848][ T4711]  should_fail_ex+0x265/0x280
[   47.309886][ T4711]  should_failslab+0x8c/0xb0
[   47.309922][ T4711]  kmem_cache_alloc_noprof+0x50/0x4a0
[   47.310035][ T4711]  ? audit_log_start+0x342/0x720
[   47.310082][ T4711]  audit_log_start+0x342/0x720
[   47.310149][ T4711]  ? kstrtouint+0x76/0xc0
[   47.310174][ T4711]  audit_seccomp+0x48/0x100
[   47.310205][ T4711]  ? __seccomp_filter+0x832/0x1260
[   47.310228][ T4711]  __seccomp_filter+0x843/0x1260
[   47.310328][ T4711]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   47.310349][ T4711]  ? vfs_write+0x7e8/0x960
[   47.310374][ T4711]  ? __rcu_read_unlock+0x4f/0x70
[   47.310427][ T4711]  ? __fget_files+0x184/0x1c0
[   47.310454][ T4711]  __secure_computing+0x82/0x150
[   47.310477][ T4711]  syscall_trace_enter+0xcf/0x1e0
[   47.310498][ T4711]  do_syscall_64+0xb2/0x2a0
[   47.310524][ T4711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.310544][ T4711] RIP: 0033:0x7f1b74bff749
[   47.310588][ T4711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.310604][ T4711] RSP: 002b:00007f1b73667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[   47.310621][ T4711] RAX: ffffffffffffffda RBX: 00007f1b74e55fa0 RCX: 00007f1b74bff749
[   47.310632][ T4711] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   47.310712][ T4711] RBP: 00007f1b73667090 R08: 0000000000000000 R09: 0000000000000000
[   47.310723][ T4711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.310734][ T4711] R13: 00007f1b74e56038 R14: 00007f1b74e55fa0 R15: 00007ffe73bab1c8
[   47.310749][ T4711]  </TASK>
[   47.528699][ T4712] 9pnet: Could not find request transport: f
[   47.588783][ T4722] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   47.599557][ T4723] EXT4-fs: Invalid want_extra_isize 255
[   47.606202][ T4722] vhci_hcd: invalid port number 96
[   47.611377][ T4722] vhci_hcd: default hub control req: 0300 v0008 i0060 l0
[   47.623064][ T4732] netlink: 'syz.1.367': attribute type 1 has an invalid length.
[   47.648270][   T29] kauditd_printk_skb: 1041 callbacks suppressed
[   47.648284][   T29] audit: type=1400 audit(1764882727.440:3008): avc:  denied  { read write } for  pid=3314 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   47.678729][   T29] audit: type=1400 audit(1764882727.440:3009): avc:  denied  { open } for  pid=3314 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   47.702931][   T29] audit: type=1400 audit(1764882727.440:3010): avc:  denied  { ioctl } for  pid=3314 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   47.728481][   T29] audit: type=1400 audit(1764882727.440:3011): avc:  denied  { prog_load } for  pid=4724 comm="syz.0.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   47.747511][   T29] audit: type=1400 audit(1764882727.440:3012): avc:  denied  { bpf } for  pid=4724 comm="syz.0.365" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   47.767977][   T29] audit: type=1400 audit(1764882727.440:3013): avc:  denied  { perfmon } for  pid=4724 comm="syz.0.365" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   47.791976][   T29] audit: type=1400 audit(1764882727.520:3014): avc:  denied  { map_create } for  pid=4735 comm="syz.1.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   47.811049][   T29] audit: type=1400 audit(1764882727.520:3015): avc:  denied  { mounton } for  pid=4735 comm="syz.1.368" path="/84/file0" dev="tmpfs" ino=473 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   47.833474][   T29] audit: type=1400 audit(1764882727.520:3016): avc:  denied  { create } for  pid=4735 comm="syz.1.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   47.853812][   T29] audit: type=1326 audit(1764882727.520:3017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4681 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe007b7f749 code=0x7ffc0000
[   47.857999][ T4742] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   47.886272][ T4742] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   47.923103][ T4737] 9pnet: Could not find request transport: 

[   47.932315][ T4737] netlink: 'syz.4.350': attribute type 29 has an invalid length.
[   47.958193][ T4005] IPVS: starting estimator thread 0...
[   47.990199][ T4750] __nla_validate_parse: 18 callbacks suppressed
[   47.990214][ T4750] netlink: 256 bytes leftover after parsing attributes in process `syz.0.371'.
[   48.020778][ T4750] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.035566][ T4750] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #2: block 18: comm syz.0.371: lblock 23 mapped to illegal pblock 18 (length 1)
[   48.049925][ T4748] IPVS: using max 4224 ests per chain, 211200 per kthread
[   48.121343][ T4765] tipc: Started in network mode
[   48.126252][ T4765] tipc: Node identity 8a32cfb11b6e, cluster identity 4711
[   48.133511][ T4765] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   48.152573][ T4765] tipc: Disabling bearer <eth:syzkaller0>
[   48.164980][ T4773] netlink: 'syz.0.379': attribute type 4 has an invalid length.
[   48.300068][ T4763] delete_channel: no stack
[   48.494862][ T4793] netlink: 256 bytes leftover after parsing attributes in process `syz.2.385'.
[   48.533052][ T4789] set_capacity_and_notify: 10 callbacks suppressed
[   48.533071][ T4789] loop4: detected capacity change from 0 to 128
[   48.555985][ T4794] loop2: detected capacity change from 0 to 512
[   48.584767][ T4794] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.664861][ T4788] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.385: lblock 23 mapped to illegal pblock 18 (length 1)
[   48.709260][ T4789] syz.4.384: attempt to access beyond end of device
[   48.709260][ T4789] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[   48.723151][ T4789] syz.4.384: attempt to access beyond end of device
[   48.723151][ T4789] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[   48.737061][ T4789] syz.4.384: attempt to access beyond end of device
[   48.737061][ T4789] loop4: rw=2049, sector=177, nr_sectors = 8 limit=128
[   48.752529][ T4789] syz.4.384: attempt to access beyond end of device
[   48.752529][ T4789] loop4: rw=2049, sector=193, nr_sectors = 8 limit=128
[   48.766099][ T4789] syz.4.384: attempt to access beyond end of device
[   48.766099][ T4789] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[   48.785309][ T4789] syz.4.384: attempt to access beyond end of device
[   48.785309][ T4789] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[   48.798865][ T4789] syz.4.384: attempt to access beyond end of device
[   48.798865][ T4789] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[   48.812506][ T4789] syz.4.384: attempt to access beyond end of device
[   48.812506][ T4789] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[   48.826301][ T4789] syz.4.384: attempt to access beyond end of device
[   48.826301][ T4789] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[   48.839577][ T4800] 9pnet: Could not find request transport: 

[   48.846216][ T4789] syz.4.384: attempt to access beyond end of device
[   48.846216][ T4789] loop4: rw=2049, sector=289, nr_sectors = 8 limit=128
[   48.853736][ T4800] netlink: 24 bytes leftover after parsing attributes in process `syz.3.382'.
[   48.986387][ T4807] 9pnet: Could not find request transport: f
[   49.139431][ T4819] loop2: detected capacity change from 0 to 512
[   49.146027][ T4819] EXT4-fs: Ignoring removed i_version option
[   49.152071][ T4819] EXT4-fs: Ignoring removed bh option
[   49.176394][ T4819] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   49.239224][ T4832] loop3: detected capacity change from 0 to 1024
[   49.250796][ T4819] EXT4-fs error (device loop2): ext4_lookup:1785: inode #12: comm syz.2.389: iget: bad i_size value: 2533274857506816
[   49.264261][ T4832] EXT4-fs: test_dummy_encryption option not supported
[   49.349259][ T4835] netlink: 256 bytes leftover after parsing attributes in process `syz.2.396'.
[   49.365795][ T4835] loop2: detected capacity change from 0 to 512
[   49.380411][ T4835] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.395118][ T4835] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.396: lblock 23 mapped to illegal pblock 18 (length 1)
[   49.486779][ T4848] lo speed is unknown, defaulting to 1000
[   49.548019][ T4853] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   49.566354][ T4852] pim6reg: entered allmulticast mode
[   49.582317][ T4853] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   49.597791][ T4852] pim6reg: left allmulticast mode
[   49.624270][ T4854] xt_recent: Unsupported userspace flags (000000b1)
[   49.695576][ T4860] loop3: detected capacity change from 0 to 512
[   49.702563][ T4860] msdos: Unknown parameter 'µ~#‹Ú1NŸ6•êö#…¯m'ïµ>+;Š‚"þ'
[   49.809989][ T4871] loop4: detected capacity change from 0 to 164
[   49.817788][ T4871] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   49.827300][ T4871] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   49.880625][ T4878] loop3: detected capacity change from 0 to 1024
[   49.887438][ T4878] EXT4-fs: test_dummy_encryption option not supported
[   49.903019][ T4877] netlink: 256 bytes leftover after parsing attributes in process `syz.4.409'.
[   49.918124][ T4877] loop4: detected capacity change from 0 to 512
[   49.932218][ T4877] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.947291][ T4877] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #2: block 18: comm syz.4.409: lblock 23 mapped to illegal pblock 18 (length 1)
[   50.130394][ T4890] validate_nla: 2 callbacks suppressed
[   50.130409][ T4890] netlink: 'syz.0.412': attribute type 16 has an invalid length.
[   50.143724][ T4890] netlink: 156 bytes leftover after parsing attributes in process `syz.0.412'.
[   50.254358][ T4912] 9pnet: Could not find request transport: f
[   50.286324][ T4918] loop4: detected capacity change from 0 to 1024
[   50.300559][ T4918] EXT4-fs: test_dummy_encryption option not supported
[   50.340101][ T4920] lo speed is unknown, defaulting to 1000
[   50.357996][ T4922] netlink: 12 bytes leftover after parsing attributes in process `syz.3.423'.
[   50.388372][ T4922] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[   50.558820][ T4936] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.427: bg 0: block 5: invalid block bitmap
[   50.578529][ T4936] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   50.587598][ T4936] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.427: invalid indirect mapped block 3 (level 2)
[   50.601179][ T4936] EXT4-fs (loop3): 2 truncates cleaned up
[   50.715422][ T4961] netlink: 'syz.4.434': attribute type 4 has an invalid length.
[   50.735098][ T4961] netlink: 'syz.4.434': attribute type 4 has an invalid length.
[   50.866787][ T4979] EXT4-fs: test_dummy_encryption option not supported
[   51.251338][ T4990] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.350155][ T4993] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.445: bg 0: block 345: padding at end of block bitmap is not set
[   51.364680][ T4993] EXT4-fs (loop0): Remounting filesystem read-only
[   51.376969][ T1660] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   51.450075][ T4997] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.480146][ T5001] mmap: syz.3.449 (5001) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   51.531309][ T5001] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98
[   51.558275][ T5004] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.448: bg 0: block 345: padding at end of block bitmap is not set
[   51.586778][ T5005] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[   51.593311][ T5005] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   51.595811][ T5004] EXT4-fs (loop0): Remounting filesystem read-only
[   51.601608][ T5005] vhci_hcd vhci_hcd.0: Device attached
[   51.613666][  T276] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   51.643826][ T5010] netlink: 'syz.4.450': attribute type 16 has an invalid length.
[   51.651635][ T5010] netlink: 156 bytes leftover after parsing attributes in process `syz.4.450'.
[   51.665955][ T5006] vhci_hcd: connection closed
[   51.666636][  T276] vhci_hcd: stop threads
[   51.675595][  T276] vhci_hcd: release socket
[   51.680077][  T276] vhci_hcd: disconnect device
[   51.787083][ T5024] netlink: 4 bytes leftover after parsing attributes in process `syz.4.457'.
[   51.864360][ T5032] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.934661][ T5035] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.459: bg 0: block 345: padding at end of block bitmap is not set
[   51.949420][ T5035] EXT4-fs (loop2): Remounting filesystem read-only
[   51.956014][  T276] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   52.049337][ T5042] Alternate GPT is invalid, using primary GPT.
[   52.055742][ T5042]  loop2: p1 p2 p3
[   52.059503][ T5042] loop2: partition table partially beyond EOD, truncated
[   52.211383][ T5047] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   52.233375][ T5063] netlink: 4 bytes leftover after parsing attributes in process `syz.3.471'.
[   52.341450][ T5080] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.477: inode has both inline data and extents flags
[   52.354983][ T5080] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.477: couldn't read orphan inode 15 (err -117)
[   52.424966][ T5083] 9pnet: Could not find request transport: 

[   52.469490][ T5090] FAULT_INJECTION: forcing a failure.
[   52.469490][ T5090] name failslab, interval 1, probability 0, space 0, times 0
[   52.482195][ T5090] CPU: 0 UID: 0 PID: 5090 Comm: syz.2.480 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.482270][ T5090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   52.482284][ T5090] Call Trace:
[   52.482291][ T5090]  <TASK>
[   52.482299][ T5090]  __dump_stack+0x1d/0x30
[   52.482326][ T5090]  dump_stack_lvl+0xe8/0x140
[   52.482349][ T5090]  dump_stack+0x15/0x1b
[   52.482391][ T5090]  should_fail_ex+0x265/0x280
[   52.482424][ T5090]  ? __pfx_sock_alloc_inode+0x10/0x10
[   52.482452][ T5090]  should_failslab+0x8c/0xb0
[   52.482508][ T5090]  kmem_cache_alloc_lru_noprof+0x55/0x4b0
[   52.482543][ T5090]  ? sock_alloc_inode+0x34/0xa0
[   52.482625][ T5090]  ? __pfx_sock_alloc_inode+0x10/0x10
[   52.482661][ T5090]  sock_alloc_inode+0x34/0xa0
[   52.482688][ T5090]  alloc_inode+0x40/0x170
[   52.482773][ T5090]  do_accept+0xa0/0x3a0
[   52.482793][ T5090]  ? _raw_spin_lock+0x52/0xa0
[   52.482833][ T5090]  __sys_accept4+0xbe/0x170
[   52.482855][ T5090]  __x64_sys_accept4+0x51/0x60
[   52.482905][ T5090]  x64_sys_call+0x2b3e/0x3000
[   52.482926][ T5090]  do_syscall_64+0xd8/0x2a0
[   52.483026][ T5090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.483107][ T5090] RIP: 0033:0x7f1b74bff749
[   52.483124][ T5090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.483141][ T5090] RSP: 002b:00007f1b73667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[   52.483162][ T5090] RAX: ffffffffffffffda RBX: 00007f1b74e55fa0 RCX: 00007f1b74bff749
[   52.483237][ T5090] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[   52.483248][ T5090] RBP: 00007f1b73667090 R08: 0000000000000000 R09: 0000000000000000
[   52.483297][ T5090] R10: 0000000000080800 R11: 0000000000000246 R12: 0000000000000001
[   52.483309][ T5090] R13: 00007f1b74e56038 R14: 00007f1b74e55fa0 R15: 00007ffe73bab1c8
[   52.483326][ T5090]  </TASK>
[   52.485656][ T5083] netlink: 'syz.0.455': attribute type 29 has an invalid length.
[   52.649677][   T29] kauditd_printk_skb: 1673 callbacks suppressed
[   52.649691][   T29] audit: type=1326 audit(1764882732.450:4676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3cf1b12005 code=0x7ffc0000
[   52.728612][   T29] audit: type=1326 audit(1764882732.450:4677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f3cf1a96357 code=0x7ffc0000
[   52.752155][   T29] audit: type=1326 audit(1764882732.450:4678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f3cf1a963b6 code=0x7ffc0000
[   52.775387][   T29] audit: type=1326 audit(1764882732.450:4679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3cf1adf34b code=0x7ffc0000
[   52.798666][   T29] audit: type=1326 audit(1764882732.450:4680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   52.821909][   T29] audit: type=1326 audit(1764882732.450:4681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   52.845235][   T29] audit: type=1326 audit(1764882732.450:4682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   52.868551][   T29] audit: type=1326 audit(1764882732.450:4683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   52.891869][   T29] audit: type=1326 audit(1764882732.450:4684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   52.915191][   T29] audit: type=1326 audit(1764882732.470:4685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3cf1b12005 code=0x7ffc0000
[   52.992506][ T5117] EXT4-fs: Ignoring removed oldalloc option
[   52.998598][ T5117] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.261174][ T5130] __nla_validate_parse: 5 callbacks suppressed
[   53.261203][ T5130] netlink: 8 bytes leftover after parsing attributes in process `syz.4.493'.
[   53.320821][ T5134] EXT4-fs: test_dummy_encryption option not supported
[   53.381900][ T5141] netlink: 4 bytes leftover after parsing attributes in process `syz.4.496'.
[   53.475873][ T5153] EXT4-fs: Ignoring removed oldalloc option
[   53.482104][ T5153] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.630334][ T5164] 9pnet: Could not find request transport: 

[   53.650478][ T5164] netlink: 'syz.0.490': attribute type 29 has an invalid length.
[   53.664736][ T5169] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6erspan0
[   53.676682][ T5164] netlink: 24 bytes leftover after parsing attributes in process `syz.0.490'.
[   53.686659][ T5169] ip6erspan0: entered promiscuous mode
[   53.751725][ T5182] set_capacity_and_notify: 11 callbacks suppressed
[   53.751741][ T5182] loop3: detected capacity change from 0 to 2048
[   53.758848][ T5184] loop4: detected capacity change from 0 to 1024
[   53.771543][ T5184] EXT4-fs: Ignoring removed oldalloc option
[   53.777553][ T5184] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.790136][ T5182] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.899203][ T5194] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.510: bg 0: block 345: padding at end of block bitmap is not set
[   53.914904][ T5199] netlink: 'syz.0.515': attribute type 16 has an invalid length.
[   53.922680][ T5199] netlink: 156 bytes leftover after parsing attributes in process `syz.0.515'.
[   53.932899][ T5194] EXT4-fs (loop3): Remounting filesystem read-only
[   53.942806][   T12] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   53.948777][ T5197] loop2: detected capacity change from 0 to 1024
[   54.002722][ T5203] loop4: detected capacity change from 0 to 2048
[   54.028641][ T5197] EXT4-fs: Ignoring removed nomblk_io_submit option
[   54.060295][ T5203]  loop4: p2 < > p3 < p5 > p4
[   54.064991][ T5203] loop4: partition table partially beyond EOD, truncated
[   54.075388][ T5215] siw: device registration error -23
[   54.081510][ T5203] loop4: p2 start 4278190080 is beyond EOD, truncated
[   54.109394][ T5203] loop4: p4 size 8192 extends beyond EOD, truncated
[   54.130775][ T5203] loop4: p5 size 8192 extends beyond EOD, truncated
[   54.143919][ T5220] loop0: detected capacity change from 0 to 1024
[   54.156319][ T5203] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   54.161070][ T5220] EXT4-fs: Ignoring removed oldalloc option
[   54.164815][ T5203] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   54.197190][ T5220] EXT4-fs: Ignoring removed nomblk_io_submit option
[   54.215110][ T5197] netlink: 56 bytes leftover after parsing attributes in process `syz.2.513'.
[   54.224657][ T5197] netlink: 28 bytes leftover after parsing attributes in process `syz.2.513'.
[   54.233909][ T5197] ip6tnl0: Caught tx_queue_len zero misconfig
[   54.335573][ T5229] netlink: 256 bytes leftover after parsing attributes in process `syz.0.524'.
[   54.354100][ T5229] loop0: detected capacity change from 0 to 512
[   54.362357][ T5218] loop3: detected capacity change from 0 to 512
[   54.370269][ T5229] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.382246][ T5218] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   54.405816][ T5229] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #2: block 18: comm syz.0.524: lblock 23 mapped to illegal pblock 18 (length 1)
[   54.442149][ T5218] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.521: lblock 23 mapped to illegal pblock 18 (length 1)
[   54.467014][ T5218] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.521: lblock 23 mapped to illegal pblock 18 (length 1)
[   54.488280][ T5218] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.521: lblock 23 mapped to illegal pblock 18 (length 1)
[   54.718851][ T5249] loop0: detected capacity change from 0 to 1024
[   54.770613][ T5249] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.802216][ T5249] EXT4-fs error (device loop0): ext4_map_blocks:825: inode #15: comm syz.0.528: lblock 0 mapped to illegal pblock 0 (length 1)
[   54.818593][ T5249] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[   54.830935][ T5249] EXT4-fs (loop0): This should not happen!! Data will be lost
[   54.830935][ T5249] 
[   54.849450][ T5191] syz.2.513 (5191) used greatest stack depth: 6200 bytes left
[   54.881048][ T5254] FAULT_INJECTION: forcing a failure.
[   54.881048][ T5254] name failslab, interval 1, probability 0, space 0, times 0
[   54.893759][ T5254] CPU: 0 UID: 0 PID: 5254 Comm: syz.2.529 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.893822][ T5254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   54.893835][ T5254] Call Trace:
[   54.893841][ T5254]  <TASK>
[   54.893849][ T5254]  __dump_stack+0x1d/0x30
[   54.893881][ T5254]  dump_stack_lvl+0xe8/0x140
[   54.893983][ T5254]  dump_stack+0x15/0x1b
[   54.894003][ T5254]  should_fail_ex+0x265/0x280
[   54.894037][ T5254]  should_failslab+0x8c/0xb0
[   54.894065][ T5254]  kmem_cache_alloc_node_noprof+0x57/0x4c0
[   54.894154][ T5254]  ? __alloc_skb+0x324/0x4d0
[   54.894177][ T5254]  __alloc_skb+0x324/0x4d0
[   54.894197][ T5254]  ? __alloc_skb+0x24d/0x4d0
[   54.894216][ T5254]  netlink_alloc_large_skb+0xbf/0xf0
[   54.894287][ T5254]  netlink_sendmsg+0x3cf/0x6b0
[   54.894317][ T5254]  ? __pfx_netlink_sendmsg+0x10/0x10
[   54.894366][ T5254]  __sock_sendmsg+0x145/0x180
[   54.894398][ T5254]  ____sys_sendmsg+0x31e/0x4a0
[   54.894427][ T5254]  ___sys_sendmsg+0x17b/0x1d0
[   54.894464][ T5254]  __x64_sys_sendmsg+0xd4/0x160
[   54.894561][ T5254]  x64_sys_call+0x17ba/0x3000
[   54.894659][ T5254]  do_syscall_64+0xd8/0x2a0
[   54.894686][ T5254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.894758][ T5254] RIP: 0033:0x7f1b74bff749
[   54.894773][ T5254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.894789][ T5254] RSP: 002b:00007f1b73667038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.894807][ T5254] RAX: ffffffffffffffda RBX: 00007f1b74e55fa0 RCX: 00007f1b74bff749
[   54.894818][ T5254] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000005
[   54.894830][ T5254] RBP: 00007f1b73667090 R08: 0000000000000000 R09: 0000000000000000
[   54.894841][ T5254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.894910][ T5254] R13: 00007f1b74e56038 R14: 00007f1b74e55fa0 R15: 00007ffe73bab1c8
[   54.894927][ T5254]  </TASK>
[   55.176239][ T5266] siw: device registration error -23
[   55.237150][ T5267] 9pnet: Could not find request transport: 

[   55.274420][ T5267] netlink: 'syz.3.526': attribute type 29 has an invalid length.
[   55.290263][ T5277] netlink: 7 bytes leftover after parsing attributes in process `syz.2.537'.
[   55.300815][ T5277] netlink: 7 bytes leftover after parsing attributes in process `syz.2.537'.
[   55.303116][ T5267] netlink: 24 bytes leftover after parsing attributes in process `syz.3.526'.
[   55.385469][ T5277] lo speed is unknown, defaulting to 1000
[   55.467033][ T5280] loop3: detected capacity change from 0 to 1024
[   55.480556][ T5280] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.657440][ T5291] lo: Caught tx_queue_len zero misconfig
[   55.868228][ T5307] loop3: detected capacity change from 0 to 512
[   55.892875][ T5307] EXT4-fs (loop3): too many log groups per flexible block group
[   55.895769][ T5303] 9pnet: Could not find request transport: 

[   55.900771][ T5307] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   55.900799][ T5307] EXT4-fs (loop3): mount failed
[   56.021264][ T5303] netlink: 'syz.1.535': attribute type 29 has an invalid length.
[   56.048569][ T5324]  loop2: p2 < > p3 < p5 > p4
[   56.053311][ T5324] loop2: partition table partially beyond EOD, truncated
[   56.067029][ T5324] loop2: p2 start 4278190080 is beyond EOD, truncated
[   56.080356][ T5324] loop2: p4 size 8192 extends beyond EOD, truncated
[   56.102982][ T5324] loop2: p5 size 8192 extends beyond EOD, truncated
[   56.129975][ T5327] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.142693][ T5324] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.153802][ T5324] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.158461][ T5327] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.554: lblock 23 mapped to illegal pblock 18 (length 1)
[   56.295939][ T5347] FAULT_INJECTION: forcing a failure.
[   56.295939][ T5347] name failslab, interval 1, probability 0, space 0, times 0
[   56.308764][ T5347] CPU: 1 UID: 0 PID: 5347 Comm: syz.1.559 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   56.308789][ T5347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   56.308801][ T5347] Call Trace:
[   56.308807][ T5347]  <TASK>
[   56.308814][ T5347]  __dump_stack+0x1d/0x30
[   56.308883][ T5347]  dump_stack_lvl+0xe8/0x140
[   56.308902][ T5347]  dump_stack+0x15/0x1b
[   56.308918][ T5347]  should_fail_ex+0x265/0x280
[   56.308948][ T5347]  should_failslab+0x8c/0xb0
[   56.309016][ T5347]  __kmalloc_noprof+0xa5/0x590
[   56.309032][ T5347]  ? ip_options_get+0x52/0x350
[   56.309056][ T5347]  ip_options_get+0x52/0x350
[   56.309151][ T5347]  ? tcp_release_cb+0xf1/0x370
[   56.309182][ T5347]  do_ip_setsockopt+0x19d4/0x2240
[   56.309206][ T5347]  ip_setsockopt+0x58/0x110
[   56.309304][ T5347]  tcp_setsockopt+0x98/0xb0
[   56.309329][ T5347]  sock_common_setsockopt+0x69/0x80
[   56.309422][ T5347]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   56.309456][ T5347]  __sys_setsockopt+0x184/0x200
[   56.309491][ T5347]  __x64_sys_setsockopt+0x64/0x80
[   56.309562][ T5347]  x64_sys_call+0x21d5/0x3000
[   56.309639][ T5347]  do_syscall_64+0xd8/0x2a0
[   56.309670][ T5347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.309688][ T5347] RIP: 0033:0x7f2b132af749
[   56.309701][ T5347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.309796][ T5347] RSP: 002b:00007f2b11d17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   56.309813][ T5347] RAX: ffffffffffffffda RBX: 00007f2b13505fa0 RCX: 00007f2b132af749
[   56.309824][ T5347] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006
[   56.309835][ T5347] RBP: 00007f2b11d17090 R08: 0000000000000000 R09: 0000000000000000
[   56.309846][ T5347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.309894][ T5347] R13: 00007f2b13506038 R14: 00007f2b13505fa0 R15: 00007ffcd02e9bb8
[   56.309909][ T5347]  </TASK>
[   56.619912][ T5345] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.713110][ T5356] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.558: bg 0: block 345: padding at end of block bitmap is not set
[   56.732666][ T5356] EXT4-fs (loop3): Remounting filesystem read-only
[   56.735422][ T5361] siw: device registration error -23
[   56.745012][  T276] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   56.780258][ T5363] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.795741][ T5358] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #2: block 18: comm syz.0.563: lblock 23 mapped to illegal pblock 18 (length 1)
[   56.878605][ T5374] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   56.890163][ T5374] EXT4-fs (loop0): 1 truncate cleaned up
[   56.953660][ T5377] 9pnet: Could not find request transport: 

[   57.196485][ T5402] isofs_fill_super: get root inode failed
[   57.371955][ T5420] 9pnet: Could not find request transport: 

[   57.468241][ T5425] 9pnet: Could not find request transport: 

[   57.507980][ T5428] siw: device registration error -23
[   57.592618][ T5429] lo speed is unknown, defaulting to 1000
[   57.722538][   T29] kauditd_printk_skb: 1320 callbacks suppressed
[   57.722611][   T29] audit: type=1326 audit(1764882737.520:6006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5430 comm="syz.2.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   57.786390][ T5425] netlink: 'syz.3.566': attribute type 29 has an invalid length.
[   57.804896][ T5429] ext4 filesystem being mounted at /115/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   57.856995][ T5436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.894674][   T29] audit: type=1326 audit(1764882737.550:6007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5371 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd362ef749 code=0x7ffc0000
[   57.910055][ T5436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.918049][   T29] audit: type=1326 audit(1764882737.560:6008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5371 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd362ef749 code=0x7ffc0000
[   57.949095][   T29] audit: type=1326 audit(1764882737.560:6009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5371 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd362ef749 code=0x7ffc0000
[   57.972665][   T29] audit: type=1326 audit(1764882737.560:6010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5371 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd362ef749 code=0x7ffc0000
[   57.981940][ T5438] FAULT_INJECTION: forcing a failure.
[   57.981940][ T5438] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.996091][   T29] audit: type=1326 audit(1764882737.560:6012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5371 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd362ef749 code=0x7ffc0000
[   58.009133][ T5438] CPU: 0 UID: 0 PID: 5438 Comm: syz.4.586 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.009157][ T5438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   58.009168][ T5438] Call Trace:
[   58.009174][ T5438]  <TASK>
[   58.009182][ T5438]  __dump_stack+0x1d/0x30
[   58.009206][ T5438]  dump_stack_lvl+0xe8/0x140
[   58.009273][ T5438]  dump_stack+0x15/0x1b
[   58.009294][ T5438]  should_fail_ex+0x265/0x280
[   58.009326][ T5438]  should_fail+0xb/0x20
[   58.009365][ T5438]  should_fail_usercopy+0x1a/0x20
[   58.009385][ T5438]  _copy_from_user+0x1c/0xb0
[   58.009408][ T5438]  ___sys_sendmsg+0xc1/0x1d0
[   58.009445][ T5438]  __x64_sys_sendmsg+0xd4/0x160
[   58.009529][ T5438]  x64_sys_call+0x17ba/0x3000
[   58.009553][ T5438]  do_syscall_64+0xd8/0x2a0
[   58.009639][ T5438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.009662][ T5438] RIP: 0033:0x7fe007b7f749
[   58.009679][ T5438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.009749][ T5438] RSP: 002b:00007fe0065df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   58.009769][ T5438] RAX: ffffffffffffffda RBX: 00007fe007dd5fa0 RCX: 00007fe007b7f749
[   58.009785][ T5438] RDX: 0000000000040010 RSI: 0000200000000240 RDI: 0000000000000005
[   58.009798][ T5438] RBP: 00007fe0065df090 R08: 0000000000000000 R09: 0000000000000000
[   58.009827][ T5438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.009902][ T5438] R13: 00007fe007dd6038 R14: 00007fe007dd5fa0 R15: 00007ffda5a3b008
[   58.009921][ T5438]  </TASK>
[   58.189588][   T29] audit: type=1326 audit(1764882737.560:6011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5371 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd362ef749 code=0x7ffc0000
[   58.212975][   T29] audit: type=1326 audit(1764882737.570:6013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5371 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd362ef749 code=0x7ffc0000
[   58.236247][   T29] audit: type=1326 audit(1764882737.580:6014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5371 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd362ef749 code=0x7ffc0000
[   58.259530][   T29] audit: type=1326 audit(1764882737.580:6015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5371 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd362ef749 code=0x7ffc0000
[   58.382589][ T5448] __nla_validate_parse: 12 callbacks suppressed
[   58.382638][ T5448] netlink: 4 bytes leftover after parsing attributes in process `syz.3.587'.
[   58.397427][ T5449] netlink: 'syz.1.582': attribute type 29 has an invalid length.
[   58.439053][ T5442] 9pnet: Could not find request transport: 

[   58.460295][ T5457] siw: device registration error -23
[   58.470221][ T5457] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[   58.476739][ T5457] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   58.484883][ T5457] vhci_hcd vhci_hcd.0: Device attached
[   58.496540][ T5442] netlink: 24 bytes leftover after parsing attributes in process `syz.1.582'.
[   58.537315][ T5458] vhci_hcd: connection closed
[   58.537427][ T1660] vhci_hcd: stop threads
[   58.546518][ T1660] vhci_hcd: release socket
[   58.550976][ T1660] vhci_hcd: disconnect device
[   58.675089][ T5480] netlink: 'syz.1.598': attribute type 4 has an invalid length.
[   58.684335][ T5471] netlink: 256 bytes leftover after parsing attributes in process `syz.3.595'.
[   58.697589][ T5480] netlink: 'syz.1.598': attribute type 4 has an invalid length.
[   58.753498][ T5471] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.820113][ T5471] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.595: lblock 23 mapped to illegal pblock 18 (length 1)
[   58.848754][ T5492] infiniband syz0: set active
[   58.853449][ T5492] infiniband syz0: added bond_slave_0
[   58.864920][ T5492] RDS/IB: syz0: added
[   58.869485][ T5492] smc: adding ib device syz0 with port count 1
[   58.876178][ T5492] smc:    ib device syz0 port 1 has no pnetid
[   58.906380][ T5496] set_capacity_and_notify: 8 callbacks suppressed
[   58.906397][ T5496] loop3: detected capacity change from 0 to 512
[   58.990169][ T5497] loop4: detected capacity change from 0 to 2048
[   59.053015][ T5497] EXT4-fs (loop4): failed to initialize system zone (-117)
[   59.075229][ T5496] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.123103][ T5497] EXT4-fs (loop4): mount failed
[   59.214430][ T5496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.603'.
[   59.223388][ T5496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.603'.
[   59.254415][ T5509] netlink: 'syz.2.605': attribute type 29 has an invalid length.
[   59.397140][ T5507] 9pnet: Could not find request transport: 

[   59.503399][ T5537] siw: device registration error -23
[   59.550853][ T5540] loop4: detected capacity change from 0 to 512
[   59.562946][ T5540] EXT4-fs (loop4): fragment/cluster size (4096) != block size (2048)
[   59.586913][ T5543] netlink: 8 bytes leftover after parsing attributes in process `syz.0.614'.
[   59.645104][ T5548] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.656971][ T5548] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   59.703028][ T5551] 9pnet: Could not find request transport: 

[   59.728710][ T5551] netlink: 'syz.0.619': attribute type 29 has an invalid length.
[   59.737691][ T5556] netlink: 256 bytes leftover after parsing attributes in process `syz.3.622'.
[   59.765076][ T5556] loop3: detected capacity change from 0 to 512
[   59.799669][ T5556] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.800660][ T5569] netdevsim netdevsim2: Firmware load for './cgroup/../file0' refused, path contains '..' component
[   59.849842][ T5556] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.622: lblock 23 mapped to illegal pblock 18 (length 1)
[   59.875057][ T5570] lo speed is unknown, defaulting to 1000
[   60.132845][ T5590] netlink: 4 bytes leftover after parsing attributes in process `syz.1.628'.
[   60.386044][ T5650] netlink: 'syz.4.634': attribute type 4 has an invalid length.
[   60.405918][ T5650] netlink: 'syz.4.634': attribute type 4 has an invalid length.
[   60.677048][ T5689] netlink: 8 bytes leftover after parsing attributes in process `syz.2.638'.
[   60.855267][ T5699] loop2: detected capacity change from 0 to 2048
[   60.928659][ T5699]  loop2: p2 < > p3 < p5 > p4
[   60.933371][ T5699] loop2: partition table partially beyond EOD, truncated
[   60.946885][ T5699] loop2: p2 start 4278190080 is beyond EOD, truncated
[   61.019297][ T5699] loop2: p4 size 8192 extends beyond EOD, truncated
[   61.027779][ T5699] loop2: p5 size 8192 extends beyond EOD, truncated
[   61.042178][ T5699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.055003][ T5699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   61.305482][ T5763] loop4: detected capacity change from 0 to 2048
[   61.314909][ T5765] sctp: [Deprecated]: syz.3.647 (pid 5765) Use of int in max_burst socket option.
[   61.314909][ T5765] Use struct sctp_assoc_value instead
[   61.332644][ T5763] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.392979][ T5772] loop3: detected capacity change from 0 to 512
[   61.416736][ T5773] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.646: bg 0: block 345: padding at end of block bitmap is not set
[   61.432108][ T5772] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.444933][ T5773] EXT4-fs (loop4): Remounting filesystem read-only
[   61.452708][   T12] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   61.455301][ T5772] netlink: 28 bytes leftover after parsing attributes in process `syz.3.650'.
[   61.623309][ T5792] loop3: detected capacity change from 0 to 512
[   61.630276][ T5792] EXT4-fs (loop3): fragment/cluster size (4096) != block size (2048)
[   61.654559][ T5795] netlink: 'syz.3.656': attribute type 4 has an invalid length.
[   61.674635][   T36] lo speed is unknown, defaulting to 1000
[   61.680568][   T36] syz2: Port: 1 Link DOWN
[   61.693177][ T5795] netlink: 'syz.3.656': attribute type 4 has an invalid length.
[   61.705184][   T36] lo speed is unknown, defaulting to 1000
[   61.710937][   T36] syz2: Port: 1 Link ACTIVE
[   61.972605][ T5812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.985998][ T5814] loop0: detected capacity change from 0 to 512
[   61.992690][ T5812] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.002102][ T5814] EXT4-fs: Ignoring removed bh option
[   62.091111][ T5814] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   62.224859][   T36] IPVS: starting estimator thread 0...
[   62.324982][ T5827] bridge0: port 3(batadv0) entered blocking state
[   62.331517][ T5827] bridge0: port 3(batadv0) entered disabled state
[   62.365014][ T5825] IPVS: using max 2400 ests per chain, 120000 per kthread
[   62.442827][ T5827] batadv0: entered allmulticast mode
[   62.449658][ T5827] batadv0: entered promiscuous mode
[   62.455649][ T5829] netdevsim netdevsim1: Firmware load for './cgroup/../file0' refused, path contains '..' component
[   62.485959][ T5833] loop0: detected capacity change from 0 to 2048
[   62.538752][ T5833]  loop0: p2 < > p3 < p5 > p4
[   62.543526][ T5833] loop0: partition table partially beyond EOD, truncated
[   62.551358][ T5833] loop0: p2 start 4278190080 is beyond EOD, truncated
[   62.561174][ T5833] loop0: p4 size 8192 extends beyond EOD, truncated
[   62.568250][ T5833] loop0: p5 size 8192 extends beyond EOD, truncated
[   62.645871][ T5844] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   62.652402][ T5844] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   62.660925][ T5844] vhci_hcd vhci_hcd.0: Device attached
[   62.684663][ T5833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.693360][ T5845] vhci_hcd: connection closed
[   62.695352][ T1660] vhci_hcd: stop threads
[   62.704379][ T1660] vhci_hcd: release socket
[   62.708853][ T1660] vhci_hcd: disconnect device
[   62.742215][ T5833] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.758319][   T29] kauditd_printk_skb: 775 callbacks suppressed
[   62.758335][   T29] audit: type=1400 audit(1764882742.540:6789): avc:  denied  { block_suspend } for  pid=5841 comm="syz.1.672" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   62.807065][   T29] audit: type=1400 audit(1764882742.600:6790): avc:  denied  { write } for  pid=5834 comm="syz.4.670" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   62.829890][   T41] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   62.839127][   T41] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   62.995757][ T5859] FAULT_INJECTION: forcing a failure.
[   62.995757][ T5859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.008863][ T5859] CPU: 1 UID: 0 PID: 5859 Comm: syz.2.677 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.008888][ T5859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   63.008962][ T5859] Call Trace:
[   63.008969][ T5859]  <TASK>
[   63.009021][ T5859]  __dump_stack+0x1d/0x30
[   63.009047][ T5859]  dump_stack_lvl+0xe8/0x140
[   63.009095][ T5859]  dump_stack+0x15/0x1b
[   63.009116][ T5859]  should_fail_ex+0x265/0x280
[   63.009153][ T5859]  should_fail+0xb/0x20
[   63.009279][ T5859]  should_fail_usercopy+0x1a/0x20
[   63.009320][ T5859]  strncpy_from_user+0x27/0x260
[   63.009348][ T5859]  ? kmem_cache_alloc_noprof+0x23f/0x4a0
[   63.009385][ T5859]  getname_flags+0xae/0x3b0
[   63.009472][ T5859]  do_sys_openat2+0x60/0x150
[   63.009495][ T5859]  __x64_sys_openat+0xf2/0x120
[   63.009550][ T5859]  x64_sys_call+0x2b07/0x3000
[   63.009572][ T5859]  do_syscall_64+0xd8/0x2a0
[   63.009682][ T5859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.009706][ T5859] RIP: 0033:0x7f1b74bff749
[   63.009722][ T5859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.009801][ T5859] RSP: 002b:00007f1b73667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   63.009819][ T5859] RAX: ffffffffffffffda RBX: 00007f1b74e55fa0 RCX: 00007f1b74bff749
[   63.009830][ T5859] RDX: 0000000000088003 RSI: 0000200000001180 RDI: ffffffffffffff9c
[   63.009842][ T5859] RBP: 00007f1b73667090 R08: 0000000000000000 R09: 0000000000000000
[   63.009853][ T5859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.009907][ T5859] R13: 00007f1b74e56038 R14: 00007f1b74e55fa0 R15: 00007ffe73bab1c8
[   63.009925][ T5859]  </TASK>
[   63.025027][ T5863] netlink: 'syz.4.679': attribute type 4 has an invalid length.
[   63.090737][ T5866] netlink: 'syz.4.679': attribute type 4 has an invalid length.
[   63.161853][ T5868] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.232665][ T5878] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.241590][ T5878] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.256074][   T29] audit: type=1326 audit(1764882743.050:6791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5864 comm="syz.2.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   63.282672][ T5865] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.680: lblock 23 mapped to illegal pblock 18 (length 1)
[   63.297153][   T29] audit: type=1326 audit(1764882743.080:6792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5864 comm="syz.2.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b74bfdf90 code=0x7ffc0000
[   63.320545][   T29] audit: type=1326 audit(1764882743.080:6793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5864 comm="syz.2.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b74bfdf90 code=0x7ffc0000
[   63.344000][   T29] audit: type=1326 audit(1764882743.080:6794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5864 comm="syz.2.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   63.367436][   T29] audit: type=1326 audit(1764882743.080:6795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5864 comm="syz.2.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   63.390708][   T29] audit: type=1326 audit(1764882743.080:6796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5864 comm="syz.2.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   63.414149][   T29] audit: type=1326 audit(1764882743.080:6797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5864 comm="syz.2.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   63.437508][   T29] audit: type=1326 audit(1764882743.080:6798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5864 comm="syz.2.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   63.459178][ T5883] syz_tun: entered allmulticast mode
[   63.470731][ T5882] syz_tun: left allmulticast mode
[   63.490039][ T5885] siw: device registration error -23
[   63.548269][ T5893] random: crng reseeded on system resumption
[   63.639760][ T5901] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.715878][ T5905] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.691: bg 0: block 345: padding at end of block bitmap is not set
[   63.730318][ T5905] EXT4-fs (loop2): Remounting filesystem read-only
[   63.736872][   T31] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   63.789015][ T5908] FAULT_INJECTION: forcing a failure.
[   63.789015][ T5908] name failslab, interval 1, probability 0, space 0, times 0
[   63.801773][ T5908] CPU: 1 UID: 0 PID: 5908 Comm: syz.3.692 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.801798][ T5908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   63.801811][ T5908] Call Trace:
[   63.801817][ T5908]  <TASK>
[   63.801825][ T5908]  __dump_stack+0x1d/0x30
[   63.801918][ T5908]  dump_stack_lvl+0xe8/0x140
[   63.802016][ T5908]  dump_stack+0x15/0x1b
[   63.802033][ T5908]  should_fail_ex+0x265/0x280
[   63.802067][ T5908]  should_failslab+0x8c/0xb0
[   63.802149][ T5908]  kmem_cache_alloc_noprof+0x50/0x4a0
[   63.802232][ T5908]  ? getname_flags+0x80/0x3b0
[   63.802252][ T5908]  getname_flags+0x80/0x3b0
[   63.802317][ T5908]  user_path_at+0x28/0x130
[   63.802363][ T5908]  __se_sys_mount+0x25b/0x2e0
[   63.802581][ T5908]  ? fput+0x8f/0xc0
[   63.802603][ T5908]  __x64_sys_mount+0x67/0x80
[   63.802639][ T5908]  x64_sys_call+0x2cca/0x3000
[   63.802707][ T5908]  do_syscall_64+0xd8/0x2a0
[   63.802736][ T5908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.802819][ T5908] RIP: 0033:0x7efd362ef749
[   63.802833][ T5908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.802979][ T5908] RSP: 002b:00007efd34d4f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   63.803001][ T5908] RAX: ffffffffffffffda RBX: 00007efd36545fa0 RCX: 00007efd362ef749
[   63.803016][ T5908] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   63.803030][ T5908] RBP: 00007efd34d4f090 R08: 0000000000000000 R09: 0000000000000000
[   63.803044][ T5908] R10: 0000000000001001 R11: 0000000000000246 R12: 0000000000000001
[   63.803058][ T5908] R13: 00007efd36546038 R14: 00007efd36545fa0 R15: 00007ffd9bb76be8
[   63.803077][ T5908]  </TASK>
[   63.820596][ T5904] lo speed is unknown, defaulting to 1000
[   64.066133][ T5920] set_capacity_and_notify: 3 callbacks suppressed
[   64.066149][ T5920] loop2: detected capacity change from 0 to 512
[   64.091376][ T5920] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.110525][ T5920] __nla_validate_parse: 4 callbacks suppressed
[   64.110548][ T5920] netlink: 28 bytes leftover after parsing attributes in process `syz.2.697'.
[   64.125838][ T5920] netlink: 28 bytes leftover after parsing attributes in process `syz.2.697'.
[   64.157328][ T5934] netlink: 8 bytes leftover after parsing attributes in process `syz.3.703'.
[   64.201130][ T5939] ieee802154 phy0 wpan0: encryption failed: -22
[   64.209963][ T5939] loop3: detected capacity change from 0 to 512
[   64.216517][ T5939] ext4: Unknown parameter 'audit'
[   64.223257][ T5939] netlink: 'syz.3.704': attribute type 21 has an invalid length.
[   64.232493][ T5939] netlink: 132 bytes leftover after parsing attributes in process `syz.3.704'.
[   64.273683][ T5943] loop3: detected capacity change from 0 to 128
[   64.376239][ T5946] netlink: 20 bytes leftover after parsing attributes in process `syz.3.706'.
[   64.525872][ T5950] netlink: 256 bytes leftover after parsing attributes in process `syz.3.707'.
[   64.543360][ T5950] loop3: detected capacity change from 0 to 512
[   64.560466][ T5950] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.580668][ T5950] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.707: lblock 23 mapped to illegal pblock 18 (length 1)
[   64.694007][ T5968] siw: device registration error -23
[   64.815175][ T5979] netlink: 8 bytes leftover after parsing attributes in process `syz.1.717'.
[   64.934823][ T5988] 9pnet: Could not find request transport: 

[   64.955345][ T5988] netlink: 'syz.1.720': attribute type 29 has an invalid length.
[   65.102835][ T6009] siw: device registration error -23
[   65.142895][ T6017] netlink: 8 bytes leftover after parsing attributes in process `syz.1.729'.
[   65.172969][ T6019] netlink: 14 bytes leftover after parsing attributes in process `syz.1.730'.
[   65.182429][ T6019] hsr_slave_0: left promiscuous mode
[   65.188136][ T6019] hsr_slave_1: left promiscuous mode
[   65.267920][ T6025] netlink: 28 bytes leftover after parsing attributes in process `syz.1.732'.
[   65.602622][ T6035] loop3: detected capacity change from 0 to 512
[   65.620885][ T6035] EXT4-fs mount: 106 callbacks suppressed
[   65.620898][ T6035] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.639342][ T6035] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.655627][ T6035] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.736: lblock 23 mapped to illegal pblock 18 (length 1)
[   65.701433][ T6050] 9pnet: Could not find request transport: 

[   65.719146][ T6053] FAULT_INJECTION: forcing a failure.
[   65.719146][ T6053] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   65.719558][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.732247][ T6053] CPU: 1 UID: 0 PID: 6053 Comm: syz.0.739 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.732275][ T6053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   65.732288][ T6053] Call Trace:
[   65.732295][ T6053]  <TASK>
[   65.732303][ T6053]  __dump_stack+0x1d/0x30
[   65.732400][ T6053]  dump_stack_lvl+0xe8/0x140
[   65.732423][ T6053]  dump_stack+0x15/0x1b
[   65.732466][ T6053]  should_fail_ex+0x265/0x280
[   65.732559][ T6053]  should_fail+0xb/0x20
[   65.732588][ T6053]  should_fail_usercopy+0x1a/0x20
[   65.732608][ T6053]  _copy_to_user+0x20/0xa0
[   65.732631][ T6053]  simple_read_from_buffer+0xb5/0x130
[   65.732714][ T6053]  proc_fail_nth_read+0x10e/0x150
[   65.732739][ T6053]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   65.732763][ T6053]  vfs_read+0x1a8/0x770
[   65.732856][ T6053]  ? __rcu_read_unlock+0x4f/0x70
[   65.732877][ T6053]  ? __fget_files+0x184/0x1c0
[   65.732896][ T6053]  ? mutex_lock+0x58/0x90
[   65.732935][ T6053]  ksys_read+0xda/0x1a0
[   65.733026][ T6053]  __x64_sys_read+0x40/0x50
[   65.733055][ T6053]  x64_sys_call+0x2889/0x3000
[   65.733080][ T6053]  do_syscall_64+0xd8/0x2a0
[   65.733110][ T6053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.733159][ T6053] RIP: 0033:0x7f3cf1ade15c
[   65.733175][ T6053] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   65.733192][ T6053] RSP: 002b:00007f3cf0547030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   65.733212][ T6053] RAX: ffffffffffffffda RBX: 00007f3cf1d35fa0 RCX: 00007f3cf1ade15c
[   65.733225][ T6053] RDX: 000000000000000f RSI: 00007f3cf05470a0 RDI: 0000000000000004
[   65.733238][ T6053] RBP: 00007f3cf0547090 R08: 0000000000000000 R09: 0000000000000000
[   65.733251][ T6053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.733264][ T6053] R13: 00007f3cf1d36038 R14: 00007f3cf1d35fa0 R15: 00007fff059759b8
[   65.733324][ T6053]  </TASK>
[   65.807551][ T6050] netlink: 'syz.4.726': attribute type 29 has an invalid length.
[   65.827241][ T6059] netlink: 'syz.0.742': attribute type 4 has an invalid length.
[   65.887609][ T6061] netlink: 'syz.0.742': attribute type 4 has an invalid length.
[   66.027386][ T6067] loop3: detected capacity change from 0 to 2048
[   66.079223][ T6067]  loop3: p2 < > p3 < p5 > p4
[   66.083948][ T6067] loop3: partition table partially beyond EOD, truncated
[   66.091324][ T6067] loop3: p2 start 4278190080 is beyond EOD, truncated
[   66.118834][ T6067] loop3: p4 size 8192 extends beyond EOD, truncated
[   66.168783][ T6067] loop3: p5 size 8192 extends beyond EOD, truncated
[   66.196328][ T6067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   66.222607][ T6067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   66.254764][ T6081] 9pnet: Could not find request transport: 

[   66.277179][ T6086] loop4: detected capacity change from 0 to 512
[   66.303492][ T6081] netlink: 'syz.1.748': attribute type 29 has an invalid length.
[   66.315229][ T6086] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.335660][ T6086] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.372706][ T6083] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #2: block 18: comm syz.4.749: lblock 23 mapped to illegal pblock 18 (length 1)
[   66.439023][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.681303][ T6110] loop4: detected capacity change from 0 to 512
[   66.688007][ T6110] ext4: Unknown parameter 'fowner'
[   66.706133][ T6110] loop4: detected capacity change from 0 to 512
[   66.718972][ T6110] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[   66.730789][ T6114] loop2: detected capacity change from 0 to 512
[   66.737450][ T6110] EXT4-fs (loop4): 1 truncate cleaned up
[   66.743784][ T6110] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.759601][ T6110] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   66.760054][ T6115] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.780506][ T6115] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.790300][ T6114] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.803966][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.813882][ T6114] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.856486][ T6120] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.759: bg 0: block 345: padding at end of block bitmap is not set
[   66.870897][ T6120] EXT4-fs (loop0): Remounting filesystem read-only
[   66.877448][  T839] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   66.923877][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.956677][ T6132] siw: device registration error -23
[   66.977131][ T6134] netlink: 'syz.4.766': attribute type 4 has an invalid length.
[   66.989221][ T6134] netlink: 'syz.4.766': attribute type 4 has an invalid length.
[   67.102660][ T6136] 9pnet: Could not find request transport: 

[   67.111350][ T6136] netlink: 'syz.1.755': attribute type 29 has an invalid length.
[   67.134094][ T6147] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.143045][ T6147] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.381380][ T6151] netlink: 'syz.1.770': attribute type 4 has an invalid length.
[   67.397033][ T6151] netlink: 'syz.1.770': attribute type 4 has an invalid length.
[   67.800859][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.890701][ T6157] FAULT_INJECTION: forcing a failure.
[   67.890701][ T6157] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.903815][ T6157] CPU: 1 UID: 0 PID: 6157 Comm: syz.4.772 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.903894][ T6157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   67.903906][ T6157] Call Trace:
[   67.903912][ T6157]  <TASK>
[   67.903918][ T6157]  __dump_stack+0x1d/0x30
[   67.903941][ T6157]  dump_stack_lvl+0xe8/0x140
[   67.903966][ T6157]  dump_stack+0x15/0x1b
[   67.904021][ T6157]  should_fail_ex+0x265/0x280
[   67.904088][ T6157]  should_fail+0xb/0x20
[   67.904120][ T6157]  should_fail_usercopy+0x1a/0x20
[   67.904140][ T6157]  _copy_from_user+0x1c/0xb0
[   67.904164][ T6157]  memdup_user+0x5e/0xd0
[   67.904201][ T6157]  strndup_user+0x68/0xb0
[   67.904280][ T6157]  keyctl_restrict_keyring+0x15a/0x1b0
[   67.904312][ T6157]  __se_sys_keyctl+0x1ed/0xb80
[   67.904398][ T6157]  ? __x64_sys_keyctl+0x52/0x80
[   67.904423][ T6157]  ? kcsan_setup_watchpoint+0x415/0x430
[   67.904457][ T6157]  __x64_sys_keyctl+0x67/0x80
[   67.904498][ T6157]  x64_sys_call+0x27b8/0x3000
[   67.904522][ T6157]  do_syscall_64+0xd8/0x2a0
[   67.904608][ T6157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.904632][ T6157] RIP: 0033:0x7fe007b7f749
[   67.904646][ T6157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.904662][ T6157] RSP: 002b:00007fe0065df038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[   67.904679][ T6157] RAX: ffffffffffffffda RBX: 00007fe007dd5fa0 RCX: 00007fe007b7f749
[   67.904745][ T6157] RDX: 0000200000000240 RSI: 000000003f4086c4 RDI: 000000000000001d
[   67.904826][ T6157] RBP: 00007fe0065df090 R08: 0000000000000000 R09: 0000000000000000
[   67.904840][ T6157] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[   67.904854][ T6157] R13: 00007fe007dd6038 R14: 00007fe007dd5fa0 R15: 00007ffda5a3b008
[   67.904891][ T6157]  </TASK>
[   68.169294][ T6163] EXT4-fs: Ignoring removed nobh option
[   68.175270][ T6163] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   68.185320][ T6163] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   68.185732][ T6161] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.195442][ T6163] EXT4-fs error (device loop0): ext4_get_journal_inode:5849: comm syz.0.773: inode #4294967295: comm syz.0.773: iget: illegal inode #
[   68.215203][ T6161] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.233728][ T6163] EXT4-fs (loop0): no journal found
[   68.239057][ T6163] EXT4-fs (loop0): can't get journal size
[   68.286617][ T6163] EXT4-fs (loop0): failed to initialize system zone (-22)
[   68.301256][ T6163] EXT4-fs (loop0): mount failed
[   68.304956][ T6172] siw: device registration error -23
[   68.322317][ T6174] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.774: bg 0: block 345: padding at end of block bitmap is not set
[   68.340194][ T6163] netlink: 'syz.0.773': attribute type 13 has an invalid length.
[   68.358004][ T6174] EXT4-fs (loop4): Remounting filesystem read-only
[   68.388613][   T41] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   68.418593][ T6163] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.425775][ T6163] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.433884][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.482579][   T29] kauditd_printk_skb: 795 callbacks suppressed
[   68.482595][   T29] audit: type=1400 audit(1764882748.280:7594): avc:  denied  { bind } for  pid=6183 comm="syz.1.780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   68.508129][   T29] audit: type=1400 audit(1764882748.280:7595): avc:  denied  { name_bind } for  pid=6183 comm="syz.1.780" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   68.529815][   T29] audit: type=1400 audit(1764882748.280:7596): avc:  denied  { node_bind } for  pid=6183 comm="syz.1.780" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[   68.636657][  T276] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   68.645979][  T276] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   68.671561][  T276] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   68.701933][  T276] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   68.770992][ T6194] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.788004][ T6194] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.829968][ T6198] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.842702][ T6198] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.856293][ T6200] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.868924][   T29] audit: type=1326 audit(1764882748.650:7597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe007b7f749 code=0x7ffc0000
[   68.872854][ T6198] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #2: block 18: comm syz.4.784: lblock 23 mapped to illegal pblock 18 (length 1)
[   68.892303][   T29] audit: type=1326 audit(1764882748.650:7598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe007b7df90 code=0x7ffc0000
[   68.929672][   T29] audit: type=1326 audit(1764882748.650:7599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe007b7df90 code=0x7ffc0000
[   68.952978][   T29] audit: type=1326 audit(1764882748.650:7600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe007b7f749 code=0x7ffc0000
[   68.976367][   T29] audit: type=1326 audit(1764882748.650:7601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7fe007b7f749 code=0x7ffc0000
[   68.976727][ T6200] ext4 filesystem being mounted at /187/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.999671][   T29] audit: type=1326 audit(1764882748.650:7602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe007b7f749 code=0x7ffc0000
[   69.033341][   T29] audit: type=1326 audit(1764882748.650:7603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6197 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe007b7f749 code=0x7ffc0000
[   69.078086][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.103453][ T6222] pim6reg: entered allmulticast mode
[   69.111277][ T6222] pim6reg: left allmulticast mode
[   69.142270][ T6224] SELinux: failed to load policy
[   69.154327][ T6200] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.785: lblock 23 mapped to illegal pblock 18 (length 1)
[   69.172409][ T6227] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   69.195872][ T6222] gretap1: entered promiscuous mode
[   69.213310][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.321642][ T6240] __nla_validate_parse: 17 callbacks suppressed
[   69.321658][ T6240] netlink: 28 bytes leftover after parsing attributes in process `syz.4.795'.
[   69.337243][ T6240] netlink: 28 bytes leftover after parsing attributes in process `syz.4.795'.
[   69.349286][ T6240] pim6reg: entered allmulticast mode
[   69.355002][ T6240] pim6reg: left allmulticast mode
[   69.402606][ T6240] gretap1: entered promiscuous mode
[   69.508170][ T6244] 9pnet: Could not find request transport: 

[   69.548966][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.563846][ T6251] netlink: 28 bytes leftover after parsing attributes in process `syz.4.800'.
[   69.585101][ T6255] netlink: 8 bytes leftover after parsing attributes in process `syz.0.799'.
[   69.800718][ T6279] set_capacity_and_notify: 6 callbacks suppressed
[   69.800860][ T6279] loop4: detected capacity change from 0 to 512
[   69.830217][ T6279] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.842827][ T6279] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.861261][ T6279] netlink: 28 bytes leftover after parsing attributes in process `syz.4.810'.
[   69.870160][ T6279] netlink: 28 bytes leftover after parsing attributes in process `syz.4.810'.
[   69.914585][ T6287] FAULT_INJECTION: forcing a failure.
[   69.914585][ T6287] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.927789][ T6287] CPU: 0 UID: 0 PID: 6287 Comm: syz.0.811 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.927818][ T6287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   69.927830][ T6287] Call Trace:
[   69.927835][ T6287]  <TASK>
[   69.927842][ T6287]  __dump_stack+0x1d/0x30
[   69.927912][ T6287]  dump_stack_lvl+0xe8/0x140
[   69.927936][ T6287]  dump_stack+0x15/0x1b
[   69.927956][ T6287]  should_fail_ex+0x265/0x280
[   69.927991][ T6287]  should_fail+0xb/0x20
[   69.928039][ T6287]  should_fail_usercopy+0x1a/0x20
[   69.928192][ T6287]  strncpy_from_user+0x27/0x260
[   69.928223][ T6287]  path_setxattrat+0xeb/0x310
[   69.928317][ T6287]  __x64_sys_setxattr+0x6e/0x90
[   69.928456][ T6287]  x64_sys_call+0xf1e/0x3000
[   69.928496][ T6287]  do_syscall_64+0xd8/0x2a0
[   69.928529][ T6287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.928633][ T6287] RIP: 0033:0x7f3cf1adf749
[   69.928648][ T6287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.928665][ T6287] RSP: 002b:00007f3cf0547038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   69.928715][ T6287] RAX: ffffffffffffffda RBX: 00007f3cf1d35fa0 RCX: 00007f3cf1adf749
[   69.928727][ T6287] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000000
[   69.928738][ T6287] RBP: 00007f3cf0547090 R08: 0000000000000000 R09: 0000000000000000
[   69.928750][ T6287] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000001
[   69.928762][ T6287] R13: 00007f3cf1d36038 R14: 00007f3cf1d35fa0 R15: 00007fff059759b8
[   69.928827][ T6287]  </TASK>
[   70.185302][ T6296] netlink: 28 bytes leftover after parsing attributes in process `syz.3.814'.
[   70.191426][ T6297] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   70.213152][ T6297] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   70.252942][ T6300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=36641 sclass=netlink_route_socket pid=6300 comm=+}[@
[   70.265650][ T6300] netlink: 48 bytes leftover after parsing attributes in process `+}[@'.
[   70.297509][ T6309] netlink: 4 bytes leftover after parsing attributes in process `syz.1.821'.
[   70.443269][ T6317] 8021q: adding VLAN 0 to HW filter on device bond1
[   70.549952][ T6330] 9pnet: Could not find request transport: 

[   70.581918][ T6341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.832'.
[   70.617158][ T6345] 9pnet: Could not find request transport: r
[   70.715021][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.015854][ T6390] loop2: detected capacity change from 0 to 512
[   71.050881][ T6390] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.082063][ T6381] 9pnet: Could not find request transport: r
[   71.085596][ T6390] ext4 filesystem being mounted at /201/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.104387][ T6396] loop3: detected capacity change from 0 to 1024
[   71.166798][ T6396] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   71.202105][ T6402] loop4: detected capacity change from 0 to 2048
[   71.210526][ T6396] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.253951][ T6402] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.298629][ T6402] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.368524][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   71.405771][ T6418] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.858: bg 0: block 345: padding at end of block bitmap is not set
[   71.427629][ T6352] 9pnet: Could not find request transport: r
[   71.434000][ T6418] EXT4-fs (loop4): Remounting filesystem read-only
[   71.465732][ T6424] loop0: detected capacity change from 0 to 512
[   71.472720][ T1460] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   71.503823][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.519871][ T6424] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.543494][ T6424] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.576727][ T6416] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #2: block 18: comm syz.0.863: lblock 23 mapped to illegal pblock 18 (length 1)
[   71.600103][ T6434] 9pnet: Could not find request transport: 

[   71.642026][ T6441] loop3: detected capacity change from 0 to 2048
[   71.652235][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.665745][ T6441] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.679067][ T6441] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.705243][ T6443] loop4: detected capacity change from 0 to 512
[   71.735152][ T6443] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.754136][ T6462] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.869: bg 0: block 345: padding at end of block bitmap is not set
[   71.763720][ T6443] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.784130][ T6465] siw: device registration error -23
[   71.799460][ T6462] EXT4-fs (loop3): Remounting filesystem read-only
[   71.806202][   T52] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   71.806500][ T6443] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #2: block 18: comm syz.4.870: lblock 23 mapped to illegal pblock 18 (length 1)
[   71.834559][ T6466] FAULT_INJECTION: forcing a failure.
[   71.834559][ T6466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.847759][ T6466] CPU: 0 UID: 0 PID: 6466 Comm: syz.0.876 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.847840][ T6466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   71.847853][ T6466] Call Trace:
[   71.847860][ T6466]  <TASK>
[   71.847910][ T6466]  __dump_stack+0x1d/0x30
[   71.847936][ T6466]  dump_stack_lvl+0xe8/0x140
[   71.847960][ T6466]  dump_stack+0x15/0x1b
[   71.847995][ T6466]  should_fail_ex+0x265/0x280
[   71.848032][ T6466]  should_fail+0xb/0x20
[   71.848116][ T6466]  should_fail_usercopy+0x1a/0x20
[   71.848138][ T6466]  _copy_to_user+0x20/0xa0
[   71.848163][ T6466]  simple_read_from_buffer+0xb5/0x130
[   71.848274][ T6466]  proc_fail_nth_read+0x10e/0x150
[   71.848302][ T6466]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   71.848342][ T6466]  vfs_read+0x1a8/0x770
[   71.848455][ T6466]  ? __rcu_read_unlock+0x4f/0x70
[   71.848479][ T6466]  ? __fget_files+0x184/0x1c0
[   71.848500][ T6466]  ? mutex_lock+0x58/0x90
[   71.848524][ T6466]  ksys_read+0xda/0x1a0
[   71.848634][ T6466]  __x64_sys_read+0x40/0x50
[   71.848666][ T6466]  x64_sys_call+0x2889/0x3000
[   71.848692][ T6466]  do_syscall_64+0xd8/0x2a0
[   71.848842][ T6466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.848866][ T6466] RIP: 0033:0x7f3cf1ade15c
[   71.848883][ T6466] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   71.848904][ T6466] RSP: 002b:00007f3cf0547030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   71.848925][ T6466] RAX: ffffffffffffffda RBX: 00007f3cf1d35fa0 RCX: 00007f3cf1ade15c
[   71.848951][ T6466] RDX: 000000000000000f RSI: 00007f3cf05470a0 RDI: 0000000000000005
[   71.848965][ T6466] RBP: 00007f3cf0547090 R08: 0000000000000000 R09: 0000000000000000
[   71.848979][ T6466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.848992][ T6466] R13: 00007f3cf1d36038 R14: 00007f3cf1d35fa0 R15: 00007fff059759b8
[   71.849014][ T6466]  </TASK>
[   72.104951][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.127206][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.182553][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.217214][ T6472] 9pnet: Could not find request transport: 

[   72.304982][ T6479] loop3: detected capacity change from 0 to 512
[   72.323657][ T6497] siw: device registration error -23
[   72.340786][ T6479] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.342301][ T6501] loop2: detected capacity change from 0 to 512
[   72.362241][ T6500] loop4: detected capacity change from 0 to 2048
[   72.371838][ T6479] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.385233][ T6501] ext4: Unknown parameter 'fowner'
[   72.396707][ T6479] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.882: lblock 23 mapped to illegal pblock 18 (length 1)
[   72.419515][ T6500] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.420673][ T6511] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.444091][ T6511] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.444308][ T6500] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.496342][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.529434][ T6517] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.546675][   T31] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 345: padding at end of block bitmap is not set
[   72.551344][ T6517] ext4 filesystem being mounted at /206/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.565791][   T31] EXT4-fs (loop4): Remounting filesystem read-only
[   72.594555][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.653014][ T6528] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.893: bg 0: block 345: padding at end of block bitmap is not set
[   72.667936][ T6528] EXT4-fs (loop2): Remounting filesystem read-only
[   72.677410][  T276] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   72.711705][ T6535] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.724408][ T6535] ext4 filesystem being mounted at /177/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.752934][ T6527] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #2: block 18: comm syz.4.895: lblock 23 mapped to illegal pblock 18 (length 1)
[   72.767767][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.783190][ T6534] 9pnet: Could not find request transport: 

[   72.817480][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.879571][ T6551] ext4: Unknown parameter 'fowner'
[   72.908853][ T6551] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[   72.920478][ T6551] EXT4-fs (loop2): 1 truncate cleaned up
[   72.929637][ T6551] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.950019][ T6551] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[   72.981113][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.997121][ T6556] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.020059][ T6556] ext4 filesystem being mounted at /181/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.035638][ T6556] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.905: lblock 23 mapped to illegal pblock 18 (length 1)
[   73.103099][ T6576] 9pnet: Could not find request transport: 

[   73.179745][ T6586] siw: device registration error -23
[   73.206871][ T6588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   73.219611][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.230217][ T6588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   73.272106][ T6600] ext4: Unknown parameter 'fowner'
[   73.282630][ T6600] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[   73.291255][ T6600] EXT4-fs (loop2): 1 truncate cleaned up
[   73.297480][ T6600] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.313060][ T6600] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[   73.330644][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.340898][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.411178][ T6605] 9pnet: Could not find request transport: 

[   73.420500][ T6609] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.438977][ T6609] ext4 filesystem being mounted at /183/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.459971][ T6616] 9pnet_fd: Insufficient options for proto=fd
[   73.468809][ T6616] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   73.483926][ T6618] siw: device registration error -23
[   73.501752][ T6616] ext4 filesystem being mounted at /216/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   73.542584][ T6623] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.925: bg 0: block 345: padding at end of block bitmap is not set
[   73.557351][ T6623] EXT4-fs (loop3): Remounting filesystem read-only
[   73.564023][   T31] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   73.578025][   T29] kauditd_printk_skb: 1123 callbacks suppressed
[   73.578096][   T29] audit: type=1400 audit(1764882753.380:8727): avc:  denied  { setattr } for  pid=6615 comm="syz.2.927" path="/216/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   73.648536][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.669758][ T6624] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.683909][ T6624] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.710423][   T29] audit: type=1326 audit(1764882753.510:8728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6620 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   73.734646][   T29] audit: type=1326 audit(1764882753.530:8729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6620 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3cf1addf90 code=0x7ffc0000
[   73.736634][ T6624] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #2: block 18: comm syz.0.929: lblock 23 mapped to illegal pblock 18 (length 1)
[   73.758089][   T29] audit: type=1326 audit(1764882753.530:8730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6620 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3cf1addf90 code=0x7ffc0000
[   73.758227][   T29] audit: type=1326 audit(1764882753.530:8731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6620 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   73.818866][   T29] audit: type=1326 audit(1764882753.530:8732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6620 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   73.842096][   T29] audit: type=1326 audit(1764882753.530:8733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6620 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   73.865449][   T29] audit: type=1326 audit(1764882753.530:8734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6620 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   73.888767][   T29] audit: type=1326 audit(1764882753.530:8735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6620 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   73.912144][   T29] audit: type=1326 audit(1764882753.530:8736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6620 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   73.936838][ T3315] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   73.976717][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.053106][ T6653] siw: device registration error -23
[   74.133135][ T6670] EXT4-fs: Ignoring removed mblk_io_submit option
[   74.139662][ T6667] EXT4-fs: Mount option(s) incompatible with ext2
[   74.157730][ T6670] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   74.166679][ T6670] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   74.192104][ T6670] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.947: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   74.234451][ T6670] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.947: couldn't read orphan inode 11 (err -117)
[   74.246809][ T6670] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.304012][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.318953][ T6707] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[   74.325477][ T6707] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   74.333703][ T6707] vhci_hcd vhci_hcd.0: Device attached
[   74.353031][ T6708] vhci_hcd: connection closed
[   74.353224][  T839] vhci_hcd: stop threads
[   74.356255][ T6685] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.357931][  T839] vhci_hcd: release socket
[   74.362516][ T6685] ext4 filesystem being mounted at /187/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.374750][  T839] vhci_hcd: disconnect device
[   74.414762][ T6685] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.950: lblock 23 mapped to illegal pblock 18 (length 1)
[   74.460307][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.511586][ T6725] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.520218][ T6725] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   74.530701][ T6720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.543215][ T6720] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.613859][ T6730] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.960: bg 0: block 345: padding at end of block bitmap is not set
[   74.628199][ T6730] EXT4-fs (loop3): Remounting filesystem read-only
[   74.635086][  T839] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   74.691877][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.704703][ T6736] __nla_validate_parse: 27 callbacks suppressed
[   74.704718][ T6736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.966'.
[   74.830368][ T6746] netlink: 256 bytes leftover after parsing attributes in process `syz.3.971'.
[   74.844099][ T6746] set_capacity_and_notify: 15 callbacks suppressed
[   74.844165][ T6746] loop3: detected capacity change from 0 to 512
[   74.870480][ T6746] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.885152][ T6746] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.896700][ T6754] loop4: detected capacity change from 0 to 1024
[   74.903424][ T6754] EXT4-fs: test_dummy_encryption option not supported
[   74.927106][ T6746] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.971: lblock 23 mapped to illegal pblock 18 (length 1)
[   74.970773][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.989637][ T6764] validate_nla: 2 callbacks suppressed
[   74.989653][ T6764] netlink: 'syz.3.975': attribute type 16 has an invalid length.
[   75.003047][ T6764] netlink: 156 bytes leftover after parsing attributes in process `syz.3.975'.
[   75.031767][ T6767] loop3: detected capacity change from 0 to 1024
[   75.038747][ T6767] EXT4-fs: Ignoring removed oldalloc option
[   75.044834][ T6767] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.069800][ T6767] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.146940][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.164939][ T6777] siw: device registration error -23
[   75.307794][ T6793] loop2: detected capacity change from 0 to 512
[   75.314288][ T6791] 9pnet: Could not find request transport: 

[   75.330116][ T6793] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[   75.341150][ T6793] EXT4-fs (loop2): 1 truncate cleaned up
[   75.350455][ T6793] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[   75.383357][ T6801] loop4: detected capacity change from 0 to 1024
[   75.390113][ T6801] EXT4-fs: test_dummy_encryption option not supported
[   75.418186][ T6803] loop3: detected capacity change from 0 to 1024
[   75.424941][ T6803] EXT4-fs: Ignoring removed oldalloc option
[   75.431062][ T6803] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.450616][ T6805] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.461189][ T6805] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.525621][ T6813] loop3: detected capacity change from 0 to 2048
[   75.540240][ T6813] ext4 filesystem being mounted at /198/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.610514][ T6816] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.992: bg 0: block 345: padding at end of block bitmap is not set
[   75.625436][ T6816] EXT4-fs (loop3): Remounting filesystem read-only
[   75.632189][ T1460] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   75.819037][ T6830] 9pnet: Could not find request transport: 

[   75.874269][ T6835] netlink: 24 bytes leftover after parsing attributes in process `syz.0.999'.
[   75.886235][ T6835] loop0: detected capacity change from 0 to 512
[   75.903284][ T6835] EXT4-fs (loop0): too many log groups per flexible block group
[   75.911327][ T6835] EXT4-fs (loop0): failed to initialize mballoc (-12)
[   75.918195][ T6835] EXT4-fs (loop0): mount failed
[   75.966468][ T6848] loop0: detected capacity change from 0 to 512
[   75.973464][ T6848] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   75.985718][ T6848] EXT4-fs (loop0): 1 truncate cleaned up
[   75.996405][ T6851] loop3: detected capacity change from 0 to 1024
[   76.003649][ T6851] EXT4-fs: test_dummy_encryption option not supported
[   76.050573][ T6855] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.150802][ T6865] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1005: bg 0: block 345: padding at end of block bitmap is not set
[   76.165863][ T6865] EXT4-fs (loop0): Remounting filesystem read-only
[   76.172718][  T276] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   76.234137][ T6868] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.254244][ T6868] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1009'.
[   76.263326][ T6868] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1009'.
[   76.290648][ T6872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1010'.
[   76.331138][ T6875] 9pnet: Could not find request transport: 

[   76.348983][ T6875] netlink: 'syz.4.996': attribute type 29 has an invalid length.
[   76.360624][ T6875] netlink: 24 bytes leftover after parsing attributes in process `syz.4.996'.
[   76.567440][ T6899] EXT4-fs: test_dummy_encryption option not supported
[   76.712946][ T6888] bio_check_eod: 8 callbacks suppressed
[   76.712963][ T6888] syz.3.1015: attempt to access beyond end of device
[   76.712963][ T6888] loop3: rw=2049, sector=145, nr_sectors = 8 limit=128
[   76.739520][ T6888] syz.3.1015: attempt to access beyond end of device
[   76.739520][ T6888] loop3: rw=2049, sector=161, nr_sectors = 8 limit=128
[   76.753290][ T6888] syz.3.1015: attempt to access beyond end of device
[   76.753290][ T6888] loop3: rw=2049, sector=177, nr_sectors = 8 limit=128
[   76.768034][ T6888] syz.3.1015: attempt to access beyond end of device
[   76.768034][ T6888] loop3: rw=2049, sector=193, nr_sectors = 8 limit=128
[   76.784788][ T6888] syz.3.1015: attempt to access beyond end of device
[   76.784788][ T6888] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[   76.798855][ T6888] syz.3.1015: attempt to access beyond end of device
[   76.798855][ T6888] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[   76.813406][ T6888] syz.3.1015: attempt to access beyond end of device
[   76.813406][ T6888] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[   76.831363][ T6888] syz.3.1015: attempt to access beyond end of device
[   76.831363][ T6888] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[   76.845226][ T6888] syz.3.1015: attempt to access beyond end of device
[   76.845226][ T6888] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128
[   76.859379][ T6888] syz.3.1015: attempt to access beyond end of device
[   76.859379][ T6888] loop3: rw=2049, sector=289, nr_sectors = 8 limit=128
[   76.957023][ T6914] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[   76.967749][ T6914] EXT4-fs (loop3): 1 truncate cleaned up
[   77.002520][ T6914] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   77.122886][ T6932] EXT4-fs: test_dummy_encryption option not supported
[   77.144041][ T6937] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[   77.150627][ T6937] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   77.158761][ T6937] vhci_hcd vhci_hcd.0: Device attached
[   77.165564][ T6929] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1033'.
[   77.186163][ T6938] vhci_hcd: connection closed
[   77.186923][  T276] vhci_hcd: stop threads
[   77.195971][  T276] vhci_hcd: release socket
[   77.200422][  T276] vhci_hcd: disconnect device
[   77.209759][ T6929] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.241070][ T6929] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #2: block 18: comm syz.0.1033: lblock 23 mapped to illegal pblock 18 (length 1)
[   77.326929][ T6950] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1037'.
[   77.337050][ T6950] batadv0 (unregistering): left allmulticast mode
[   77.343534][ T6950] batadv0 (unregistering): left promiscuous mode
[   77.349967][ T6950] bridge0: port 3(batadv0) entered disabled state
[   77.529378][ T6962] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.537900][ T6962] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   78.068621][ T6998]  loop4: p2 < > p3 < p5 > p4
[   78.073414][ T6998] loop4: partition table partially beyond EOD, truncated
[   78.080818][ T6998] loop4: p2 start 4278190080 is beyond EOD, truncated
[   78.088637][ T6998] loop4: p4 size 8192 extends beyond EOD, truncated
[   78.090769][ T7000] netlink: 'syz.0.1057': attribute type 16 has an invalid length.
[   78.095820][ T6998] loop4: p5 size 8192 extends beyond EOD, truncated
[   78.115982][ T6998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   78.124568][ T6998] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   78.157504][ T7006] netlink: 'syz.0.1060': attribute type 4 has an invalid length.
[   78.166259][ T7006] netlink: 'syz.0.1060': attribute type 4 has an invalid length.
[   78.273353][ T7009] 9pnet: Could not find request transport: 

[   78.313131][ T7009] netlink: 'syz.2.1046': attribute type 29 has an invalid length.
[   78.690868][ T7020] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   78.756942][ T7020] EXT4-fs (loop3): 1 truncate cleaned up
[   78.998750][ T7033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   79.007331][ T7033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   79.041599][ T7037] netlink: 'syz.3.1071': attribute type 16 has an invalid length.
[   79.052992][   T29] kauditd_printk_skb: 1247 callbacks suppressed
[   79.053007][   T29] audit: type=1400 audit(1764882758.860:9984): avc:  denied  { mounton } for  pid=7038 comm="syz.0.1072" path="/file0" dev="rootfs" ino=13719 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   79.092821][   T29] audit: type=1400 audit(1764882758.860:9985): avc:  denied  { mounton } for  pid=7038 comm="syz.0.1072" path="/file0/file0" dev="rootfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   79.115548][   T29] audit: type=1400 audit(1764882758.860:9986): avc:  denied  { unmount } for  pid=7038 comm="syz.0.1072" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1
[   79.212113][   T29] audit: type=1326 audit(1764882759.010:9987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7054 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   79.236267][   T29] audit: type=1326 audit(1764882759.010:9988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7054 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   79.259794][   T29] audit: type=1326 audit(1764882759.010:9989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7054 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3cf1addf90 code=0x7ffc0000
[   79.283260][   T29] audit: type=1326 audit(1764882759.010:9990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7054 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3cf1addf90 code=0x7ffc0000
[   79.306704][   T29] audit: type=1326 audit(1764882759.010:9991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7054 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   79.330152][   T29] audit: type=1326 audit(1764882759.010:9992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7054 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   79.353659][   T29] audit: type=1326 audit(1764882759.010:9993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7054 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   79.945892][ T7103] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   79.955217][ T7103] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.061986][ T7118] __nla_validate_parse: 3 callbacks suppressed
[   80.062003][ T7118] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1104'.
[   80.085211][ T7118] set_capacity_and_notify: 10 callbacks suppressed
[   80.085228][ T7118] loop3: detected capacity change from 0 to 512
[   80.111952][ T7118] ext4 filesystem being mounted at /218/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.127345][ T7118] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.1104: lblock 23 mapped to illegal pblock 18 (length 1)
[   80.236975][ T7141] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1112'.
[   80.624241][ T7169] loop2: detected capacity change from 0 to 128
[   80.726450][ T7170] 9pnet: Could not find request transport: 

[   80.779403][ T7170] netlink: 'syz.1.1103': attribute type 29 has an invalid length.
[   80.817643][ T7170] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1103'.
[   80.871266][ T7178] loop3: detected capacity change from 0 to 1024
[   80.878071][ T7178] EXT4-fs: test_dummy_encryption option not supported
[   80.892419][ T7180] netlink: 'syz.2.1127': attribute type 16 has an invalid length.
[   80.900461][ T7180] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1127'.
[   80.981911][ T7183] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[   80.988507][ T7183] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   80.996712][ T7183] vhci_hcd vhci_hcd.0: Device attached
[   81.027467][ T7185] vhci_hcd: connection closed
[   81.027645][   T52] vhci_hcd: stop threads
[   81.036642][   T52] vhci_hcd: release socket
[   81.041095][   T52] vhci_hcd: disconnect device
[   81.150711][ T7198] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   81.159352][ T7198] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.230727][ T7207] netlink: 'syz.1.1138': attribute type 4 has an invalid length.
[   81.248567][ T7207] netlink: 'syz.1.1138': attribute type 4 has an invalid length.
[   81.446774][ T7212] loop3: detected capacity change from 0 to 2048
[   81.500395][ T7212] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.599542][ T7218] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1140: bg 0: block 345: padding at end of block bitmap is not set
[   81.645484][ T7218] EXT4-fs (loop3): Remounting filesystem read-only
[   81.652468][   T52] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   82.043901][ T7239] netlink: 'syz.2.1150': attribute type 16 has an invalid length.
[   82.051773][ T7239] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1150'.
[   82.192605][ T7250] loop4: detected capacity change from 0 to 128
[   82.252788][ T7256] siw: device registration error -23
[   82.295748][ T7269] bio_check_eod: 438 callbacks suppressed
[   82.295764][ T7269] syz.4.1153: attempt to access beyond end of device
[   82.295764][ T7269] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[   82.302845][ T7264] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1161'.
[   82.328838][ T7271] netlink: 'syz.3.1164': attribute type 4 has an invalid length.
[   82.348432][ T7269] syz.4.1153: attempt to access beyond end of device
[   82.348432][ T7269] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[   82.372783][ T4005] lo speed is unknown, defaulting to 1000
[   82.378556][ T4005] syz2: Port: 1 Link DOWN
[   82.390013][ T7271] netlink: 'syz.3.1164': attribute type 4 has an invalid length.
[   82.390865][ T7269] syz.4.1153: attempt to access beyond end of device
[   82.390865][ T7269] loop4: rw=2049, sector=177, nr_sectors = 8 limit=128
[   82.414448][ T4005] lo speed is unknown, defaulting to 1000
[   82.420244][ T4005] syz2: Port: 1 Link ACTIVE
[   82.491465][ T7269] syz.4.1153: attempt to access beyond end of device
[   82.491465][ T7269] loop4: rw=2049, sector=193, nr_sectors = 8 limit=128
[   82.542432][ T7281] 9pnet: Could not find request transport: 

[   82.549364][ T7269] syz.4.1153: attempt to access beyond end of device
[   82.549364][ T7269] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[   82.560390][ T7281] netlink: 'syz.0.1170': attribute type 29 has an invalid length.
[   82.583321][ T7269] syz.4.1153: attempt to access beyond end of device
[   82.583321][ T7269] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[   82.667522][ T7269] syz.4.1153: attempt to access beyond end of device
[   82.667522][ T7269] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[   82.682130][ T7269] syz.4.1153: attempt to access beyond end of device
[   82.682130][ T7269] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[   82.697287][ T7269] syz.4.1153: attempt to access beyond end of device
[   82.697287][ T7269] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[   82.778029][ T7269] syz.4.1153: attempt to access beyond end of device
[   82.778029][ T7269] loop4: rw=2049, sector=289, nr_sectors = 8 limit=128
[   83.015873][ T7294] netlink: 'syz.1.1173': attribute type 21 has an invalid length.
[   83.101721][ T7294] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1173'.
[   83.216520][ T7306] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1178'.
[   83.239675][ T7310] loop4: detected capacity change from 0 to 512
[   83.246568][ T7310] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   83.291919][ T7310] EXT4-fs (loop4): 1 truncate cleaned up
[   83.341908][ T7321] siw: device registration error -23
[   83.401565][ T7323] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1184'.
[   83.464235][ T7323] loop4: detected capacity change from 0 to 512
[   83.490351][ T7323] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.525651][ T7323] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #2: block 18: comm syz.4.1184: lblock 23 mapped to illegal pblock 18 (length 1)
[   83.666529][ T7348] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1193'.
[   84.012841][ T7386] loop3: detected capacity change from 0 to 1024
[   84.071319][ T7386] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.100451][ T7391] netlink: 'syz.1.1207': attribute type 4 has an invalid length.
[   84.248484][ T7386] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: comm syz.3.1203: lblock 0 mapped to illegal pblock 0 (length 1)
[   84.270883][ T7386] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[   84.283209][ T7386] EXT4-fs (loop3): This should not happen!! Data will be lost
[   84.283209][ T7386] 
[   84.548362][   T29] kauditd_printk_skb: 585 callbacks suppressed
[   84.548380][   T29] audit: type=1326 audit(1764882764.320:10579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7404 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   84.578046][   T29] audit: type=1326 audit(1764882764.330:10580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7404 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b74bfdf90 code=0x7ffc0000
[   84.601539][   T29] audit: type=1326 audit(1764882764.330:10581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7404 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b74bfdf90 code=0x7ffc0000
[   84.625059][   T29] audit: type=1326 audit(1764882764.330:10582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7404 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   84.648635][   T29] audit: type=1326 audit(1764882764.330:10583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7404 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   84.672227][   T29] audit: type=1326 audit(1764882764.330:10584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7404 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   84.695694][   T29] audit: type=1326 audit(1764882764.330:10585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7404 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   84.719196][   T29] audit: type=1326 audit(1764882764.330:10586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7404 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b74bff749 code=0x7ffc0000
[   84.917145][   T29] audit: type=1326 audit(1764882764.710:10587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.0.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   84.940672][   T29] audit: type=1326 audit(1764882764.710:10588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7412 comm="syz.0.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cf1adf749 code=0x7ffc0000
[   85.089957][ T7424] syz_tun: entered allmulticast mode
[   85.108897][ T7423] syz_tun: left allmulticast mode
[   85.120954][ T7422] __nla_validate_parse: 2 callbacks suppressed
[   85.120970][ T7422] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1219'.
[   85.163189][ T7427] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1221'.
[   85.222505][ T7434] loop4: detected capacity change from 0 to 128
[   85.591289][ T7455] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1233'.
[   85.606960][ T7451] loop3: detected capacity change from 0 to 512
[   85.633574][ T7453] loop4: detected capacity change from 0 to 2048
[   85.643176][ T7459] siw: device registration error -23
[   85.649343][ T7451] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   85.678267][ T7451] EXT4-fs (loop3): 1 truncate cleaned up
[   85.697087][ T7453] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.711262][ T7453] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.720028][ T7453] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.742418][ T7457] 9pnet: Could not find request transport: 

[   85.902331][ T7475] loop3: detected capacity change from 0 to 128
[   86.038362][    C0] ==================================================================
[   86.046471][    C0] BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick
[   86.053685][    C0] 
[   86.055993][    C0] read-write to 0xffff888101217cb8 of 8 bytes by interrupt on cpu 1:
[   86.064049][    C0]  wq_worker_tick+0x60/0x230
[   86.068647][    C0]  sched_tick+0xd7/0x220
[   86.072902][    C0]  update_process_times+0x15f/0x190
[   86.078120][    C0]  tick_nohz_handler+0x276/0x3d0
[   86.083052][    C0]  __hrtimer_run_queues+0x20f/0x5a0
[   86.088255][    C0]  hrtimer_interrupt+0x21a/0x460
[   86.093190][    C0]  __sysvec_apic_timer_interrupt+0x5f/0x1d0
[   86.099075][    C0]  sysvec_apic_timer_interrupt+0x6f/0x80
[   86.104712][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   86.110694][    C0]  kcsan_setup_watchpoint+0x415/0x430
[   86.116061][    C0]  __account_obj_stock+0x2c/0x350
[   86.121097][    C0]  refill_obj_stock+0x202/0x2e0
[   86.125956][    C0]  __memcg_slab_free_hook+0x1b3/0x230
[   86.131325][    C0]  kfree+0x2b9/0x3c0
[   86.135225][    C0]  io_put_bl+0xfe/0x160
[   86.139373][    C0]  io_destroy_buffers+0xc7/0x170
[   86.144293][    C0]  io_ring_ctx_free+0x82/0x3d0
[   86.149047][    C0]  io_ring_exit_work+0x4ef/0x520
[   86.153973][    C0]  process_scheduled_works+0x4ce/0x9d0
[   86.159418][    C0]  worker_thread+0x582/0x770
[   86.163996][    C0]  kthread+0x489/0x510
[   86.168056][    C0]  ret_from_fork+0x149/0x290
[   86.172634][    C0]  ret_from_fork_asm+0x1a/0x30
[   86.177384][    C0] 
[   86.179687][    C0] read-write to 0xffff888101217cb8 of 8 bytes by interrupt on cpu 0:
[   86.187732][    C0]  wq_worker_tick+0x60/0x230
[   86.192318][    C0]  sched_tick+0xd7/0x220
[   86.196552][    C0]  update_process_times+0x15f/0x190
[   86.201744][    C0]  tick_nohz_handler+0x276/0x3d0
[   86.206668][    C0]  __hrtimer_run_queues+0x20f/0x5a0
[   86.211851][    C0]  hrtimer_interrupt+0x21a/0x460
[   86.216773][    C0]  __sysvec_apic_timer_interrupt+0x5f/0x1d0
[   86.222652][    C0]  sysvec_apic_timer_interrupt+0x6f/0x80
[   86.228272][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   86.234241][    C0]  __tsan_read4+0xbe/0x190
[   86.238653][    C0]  refill_obj_stock+0x211/0x2e0
[   86.243492][    C0]  __memcg_slab_free_hook+0x1b3/0x230
[   86.248854][    C0]  kmem_cache_free+0x284/0x3a0
[   86.253602][    C0]  __io_req_caches_free+0xfe/0x210
[   86.258703][    C0]  io_req_caches_free+0x1f/0x60
[   86.263543][    C0]  io_ring_exit_work+0x23b/0x520
[   86.268469][    C0]  process_scheduled_works+0x4ce/0x9d0
[   86.273918][    C0]  worker_thread+0x582/0x770
[   86.278498][    C0]  kthread+0x489/0x510
[   86.282558][    C0]  ret_from_fork+0x149/0x290
[   86.287136][    C0]  ret_from_fork_asm+0x1a/0x30
[   86.291889][    C0] 
[   86.294194][    C0] value changed: 0x00000000000f1b30 -> 0x00000000000f4240
[   86.301285][    C0] 
[   86.303588][    C0] Reported by Kernel Concurrency Sanitizer on:
[   86.309716][    C0] CPU: 0 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.319416][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   86.329454][    C0] Workqueue: iou_exit io_ring_exit_work
[   86.334996][    C0] ==================================================================
[   86.372508][ T7487] loop3: detected capacity change from 0 to 2048
[   86.386388][ T7483] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1244'.
[   86.395484][ T7483] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1244'.
[   86.421743][ T7487] ext4 filesystem being mounted at /238/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.492515][ T7490] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1245: bg 0: block 345: padding at end of block bitmap is not set
[   86.507348][ T7490] EXT4-fs (loop3): Remounting filesystem read-only
[   86.515123][   T53] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30