last executing test programs:

28.647354655s ago: executing program 1 (id=5064):
socket(0x840000000002, 0x3, 0xff)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")

28.283310275s ago: executing program 1 (id=5076):
memfd_secret(0x80000)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0xfffe, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local, {[@noop, @generic={0x88, 0x2}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x38, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x4}, {"c516"}}}}}}, 0x0)

28.234550769s ago: executing program 1 (id=5078):
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x119)
r0 = inotify_init()
lstat(&(0x7f0000001080)='\x00', 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000802, 0x0, &(0x7f0000001140)={0x9, 0x80000001, 0x8, 0x9, 0xf958, 0xa51e, 0xf, 0x2, 0x4})
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
fspick(r2, &(0x7f00000011c0)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xb, &(0x7f0000001200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
memfd_create(&(0x7f00000010c0)='*)\x00', 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00'}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0xd}}, [@TCA_RATE={0x6}]}, 0x2c}}, 0x0)

28.211612651s ago: executing program 1 (id=5080):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x400, &(0x7f0000000840)={[{@jqfmt_vfsold}, {@init_itable_val={'init_itable', 0x3d, 0x9c}}, {}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x1, 0x4ed, &(0x7f00000002c0)="$eJzs3d9rXFkdAPDvncw0SZt1surDuuBadCVdtDPJxt0NPqwRRJ8WrPXFpxiTSQiZZEJm0jahSIp/gCD+Qp988kXwWQTpnyBCQd9FRCna1gcf1JE7c6fNppNkQjOZNPl84PSe+/N7vmnuyZx7L3MDuLCuRsRsRAxFxFsRUcyW57ISu+2Sbvf40d2FtCTRHL75jySSbFnnWEk2vZLtNhIR3/haxHeS5+PWt3dW56vVymY2X26sbZTr2zvXV9bmlyvLlfXZ6al3Z96beWdm8sRyff8rf/3x93/51fd/9/nbf577+7Xvps0ay9btzaMXuz1u10690PpZdOQjYvM4wc6woSyfwqAbAgBAT9LP+B+NiE9HxJOfDbo1AAAAQD80vzQW/0kimgAAAMC5lWs9A5vkStmzAGORy5VK7Wd4Px6Xc9VavfG5pdrW+mL7WdnxKOSWVqqVyexZ4fEoJOn8VKv+bP7tffPTEfFqRPywONqaLy3UqouDvvgBAAAAF8SVfeP/fxXb438AAADgnBkfdAMAAACAvjP+BwAAgPPvwPF/kn/6giwAAADgpfX1Dz5IS7Pz/uvFW9tbq7Vb1xcr9dXS2tZCaaG2uVFartWWW9/Zt3bU8aq12sYXYn3rTrlRqTfK9e2dubXa1npjrvVe77lKs3gqaQEAAAB7vPqp+39KImL3i6OtkrqUrSscvftsf1sH9FPueJsn/WoHcPqGBt0AYGDyg24AMDA9jPGBc+6Igf2P9s0f87IBAABwFkx84oXu/7sfCC8xA3m4uNz/h4vL/X+4uNz/hwtu+OhNRg5a8fsTbgsAANA3Y62S5ErZvcCxyOVKpYhXWq8FKCRLK9XKZER8JCL+WCwMp/NTg240AAAAAAAAAAAAAAAAAAAAAAAAALxkms0kmgAAAMC5FpH7W5K9yH+i+ObY/usDl5J/F1vTiLj985s/uTPfaGxOpcv/+XR546fZ8rc7S1LfOuUrGQAAAEBHZ5zeGccDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEl6/OjuQqecZtyHX46I8W7x8zHSmo78phgRl58kkd+zXxIRQycQf/deRLzWLX6SNivGs1bsj5+LiNEBx79yAvHhIruf9j+z6flX2Hf+5eJqa9r9/Mtn5UU9vHpQ/5fr9H+tfq5b//fK4Yce6VRef/Dr8oHx70W8nu/e/7QPkG/Fei7+pd5z/PY3d3YOWtf8RcTEEX9/0vjlxtpGub69c31lbX65slxZn56eenfmvZl3ZibLSyvVSvZv1xg/+ORv/3dY/pe7xm/3v+mPsWv+EfFmj/n/98GdRx87JP61z3T//3/tkPjp78Rns78D6fqJTn23Xd/rjV/94Y3D8l88IP+RI/K/1mP+b9343l963BQAOAX17Z3V+Wq1stmXymjfjqySVmrrZ6IZKme3ciM70Y+9+4A7JgAA4MQ9+9C/f80xbvAAAAAAAAAAAAAAAAAAAAAAL6TvX0I2/OFvFhgZXKoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIf6fwAAAP//QCfSvg==")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)

27.664046555s ago: executing program 1 (id=5099):
r0 = io_uring_setup(0x5b42, &(0x7f0000000640)={0x0, 0xfffffffe, 0x800, 0x103fc, 0x159})
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x3}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb57ae0fffc5a2a630b00c145", 0x18, 0xffffffffffffffff)
sendmsg$rds(r1, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000010000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000028837b49c0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000fc0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000bf9f04912c6947757e98661b3c4e2c78f07936e42a9031f42a6e3135ace6cc54017db4ee8899ec8d6178de64ffb9618d03b05d144dc44fa2c65e19fc9261043a571ae0b10bc5cd46a48343c30a175c86a41f787209760ef90448af6f62ed7003d0405e85b2df03075165ea9ab8e529f0cf4491a908fd16acdd0cd3cae9241377eb7f45307a029bb7a80b86792a00ff52357a264cd2c0e06a8c1cf3bc63c80967b3f6c60a6f3ecb2536f60316", @ANYRESDEC=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000ec0)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000b8555d36a40d948382603407986d3294d7b7f73501bae22d437e09aa3e18962b8ba4add959263be7adf934ada336cd36e47e6c65ad03883234722dc98bf340aec7cfa4741580845a875009e89b2d5f6ce38f55aacb1c1930c924c31ef8e9d4fa4f905c46f538052d82837ac7d405bb692e8b2a9a397eac703fa5dfd380f69db3d735727f222b5934a8f53aa935eec4fc6d3e9abe0107c92ab5f795"], 0x50)

27.573577022s ago: executing program 1 (id=5104):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xb3ad}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000840)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x12, &(0x7f0000000040)=0x80000040, 0x4)
r4 = accept(r3, &(0x7f0000000140)=@caif=@dbg, &(0x7f0000000240)=0x80)
setsockopt$inet_mreqn(r4, 0x0, 0x15, &(0x7f0000000200)={@broadcast, @private=0xa010102}, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000700000000000a00000a70000000060a0b0400000000000000000200000244000480400001800b00010074617267657400003000028008000240000000010d000100434f4e4e4d41524b0000000014000300e4624777db9d97adbf2cd16d6fb1131f0900020073797a32000000000900010073797a300000000014000000110001"], 0x98}}, 0x0)
close(0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48094}, 0x240400c0)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x12, 0x14, 0x63, 0x0, 0xf, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0xf}, @local}}}}}, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
getpgid(0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f000034e000/0x4000)=nil, 0x4000, 0x1000008, 0x4010, 0xffffffffffffffff, 0x86f0f000)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000000100))
r7 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
read$qrtrtun(r7, 0x0, 0xeffd)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

27.546410264s ago: executing program 32 (id=5104):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xb3ad}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000840)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x12, &(0x7f0000000040)=0x80000040, 0x4)
r4 = accept(r3, &(0x7f0000000140)=@caif=@dbg, &(0x7f0000000240)=0x80)
setsockopt$inet_mreqn(r4, 0x0, 0x15, &(0x7f0000000200)={@broadcast, @private=0xa010102}, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000700000000000a00000a70000000060a0b0400000000000000000200000244000480400001800b00010074617267657400003000028008000240000000010d000100434f4e4e4d41524b0000000014000300e4624777db9d97adbf2cd16d6fb1131f0900020073797a32000000000900010073797a300000000014000000110001"], 0x98}}, 0x0)
close(0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48094}, 0x240400c0)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x12, 0x14, 0x63, 0x0, 0xf, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0xf}, @local}}}}}, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
getpgid(0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f000034e000/0x4000)=nil, 0x4000, 0x1000008, 0x4010, 0xffffffffffffffff, 0x86f0f000)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000000100))
r7 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
read$qrtrtun(r7, 0x0, 0xeffd)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

3.783195355s ago: executing program 4 (id=5526):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x10}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x38, 0x2c, 0xd27, 0x30b529, 0x25dfdc00, {0x0, 0x0, 0x0, r5, {0x0, 0x4}, {}, {0xfff2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)

3.710808692s ago: executing program 4 (id=5531):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{0x0, 0x2c}], 0x1}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

3.444254063s ago: executing program 4 (id=5536):
openat$selinux_policy(0xffffff9c, &(0x7f00000003c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="503070b606000000000000000000000000000000accd0bb93b3b4cd361ffe4b4", @ANYRES32=r1, @ANYBLOB="0000000000620000300012800b00010065727370616e00002000028004001200060010004e23000006000f00ef210000060011004e230000"], 0x50}, 0x1, 0x0, 0x0, 0x100}, 0x4000000)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r2}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x3]}, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18)
tkill(r5, 0x7)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
r8 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r4, &(0x7f0000000180)={0x2000101c})
epoll_pwait(r8, &(0x7f00000000c0)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), 0x0}, 0x20)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), r9)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000dc0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x7d)

3.1063733s ago: executing program 4 (id=5540):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
set_robust_list(&(0x7f0000000640)={0x0, 0x6, &(0x7f0000000480)}, 0x18)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180040008003950"], 0x15)
getresuid(&(0x7f0000000180), &(0x7f0000000300), 0x0)
pipe2(&(0x7f0000001cc0), 0x800)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x80)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000b80)=ANY=[@ANYRESDEC, @ANYRES32=0x0, @ANYBLOB="024dbb00c1494e33667df83442c89a1ae323e0a30d18af975af659764ab7d343951309a2f9b8627984d9b59b180a2a9a97c8c7a5586bf1a0a3d845f6f2b5bce60fe70dafd3c5072fcf6d7edbf60eb01333999fab103557102b2071531b6ed232347af52947928397f238badf6a2db52ad1477cf3e53abe8796110f5c234610ac0c13dc57ed198292a1e581b55a1d2bbd6eaeba8a02311ae12cc9df25e3481616746ee537e9bcc7f1e4468dae05", @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB, @ANYRES64, @ANYRESOCT, @ANYBLOB="020003", @ANYRES8, @ANYBLOB="02000200", @ANYRESDEC, @ANYBLOB, @ANYBLOB], 0x94, 0x1)
mount$tmpfs(0x0, 0x0, &(0x7f0000000280), 0x1, &(0x7f00000005c0)={[{@inode32}, {@size={'size', 0x3d, [0x6b, 0x6b, 0x35]}}, {@size={'size', 0x3d, [0x6b, 0x74, 0x38, 0x0, 0x2d]}}], [{@euid_gt}, {@uid_eq={'uid', 0x3d, r2}}]})
r4 = dup(r1)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES8=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DREG={0x8}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x4}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x8c}}, 0x0)
r7 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
bind$bt_hci(r7, &(0x7f00000002c0)={0x27}, 0x6)

3.076031803s ago: executing program 4 (id=5541):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
set_robust_list(&(0x7f0000000640)={0x0, 0x6, &(0x7f0000000480)}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
getresuid(&(0x7f0000000180), &(0x7f0000000300), &(0x7f0000000340)=<r1=>0x0)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff}, 0x800)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x14)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000fffffffffffffff000000000"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000580)=@proc={0x10, 0x0, 0x25dfdbfd, 0x4000}, 0xc, 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYRESDEC, @ANYRES32=r5, @ANYRES32=<r6=>0xffffffffffffffff, @ANYBLOB="00000000000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="516d769c39dc2c3beda68a7e0afa19727afbdfa00c63a2251758449e0760c35cd4c4ed2fd8ed391d29402c3fa567122c2ce16dbd4d1970dab6f5ee387d779328d1d173c17bff5e8aa859ba8e43209c1d8a8e604cdbd7aa9280d237d0089b336ed5051fe758b774335dc0335902988557c2d19aa01fe333cf0da3f97d633f11699179594360e1687d90e51fa8b50429088550e65460b7a726d4216fc15c534829a08a433a21f6630341fd41cd501479b97aef3515c4aee62f93ca36d08ab236a96d5f54ceec6b50df09a8d1863c45c68330fd781ff3d3bcccf345a2565432affb43de98c5f0389ea26ba7", @ANYRESOCT, @ANYRES32=<r7=>0xffffffffffffffff, @ANYRES16, @ANYRESOCT=r0, @ANYRES16=r2], 0x50, 0x24040094}, 0x80)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000b80)=ANY=[@ANYRES32=0x0, @ANYBLOB="024dbb00c1494e33667df83442c89a1ae323e0a30d18af975af659764ab7d343951309a2f9b8627984d9b59b180a2a9a97c8c7a5586bf1a0a3d845f6f2b5bce60fe70dafd3c5072fcf6d7edbf60eb01333999fab103557102b2071531b6ed232347af52947928397f238badf6a2db52ad1477cf3e53abe8796110f5c234610ac0c13dc57ed198292a1e581b55a1d2bbd6eaeba8a02311ae12cc9df25e3481616746ee537e9bcc7f1e4468dae05", @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB, @ANYRES64, @ANYRESOCT=r1, @ANYBLOB="02000300", @ANYRES8, @ANYBLOB="02000200", @ANYRESDEC=r6, @ANYRES8=r4, @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda7576c2a151378b66492", @ANYRESDEC=r7, @ANYRESDEC, @ANYRES64, @ANYBLOB="00000800000000000000aa8f3fa177eab6b2334f0df8", @ANYRES32=0xee00], 0x94, 0x1)
mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), 0x1, &(0x7f00000005c0)={[{@inode32}, {@size={'size', 0x3d, [0x6b, 0x6b, 0x35]}}, {@size={'size', 0x3d, [0x6b, 0x74, 0x38, 0x0, 0x2d]}}], [{@euid_gt}, {@uid_eq={'uid', 0x3d, r3}}]})
r8 = dup(r0)
write$RDMA_USER_CM_CMD_SET_OPTION(r8, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
bind$bt_hci(r9, &(0x7f00000002c0)={0x27}, 0x6)

2.97723116s ago: executing program 4 (id=5544):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000000091041e000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
pipe2(&(0x7f0000001cc0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

2.010663558s ago: executing program 0 (id=5559):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
set_robust_list(&(0x7f0000000640)={0x0, 0x6, &(0x7f0000000480)}, 0x18)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
getresuid(&(0x7f0000000180), &(0x7f0000000300), &(0x7f0000000340)=<r2=>0x0)
pipe2(&(0x7f0000001cc0)={<r3=>0xffffffffffffffff}, 0x800)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000fffffffffffffff000000000"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000580)=@proc={0x10, 0x0, 0x25dfdbfd, 0x4000}, 0xc, 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYRESDEC, @ANYRES32, @ANYRES32=<r6=>0xffffffffffffffff, @ANYBLOB="00000000000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="516d769c39dc2c3beda68a7e0afa19727afbdfa00c63a2251758449e0760c35cd4c4ed2fd8ed391d29402c3fa567122c2ce16dbd4d1970dab6f5ee387d779328d1d173c17bff5e8aa859ba8e43209c1d8a8e604cdbd7aa9280d237d0089b336ed5051fe758b774335dc0335902988557c2d19aa01fe333cf0da3f97d633f11699179594360e1687d90e51fa8b50429088550e65460b7a726d4216fc15c534829a08a433a21f6630341fd41cd501479b97aef3515c4aee62f93ca36d08ab236a96d5f54ceec6b50df09a8d1863c45c68330fd781ff3d3bcccf345a2565432affb43de98c5f0389ea26ba7", @ANYRESOCT, @ANYRES32=<r7=>0xffffffffffffffff, @ANYRES16=<r8=>0xffffffffffffffff, @ANYRESOCT=r1, @ANYRES16=r3], 0x50, 0x24040094}, 0x80)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000b80)=ANY=[@ANYRESDEC=r8, @ANYRES32=0x0, @ANYBLOB="024dbb00c1494e33667df83442c89a1ae323e0a30d18af975af659764ab7d343951309a2f9b8627984d9b59b180a2a9a97c8c7a5586bf1a0a3d845f6f2b5bce60fe70dafd3c5072fcf6d7edbf60eb01333999fab103557102b2071531b6ed232347af52947928397f238badf6a2db52ad1477cf3e53abe8796110f5c234610ac0c13dc57ed198292a1e581b55a1d2bbd6eaeba8a02311ae12cc9df25e3481616746ee537e9bcc7f1e4468dae05", @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB, @ANYRES64, @ANYRESOCT=r2, @ANYBLOB="02000300", @ANYRES8, @ANYBLOB="02000200", @ANYRESDEC=r6, @ANYRES8=r5, @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda7576c2a151378b66492", @ANYRESDEC=r7, @ANYRESDEC, @ANYRES64, @ANYBLOB="00000800000000000000aa8f3fa177eab6b2334f0df8", @ANYRES32=0xee00], 0x94, 0x1)
mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), 0x1, &(0x7f00000005c0)={[{@inode32}, {@size={'size', 0x3d, [0x6b, 0x6b, 0x35]}}, {@size={'size', 0x3d, [0x6b, 0x38, 0x0, 0x2d]}}], [{@euid_gt}, {@uid_eq={'uid', 0x3d, r4}}]})
r9 = dup(r1)
write$P9_RLERRORu(r9, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r9, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r9, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES8=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r10}, 0x10)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DREG={0x8}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x4}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x8c}}, 0x0)
r12 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
bind$bt_hci(r12, &(0x7f00000002c0)={0x27}, 0x6)

2.009667528s ago: executing program 5 (id=5560):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
set_robust_list(&(0x7f0000000640)={0x0, 0x6, &(0x7f0000000480)}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
getresuid(&(0x7f0000000180), &(0x7f0000000300), &(0x7f0000000340)=<r1=>0x0)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff}, 0x800)
stat(&(0x7f0000001c40)='./file0\x00', 0x0)
r3 = socket$netlink(0x10, 0x3, 0x14)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000fffffffffffffff000000000"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000580)=@proc={0x10, 0x0, 0x25dfdbfd, 0x4000}, 0xc, 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYRESDEC, @ANYRES32=r4, @ANYRES32=<r5=>0xffffffffffffffff, @ANYBLOB="00000000000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="516d769c39dc2c3beda68a7e0afa19727afbdfa00c63a2251758449e0760c35cd4c4ed2fd8ed391d29402c3fa567122c2ce16dbd4d1970dab6f5ee387d779328d1d173c17bff5e8aa859ba8e43209c1d8a8e604cdbd7aa9280d237d0089b336ed5051fe758b774335dc0335902988557c2d19aa01fe333cf0da3f97d633f11699179594360e1687d90e51fa8b50429088550e65460b7a726d4216fc15c534829a08a433a21f6630341fd41cd501479b97aef3515c4aee62f93ca36d08ab236a96d5f54ceec6b50df09a8d1863c45c68330fd781ff3d3bcccf345a2565432affb43de98c5f0389ea26ba7", @ANYRESOCT, @ANYRES32=<r6=>0xffffffffffffffff, @ANYRES16=<r7=>0xffffffffffffffff, @ANYRESOCT=r0, @ANYRES16=r2], 0x50, 0x24040094}, 0x80)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000b80)=ANY=[@ANYRESDEC=r7, @ANYRES32=0x0, @ANYBLOB="024dbb00c1494e33667df83442c89a1ae323e0a30d18af975af659764ab7d343951309a2f9b8627984d9b59b180a2a9a97c8c7a5586bf1a0a3d845f6f2b5bce60fe70dafd3c5072fcf6d7edbf60eb01333999fab103557102b2071531b6ed232347af52947928397f238badf6a2db52ad1477cf3e53abe8796110f5c234610ac0c13dc57ed198292a1e581b55a1d2bbd6eaeba8a02311ae12cc9df25e3481616746ee537e9bcc7f1e4468dae05", @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32, @ANYBLOB, @ANYRES64, @ANYRESOCT=r1, @ANYBLOB="02000300", @ANYRES8, @ANYBLOB="02000200", @ANYRESDEC=r5, @ANYRES8=r3, @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda757", @ANYRESDEC=r6, @ANYRESDEC, @ANYRES64, @ANYBLOB="00000800000000000000aa8f3fa177eab6b2334f0df8", @ANYRES32=0xee00], 0x94, 0x1)
mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), 0x1, &(0x7f00000005c0)={[{@inode32}, {@size={'size', 0x3d, [0x6b, 0x6b, 0x35]}}, {@size={'size', 0x3d, [0x6b, 0x74, 0x38, 0x0, 0x2d]}}], [{@euid_gt}, {@uid_eq}]})
r8 = dup(r0)
write$RDMA_USER_CM_CMD_SET_OPTION(r8, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
bind$bt_hci(r9, &(0x7f00000002c0)={0x27}, 0x6)

1.932293844s ago: executing program 5 (id=5561):
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x119)
r0 = inotify_init()
lstat(&(0x7f0000001080)='\x00', 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000802, 0x0, &(0x7f0000001140)={0x9, 0x80000001, 0x8, 0x9, 0xf958, 0xa51e, 0xf, 0x2, 0x4})
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(0xffffffffffffffff, 0x1, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
fspick(r1, &(0x7f00000011c0)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xb, &(0x7f0000001200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
memfd_create(&(0x7f00000010c0)='*)\x00', 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00'}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0xd}}, [@TCA_RATE={0x6}]}, 0x2c}}, 0x0)

1.86174559s ago: executing program 3 (id=5562):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x10}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x38, 0x2c, 0xd27, 0x30b529, 0x25dfdc00, {0x0, 0x0, 0x0, r5, {0x0, 0x4}, {}, {0xfff2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.860477651s ago: executing program 0 (id=5563):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
set_robust_list(&(0x7f0000000640)={0x0, 0x6, &(0x7f0000000480)}, 0x18)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180040008003950"], 0x15)
getresuid(&(0x7f0000000180), &(0x7f0000000300), 0x0)
pipe2(&(0x7f0000001cc0), 0x800)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x80)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000b80)=ANY=[@ANYRESDEC, @ANYRES32=0x0, @ANYBLOB="024dbb00c1494e33667df83442c89a1ae323e0a30d18af975af659764ab7d343951309a2f9b8627984d9b59b180a2a9a97c8c7a5586bf1a0a3d845f6f2b5bce60fe70dafd3c5072fcf6d7edbf60eb01333999fab103557102b2071531b6ed232347af52947928397f238badf6a2db52ad1477cf3e53abe8796110f5c234610ac0c13dc57ed198292a1e581b55a1d2bbd6eaeba8a02311ae12cc9df25e3481616746ee537e9bcc7f1e4468dae05", @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB, @ANYRES64, @ANYBLOB="02000300", @ANYRES8, @ANYBLOB="02000200", @ANYRESDEC, @ANYBLOB, @ANYBLOB], 0x94, 0x1)
mount$tmpfs(0x0, 0x0, &(0x7f0000000280), 0x1, &(0x7f00000005c0)={[{@inode32}, {@size={'size', 0x3d, [0x6b, 0x6b, 0x35]}}, {@size={'size', 0x3d, [0x6b, 0x74, 0x38, 0x0, 0x2d]}}], [{@euid_gt}, {@uid_eq={'uid', 0x3d, r2}}]})
r4 = dup(r1)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES8=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DREG={0x8}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x4}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x8c}}, 0x0)
r7 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
bind$bt_hci(r7, &(0x7f00000002c0)={0x27}, 0x6)

1.663204136s ago: executing program 0 (id=5564):
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000c40)='./file0\x00', 0x808080, &(0x7f0000000c80)={[{@discard}, {@bh}, {@noblock_validity}]}, 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002680)=ANY=[@ANYBLOB="140000001000010000000000000007000000000a60000000060a0b0400000000000000000200000034000480200001800e000100636f6e6e6c696d69740000000c000280080001400000000010000180090001006c617374000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x2, 0xa0000)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
close(r0)

1.657935836s ago: executing program 5 (id=5565):
openat$selinux_policy(0xffffff9c, &(0x7f00000003c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="503070b606000000000000000000000000000000accd0bb93b3b4cd361ffe4b4", @ANYRES32=r1, @ANYBLOB="0000000000620000300012800b00010065727370616e00002000028004001200060010004e23000006000f00ef210000060011004e230000"], 0x50}, 0x1, 0x0, 0x0, 0x100}, 0x4000000)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r2}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x3]}, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18)
tkill(r5, 0x7)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
r8 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r4, &(0x7f0000000180)={0x2000101c})
epoll_pwait(r8, &(0x7f00000000c0)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), r9)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000dc0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x7d)

1.573418923s ago: executing program 3 (id=5566):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, 0x0) (fail_nth: 7)

1.501837329s ago: executing program 0 (id=5567):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@local, @in6=@loopback, 0x4e21, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x2f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x800, 0x0, 0x6}}, {{@in=@multicast1, 0x4d5, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
ioctl$sock_SIOCSIFBR(r3, 0x8941, &(0x7f0000000000)=@get={0x1, &(0x7f00000003c0)=""/79, 0x5})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYBLOB='\x00'/20], 0x48)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[], 0x48)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0x0, 0xffe0}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)

1.226433771s ago: executing program 3 (id=5568):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xf, &(0x7f0000000c00)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b700000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x1200, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x24403}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)

840.213702ms ago: executing program 2 (id=5572):
openat$selinux_policy(0xffffff9c, &(0x7f00000003c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r0=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="503070b606000000000000000000000000000000accd0bb93b3b4cd361ffe4b4", @ANYRES32=r0, @ANYBLOB="0000000000620000300012800b00010065727370616e00002000028004001200060010004e23000006000f00ef210000060011004e230000"], 0x50}, 0x1, 0x0, 0x0, 0x100}, 0x4000000)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r1}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r2 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x3]}, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]})
tkill(r2, 0x7)
madvise(&(0x7f00005b2000/0x1000)=nil, 0x1000, 0x17)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000dc0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x7d)

728.222271ms ago: executing program 3 (id=5573):
openat$selinux_policy(0xffffff9c, &(0x7f00000003c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="503070b606000000000000000000000000000000accd0bb93b3b4cd361ffe4b4", @ANYRES32=r1, @ANYBLOB="0000000000620000300012800b00010065727370616e00002000028004001200060010004e23000006000f00ef210000060011004e230000"], 0x50}, 0x1, 0x0, 0x0, 0x100}, 0x4000000)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r2}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x3]}, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18)
tkill(r5, 0x7)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
r8 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r4, &(0x7f0000000180)={0x2000101c})
epoll_pwait(r8, &(0x7f00000000c0)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), 0x0}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r9}, 0x9)
madvise(&(0x7f00005b2000/0x1000)=nil, 0x1000, 0x17)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000dc0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x7d)

711.277203ms ago: executing program 5 (id=5574):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b7000000000000"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff01800400080039503230"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0xb, 0xfa00, @id_afonly={0x0, 0xffffffffffffffff, 0x0, 0x2, 0xfffffffffffffe44}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0, 0x800)

656.111267ms ago: executing program 5 (id=5575):
perf_event_open(&(0x7f0000000140)={0x1, 0xbb, 0x2, 0xfd, 0x40, 0x0, 0x0, 0x7, 0x758, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000000), 0x2}, 0x0, 0x6, 0x5, 0x1, 0x5, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x22, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
pwritev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000680)='P', 0x1}], 0x1, 0x800004, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

581.148423ms ago: executing program 5 (id=5576):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@local, @in6=@loopback, 0x4e21, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x2f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x800, 0x0, 0x6}}, {{@in=@multicast1, 0x4d5, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000000000)=@get={0x1, &(0x7f00000003c0)=""/79, 0x5})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00'}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {}, {0x7, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)

501.36192ms ago: executing program 2 (id=5577):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x2041, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
getdents64(r2, 0xfffffffffffffffe, 0x64)

344.614722ms ago: executing program 2 (id=5578):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc1ffb}]})
epoll_pwait(0xffffffffffffffff, &(0x7f0000000140)=[{}], 0x1, 0x2d516fb6, 0x0, 0x0)

294.381476ms ago: executing program 0 (id=5579):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
set_robust_list(&(0x7f0000000640)={0x0, 0x6, &(0x7f0000000480)}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
getresuid(&(0x7f0000000180), &(0x7f0000000300), &(0x7f0000000340)=<r1=>0x0)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff}, 0x800)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x14)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000fffffffffffffff000000000"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000580)=@proc={0x10, 0x0, 0x25dfdbfd, 0x4000}, 0xc, 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYRESDEC, @ANYRES32=r5, @ANYRES32=<r6=>0xffffffffffffffff, @ANYBLOB="00000000000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="516d769c39dc2c3beda68a7e0afa19727afbdfa00c63a2251758449e0760c35cd4c4ed2fd8ed391d29402c3fa567122c2ce16dbd4d1970dab6f5ee387d779328d1d173c17bff5e8aa859ba8e43209c1d8a8e604cdbd7aa9280d237d0089b336ed5051fe758b774335dc0335902988557c2d19aa01fe333cf0da3f97d633f11699179594360e1687d90e51fa8b50429088550e65460b7a726d4216fc15c534829a08a433a21f6630341fd41cd501479b97aef3515c4aee62f93ca36d08ab236a96d5f54ceec6b50df09a8d1863c45c68330fd781ff3d3bcccf345a2565432affb43de98c5f0389ea26ba7", @ANYRESOCT, @ANYRES32=<r7=>0xffffffffffffffff, @ANYRES16=<r8=>0xffffffffffffffff, @ANYRESOCT=r0, @ANYRES16=r2], 0x50, 0x24040094}, 0x80)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000b80)=ANY=[@ANYRESDEC=r8, @ANYRES32=0x0, @ANYBLOB="024dbb00c1494e33667df83442c89a1ae323e0a30d18af975af659764ab7d343951309a2f9b8627984d9b59b180a2a9a97c8c7a5586bf1a0a3d845f6f2b5bce60fe70dafd3c5072fcf6d7edbf60eb01333999fab103557102b2071531b6ed232347af52947928397f238badf6a2db52ad1477cf3e53abe8796110f5c234610ac0c13dc57ed198292a1e581b55a1d2bbd6eaeba8a02311ae12cc9df25e3481616746ee537e9bcc7f1e4468dae05", @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB, @ANYRES64, @ANYRESOCT=r1, @ANYBLOB="02000300", @ANYRES8, @ANYBLOB="02000200", @ANYRESDEC=r6, @ANYRES8=r4, @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda7576c2a151378b66492", @ANYRESDEC=r7, @ANYRESDEC, @ANYRES64, @ANYBLOB="00000800000000000000aa8f3fa177eab6b2334f0df8", @ANYRES32=0xee00], 0x94, 0x1)
mount$tmpfs(0x0, 0x0, &(0x7f0000000280), 0x1, &(0x7f00000005c0)={[{@inode32}, {@size={'size', 0x3d, [0x6b, 0x6b, 0x35]}}, {@size={'size', 0x3d, [0x6b, 0x74, 0x38, 0x0, 0x2d]}}], [{@euid_gt}, {@uid_eq={'uid', 0x3d, r3}}]})
r9 = dup(r0)
write$RDMA_USER_CM_CMD_SET_OPTION(r9, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
bind$bt_hci(r10, &(0x7f00000002c0)={0x27}, 0x6)

287.287447ms ago: executing program 2 (id=5580):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000140), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000002000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r3, 0x25, 0x0, @void}, 0x10)
dup(0xffffffffffffffff)
syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x56eb, 0x80, 0xffffffff, 0x8000000}, &(0x7f00000004c0), &(0x7f0000000140))
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0xfff}, 0x18)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000480)='./bus/file0\x00', 0x0, 0x0, 0x4, 0x0, &(0x7f00000007c0))
mkdirat(0xffffffffffffffff, &(0x7f0000000000)='./bus/file0\x00', 0x0)
ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0x40103d0b, &(0x7f00000000c0)={0x40000, 0x5})
renameat2(0xffffffffffffffff, &(0x7f0000000240)='./bus/file0\x00', 0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x2)

256.765609ms ago: executing program 3 (id=5581):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
set_robust_list(&(0x7f0000000640)={0x0, 0x6, &(0x7f0000000480)}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
getresuid(&(0x7f0000000180), &(0x7f0000000300), &(0x7f0000000340)=<r1=>0x0)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff}, 0x800)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x14)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000fffffffffffffff000000000"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000580)=@proc={0x10, 0x0, 0x25dfdbfd, 0x4000}, 0xc, 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYRESDEC, @ANYRES32=r5, @ANYRES32=<r6=>0xffffffffffffffff, @ANYBLOB="00000000000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="516d769c39dc2c3beda68a7e0afa19727afbdfa00c63a2251758449e0760c35cd4c4ed2fd8ed391d29402c3fa567122c2ce16dbd4d1970dab6f5ee387d779328d1d173c17bff5e8aa859ba8e43209c1d8a8e604cdbd7aa9280d237d0089b336ed5051fe758b774335dc0335902988557c2d19aa01fe333cf0da3f97d633f11699179594360e1687d90e51fa8b50429088550e65460b7a726d4216fc15c534829a08a433a21f6630341fd41cd501479b97aef3515c4aee62f93ca36d08ab236a96d5f54ceec6b50df09a8d1863c45c68330fd781ff3d3bcccf345a2565432affb43de98c5f0389ea26ba7", @ANYRESOCT, @ANYRES32=<r7=>0xffffffffffffffff, @ANYRES16=<r8=>0xffffffffffffffff, @ANYRESOCT=r0, @ANYRES16=r2], 0x50, 0x24040094}, 0x80)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000b80)=ANY=[@ANYRESDEC=r8, @ANYRES32=0x0, @ANYBLOB="024dbb00c1494e33667df83442c89a1ae323e0a30d18af975af659764ab7d343951309a2f9b8627984d9b59b180a2a9a97c8c7a5586bf1a0a3d845f6f2b5bce60fe70dafd3c5072fcf6d7edbf60eb01333999fab103557102b2071531b6ed232347af52947928397f238badf6a2db52ad1477cf3e53abe8796110f5c234610ac0c13dc57ed198292a1e581b55a1d2bbd6eaeba8a02311ae12cc9df25e3481616746ee537e9bcc7f1e4468dae05", @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB, @ANYRES64, @ANYRESOCT=r1, @ANYBLOB="02000300", @ANYRES8, @ANYBLOB="02000200", @ANYRESDEC=r6, @ANYRES8=r4, @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda757", @ANYRESDEC=r7, @ANYRESDEC, @ANYRES64, @ANYBLOB="00000800000000000000aa8f3fa177eab6b2334f0df8", @ANYRES32=0xee00], 0x94, 0x1)
mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), 0x1, &(0x7f00000005c0)={[{@inode32}, {@size={'size', 0x3d, [0x6b, 0x6b, 0x35]}}, {@size={'size', 0x3d, [0x6b, 0x74, 0x38, 0x0, 0x2d]}}], [{@euid_gt}, {@uid_eq={'uid', 0x3d, r3}}]})
r9 = dup(r0)
write$RDMA_USER_CM_CMD_SET_OPTION(r9, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
bind$bt_hci(r10, &(0x7f00000002c0)={0x27}, 0x6)

230.222992ms ago: executing program 3 (id=5582):
socket(0x840000000002, 0x3, 0xff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")

154.177258ms ago: executing program 2 (id=5583):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x124, 0x2c, 0xd2b, 0x70bd2b, 0x35dfdbfb, {0x0, 0x0, 0x0, r2, {0xf, 0x3}, {}, {0xfff1, 0xfff2}}, [@filter_kind_options=@f_u32={{0x8}, {0xf8, 0x2, [@TCA_U32_SEL={0xf4, 0x5, {0x10, 0x9, 0xe, 0x10da, 0xa760, 0x0, 0x10, 0xfc, [{0xffff8001, 0xf073, 0x4010000, 0x8000}, {0x40, 0x80000001, 0xfffffffe, 0xffffffff}, {0x2, 0x9, 0x2}, {0x2008, 0x80000000, 0x1e0a}, {0xffffffff, 0x9, 0x800, 0x100}, {0x5e3, 0x4, 0x8e, 0x3}, {0x2, 0xffffffff, 0x5, 0x1ad}, {0x3ff, 0xb, 0x3, 0xa6d}, {0x1, 0x5, 0x5127, 0x800}, {0x6, 0x1, 0x2, 0x1}, {0x40, 0x40, 0x3, 0x5}, {0x2, 0x8, 0x6, 0x201}, {0x5, 0x406, 0x2, 0xfffffeff}, {0x94b0, 0x81, 0x80000001, 0xfffffffc}]}}]}}]}, 0x124}, 0x1, 0x0, 0x0, 0x48001}, 0x4000)
r5 = fsmount(r0, 0x0, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000240)='io_uring_register\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
write$cgroup_subtree(r6, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)

742.7µs ago: executing program 2 (id=5584):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32], 0x2c}], 0x1}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

0s ago: executing program 0 (id=5585):
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x119)
r0 = inotify_init()
lstat(&(0x7f0000001080)='\x00', 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000802, 0x0, &(0x7f0000001140)={0x9, 0x80000001, 0x8, 0x9, 0xf958, 0xa51e, 0xf, 0x2, 0x4})
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(0xffffffffffffffff, 0x1, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
fspick(r1, &(0x7f00000011c0)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xb, &(0x7f0000001200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
memfd_create(&(0x7f00000010c0)='*)\x00', 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00'}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0xd}}, [@TCA_RATE={0x6}]}, 0x2c}}, 0x0)

kernel console output (not intermixed with test programs):

node:5653: inode #16: comm syz.1.4940: corrupted inode contents
[  265.168456][T16724] loop0: detected capacity change from 0 to 4096
[  265.178033][T16707] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.4940: mark_inode_dirty error
[  265.191592][T16728] loop3: detected capacity change from 0 to 512
[  265.198479][T16728] EXT4-fs: Ignoring removed nobh option
[  265.204709][T16707] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.4940: corrupted inode contents
[  265.218896][T16724] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.236756][T16707] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  265.246322][T16707] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.4940: corrupted inode contents
[  265.259758][T16707] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.4940: mark_inode_dirty error
[  265.263223][T16728] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.4948: corrupted inode contents
[  265.277431][T16737] __nla_validate_parse: 25 callbacks suppressed
[  265.277452][T16737] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4950'.
[  265.284128][T16707] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  265.314252][T16728] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.4948: mark_inode_dirty error
[  265.336420][T16728] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.4948: corrupted inode contents
[  265.349016][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.358958][T16707] EXT4-fs (loop1): 1 truncate cleaned up
[  265.359468][T16728] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.4948: mark_inode_dirty error
[  265.367191][T16707] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.388696][T16707] ext4 filesystem being mounted at /291/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.400805][T16741] FAULT_INJECTION: forcing a failure.
[  265.400805][T16741] name failslab, interval 1, probability 0, space 0, times 0
[  265.413512][T16741] CPU: 1 UID: 0 PID: 16741 Comm: syz.2.4955 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  265.413548][T16741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  265.413564][T16741] Call Trace:
[  265.413573][T16741]  <TASK>
[  265.413583][T16741]  __dump_stack+0x1d/0x30
[  265.413611][T16741]  dump_stack_lvl+0xe8/0x140
[  265.413674][T16741]  dump_stack+0x15/0x1b
[  265.413755][T16741]  should_fail_ex+0x265/0x280
[  265.413783][T16741]  should_failslab+0x8c/0xb0
[  265.413833][T16741]  kmem_cache_alloc_noprof+0x50/0x310
[  265.414003][T16741]  ? getname_flags+0x80/0x3b0
[  265.414039][T16741]  getname_flags+0x80/0x3b0
[  265.414072][T16741]  do_sys_openat2+0x60/0x110
[  265.414179][T16741]  __x64_sys_openat+0xf2/0x120
[  265.414291][T16741]  x64_sys_call+0x2e9c/0x2ff0
[  265.414312][T16741]  do_syscall_64+0xd2/0x200
[  265.414347][T16741]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  265.414377][T16741]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  265.414410][T16741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.414435][T16741] RIP: 0033:0x7f2ff53febe9
[  265.414467][T16741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.414489][T16741] RSP: 002b:00007f2ff3e5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  265.414513][T16741] RAX: ffffffffffffffda RBX: 00007f2ff5625fa0 RCX: 00007f2ff53febe9
[  265.414609][T16741] RDX: 0000000000004040 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  265.414623][T16741] RBP: 00007f2ff3e5f090 R08: 0000000000000000 R09: 0000000000000000
[  265.414638][T16741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.414652][T16741] R13: 00007f2ff5626038 R14: 00007f2ff5625fa0 R15: 00007ffe5dd99398
[  265.414676][T16741]  </TASK>
[  265.606239][T16728] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4948: Failed to acquire dquot type 0
[  265.618221][T16728] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4948: corrupted inode contents
[  265.630600][T16728] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.4948: mark_inode_dirty error
[  265.643913][T16728] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4948: corrupted inode contents
[  265.657443][T16728] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.4948: mark_inode_dirty error
[  265.685778][T16728] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4948: corrupted inode contents
[  265.701094][T16728] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  265.713199][T16751] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4957'.
[  265.723953][T16728] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4948: corrupted inode contents
[  265.733822][T16751] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4957'.
[  265.746293][T16751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4957'.
[  265.747321][T16728] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.4948: mark_inode_dirty error
[  265.776917][T16748] lo speed is unknown, defaulting to 1000
[  265.796809][T16705] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.806351][T16728] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  265.853502][T16756] lo speed is unknown, defaulting to 1000
[  265.860899][T16728] EXT4-fs (loop3): 1 truncate cleaned up
[  265.883667][T16728] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.920479][T16764] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4959'.
[  265.939320][T16768] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4962'.
[  265.953983][T16728] ext4 filesystem being mounted at /443/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.966098][T16766] FAULT_INJECTION: forcing a failure.
[  265.966098][T16766] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.979249][T16766] CPU: 0 UID: 0 PID: 16766 Comm: syz.1.4963 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  265.979286][T16766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  265.979302][T16766] Call Trace:
[  265.979310][T16766]  <TASK>
[  265.979337][T16766]  __dump_stack+0x1d/0x30
[  265.979364][T16766]  dump_stack_lvl+0xe8/0x140
[  265.979443][T16766]  dump_stack+0x15/0x1b
[  265.979459][T16766]  should_fail_ex+0x265/0x280
[  265.979485][T16766]  should_fail+0xb/0x20
[  265.979584][T16766]  should_fail_usercopy+0x1a/0x20
[  265.979605][T16766]  _copy_from_user+0x1c/0xb0
[  265.979637][T16766]  memdup_user+0x5e/0xd0
[  265.979713][T16766]  strndup_user+0x68/0xb0
[  265.979773][T16766]  __se_sys_mount+0x8e/0x2e0
[  265.979795][T16766]  ? fput+0x8f/0xc0
[  265.979826][T16766]  ? ksys_write+0x192/0x1a0
[  265.979854][T16766]  __x64_sys_mount+0x67/0x80
[  265.979882][T16766]  x64_sys_call+0x2b4d/0x2ff0
[  265.979977][T16766]  do_syscall_64+0xd2/0x200
[  265.980008][T16766]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  265.980095][T16766]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  265.980122][T16766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.980206][T16766] RIP: 0033:0x7f150e00ebe9
[  265.980225][T16766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.980247][T16766] RSP: 002b:00007f150ca77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  265.980267][T16766] RAX: ffffffffffffffda RBX: 00007f150e235fa0 RCX: 00007f150e00ebe9
[  265.980330][T16766] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000080
[  265.980345][T16766] RBP: 00007f150ca77090 R08: 0000000000000000 R09: 0000000000000000
[  265.980358][T16766] R10: 0000000000002080 R11: 0000000000000246 R12: 0000000000000001
[  265.980370][T16766] R13: 00007f150e236038 R14: 00007f150e235fa0 R15: 00007ffc46da3bd8
[  265.980388][T16766]  </TASK>
[  266.194920][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.199948][T16773] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4966'.
[  266.216210][T16775] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4967'.
[  266.225292][T16775] IPv6: Can't replace route, no match found
[  266.231635][T16770] loop0: detected capacity change from 0 to 4096
[  266.247999][   T29] kauditd_printk_skb: 919 callbacks suppressed
[  266.248018][   T29] audit: type=1326 audit(1755348760.693:42392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16776 comm="syz.2.4968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  266.277993][   T29] audit: type=1326 audit(1755348760.693:42393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16776 comm="syz.2.4968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  266.286574][T16773] IPv6: Can't replace route, no match found
[  266.310268][T16770] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.310897][T16777] siw: device registration error -23
[  266.343733][   T29] audit: type=1326 audit(1755348760.753:42394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16776 comm="syz.2.4968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  266.367595][   T29] audit: type=1326 audit(1755348760.753:42395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16776 comm="syz.2.4968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  266.391291][   T29] audit: type=1326 audit(1755348760.753:42396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16776 comm="syz.2.4968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  266.415037][   T29] audit: type=1326 audit(1755348760.753:42397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16776 comm="syz.2.4968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  266.438737][   T29] audit: type=1326 audit(1755348760.753:42398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16776 comm="syz.2.4968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  266.462474][   T29] audit: type=1326 audit(1755348760.753:42399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16776 comm="syz.2.4968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  266.486272][   T29] audit: type=1326 audit(1755348760.753:42400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16776 comm="syz.2.4968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  266.510087][   T29] audit: type=1326 audit(1755348760.753:42401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16776 comm="syz.2.4968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  266.534693][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.625534][T16794] loop3: detected capacity change from 0 to 512
[  266.636186][T16794] EXT4-fs: Ignoring removed nobh option
[  266.676122][T16805] siw: device registration error -23
[  266.682806][T16794] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.4976: corrupted inode contents
[  266.694905][T16794] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.4976: mark_inode_dirty error
[  266.706812][T16794] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.4976: corrupted inode contents
[  266.717469][T16803] lo speed is unknown, defaulting to 1000
[  266.726767][T16794] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.4976: mark_inode_dirty error
[  266.750151][T16794] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4976: Failed to acquire dquot type 0
[  266.768330][T16810] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4978'.
[  266.777835][T16813] siw: device registration error -23
[  266.787961][T16794] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4976: corrupted inode contents
[  266.800361][T16794] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.4976: mark_inode_dirty error
[  266.845110][T16794] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4976: corrupted inode contents
[  266.875549][T16794] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.4976: mark_inode_dirty error
[  266.894777][T16794] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4976: corrupted inode contents
[  266.908405][T16794] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  266.925978][T16794] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4976: corrupted inode contents
[  266.945873][T16794] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.4976: mark_inode_dirty error
[  266.951806][T16825] loop2: detected capacity change from 0 to 164
[  266.965817][T16794] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  266.980052][T16794] EXT4-fs (loop3): 1 truncate cleaned up
[  266.986674][T16794] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.002184][T16825] ip6gre1: entered allmulticast mode
[  267.011273][T16794] ext4 filesystem being mounted at /446/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.044833][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.308910][T16838] siw: device registration error -23
[  267.452340][T16842] siw: device registration error -23
[  267.620452][T16852] loop0: detected capacity change from 0 to 512
[  267.627636][T16852] EXT4-fs: Ignoring removed nobh option
[  267.647449][T16852] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.4998: corrupted inode contents
[  267.652818][T16857] loop2: detected capacity change from 0 to 512
[  267.659612][T16852] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.4998: mark_inode_dirty error
[  267.667506][T16857] EXT4-fs: Ignoring removed bh option
[  267.682917][T16857] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  267.682923][T16852] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.4998: corrupted inode contents
[  267.692098][T16857] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  267.705691][T16852] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.4998: mark_inode_dirty error
[  267.713001][T16857] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  267.725240][T16852] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.4998: Failed to acquire dquot type 0
[  267.745491][T16852] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.4998: corrupted inode contents
[  267.745768][T16857] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  267.758303][T16852] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.4998: mark_inode_dirty error
[  267.774842][T16857] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.789103][T16852] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.4998: corrupted inode contents
[  267.813234][T16852] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.4998: mark_inode_dirty error
[  267.834228][T16862] netlink: 'syz.1.5001': attribute type 27 has an invalid length.
[  267.837515][T16852] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.4998: corrupted inode contents
[  267.855623][T11557] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.857352][T16862] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.866039][T16852] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  267.880022][T16862] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  267.895839][T16852] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.4998: corrupted inode contents
[  267.908855][T16852] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.4998: mark_inode_dirty error
[  267.926190][T16852] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  267.935758][T16852] EXT4-fs (loop0): 1 truncate cleaned up
[  267.938827][T16864] siw: device registration error -23
[  267.942122][T16852] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.962655][T16852] ext4 filesystem being mounted at /392/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  268.024160][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.039523][T16875] netlink: 'syz.2.5008': attribute type 27 has an invalid length.
[  268.077708][T16875] ip6gre1: left allmulticast mode
[  268.100449][T16875] 8021q: adding VLAN 0 to HW filter on device 
[  268.111818][T16875] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  268.154055][T16888] siw: device registration error -23
[  268.228104][T16897] loop0: detected capacity change from 0 to 764
[  268.236688][T16897] Symlink component flag not implemented
[  268.242711][T16897] Symlink component flag not implemented (7)
[  268.348147][T16901] loop0: detected capacity change from 0 to 512
[  268.355263][T16901] EXT4-fs: Ignoring removed nobh option
[  268.387948][T16901] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5018: corrupted inode contents
[  268.401890][T16901] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.5018: mark_inode_dirty error
[  268.414417][T16901] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5018: corrupted inode contents
[  268.428294][T16901] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.5018: mark_inode_dirty error
[  268.440641][T16901] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.5018: Failed to acquire dquot type 0
[  268.509993][T16901] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5018: corrupted inode contents
[  268.553604][T16906] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5019'.
[  268.564892][T16901] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.5018: mark_inode_dirty error
[  268.589771][T16901] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5018: corrupted inode contents
[  268.624408][T16901] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.5018: mark_inode_dirty error
[  268.716553][T16901] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5018: corrupted inode contents
[  268.786192][T16901] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  268.821404][T16901] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5018: corrupted inode contents
[  268.870433][T16901] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.5018: mark_inode_dirty error
[  268.911810][T16901] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  268.930943][T16901] EXT4-fs (loop0): 1 truncate cleaned up
[  268.937839][T16901] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.950673][T16901] ext4 filesystem being mounted at /399/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  269.001178][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.046016][T16928] loop1: detected capacity change from 0 to 764
[  269.052393][T16930] netlink: 'syz.4.5031': attribute type 27 has an invalid length.
[  269.070056][T16928] Symlink component flag not implemented
[  269.075964][T16928] Symlink component flag not implemented (7)
[  269.094800][T16930] bridge0: port 3(syz_tun) entered disabled state
[  269.115234][ T3380] lo speed is unknown, defaulting to 1000
[  269.121012][ T3380] syz0: Port: 1 Link DOWN
[  269.146473][T16931] bridge0: port 3(syz_tun) entered blocking state
[  269.153004][T16931] bridge0: port 3(syz_tun) entered forwarding state
[  269.162347][T16931] 8021q: adding VLAN 0 to HW filter on device bond0
[  269.172150][T16931] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  269.188074][T11638] lo speed is unknown, defaulting to 1000
[  269.194062][T11638] syz0: Port: 1 Link ACTIVE
[  269.337551][T16962] siw: device registration error -23
[  269.367968][T16960] lo speed is unknown, defaulting to 1000
[  269.482214][T16969] loop2: detected capacity change from 0 to 512
[  269.502024][T16969] EXT4-fs: Ignoring removed bh option
[  269.522280][T16969] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  269.531476][T16969] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  269.571107][T16975] loop1: detected capacity change from 0 to 512
[  269.594941][T16975] EXT4-fs: Ignoring removed bh option
[  269.600786][T16969] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  269.611581][T16969] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  269.620698][T16975] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  269.629871][T16975] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  269.653681][T16969] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.693947][T11557] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.693974][T16975] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  269.712917][T16975] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  269.721474][T16975] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.764012][T12210] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.786204][T16988] loop2: detected capacity change from 0 to 764
[  269.795229][T16988] Symlink component flag not implemented
[  269.802057][T16988] Symlink component flag not implemented (7)
[  269.840472][T16995] siw: device registration error -23
[  269.927300][T17012] 9pnet_fd: Insufficient options for proto=fd
[  269.949872][T17014] loop1: detected capacity change from 0 to 512
[  269.957829][T17014] EXT4-fs: Ignoring removed nobh option
[  269.978181][T17014] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.5064: corrupted inode contents
[  269.990839][T17014] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.5064: mark_inode_dirty error
[  270.011776][T17014] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.5064: corrupted inode contents
[  270.024111][T17014] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.5064: mark_inode_dirty error
[  270.036941][T17014] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.5064: Failed to acquire dquot type 0
[  270.057473][T17014] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.5064: corrupted inode contents
[  270.071421][T17014] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.5064: mark_inode_dirty error
[  270.083178][T17014] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.5064: corrupted inode contents
[  270.099144][T17014] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.5064: mark_inode_dirty error
[  270.121619][T17014] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.5064: corrupted inode contents
[  270.133973][T17014] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  270.140093][T17032] siw: device registration error -23
[  270.145475][T17014] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.5064: corrupted inode contents
[  270.204259][T17040] siw: device registration error -23
[  270.204529][T17014] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.5064: mark_inode_dirty error
[  270.236821][T17014] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  270.256010][T17014] EXT4-fs (loop1): 1 truncate cleaned up
[  270.262242][T17014] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.275408][T17014] ext4 filesystem being mounted at /315/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.308044][T12210] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.385308][T17061] loop1: detected capacity change from 0 to 512
[  270.393375][T17061] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  270.406938][T17061] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.420137][T17061] ext4 filesystem being mounted at /318/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.510039][T17074] __nla_validate_parse: 7 callbacks suppressed
[  270.510056][T17074] netlink: 10 bytes leftover after parsing attributes in process `syz.3.5085'.
[  270.586844][T17074] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5085'.
[  270.684618][T17090] netlink: 'syz.2.5092': attribute type 27 has an invalid length.
[  270.719272][T17092] loop3: detected capacity change from 0 to 512
[  270.730359][T17090] 8021q: adding VLAN 0 to HW filter on device 
[  270.731805][T17092] EXT4-fs: Ignoring removed bh option
[  270.759376][T17092] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  270.768520][T17092] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  270.778877][T17090] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  270.779331][T17092] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  270.809817][T17092] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  270.830845][T17092] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.853761][T17092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.995786][T12210] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.219978][  T122] bridge_slave_1: left allmulticast mode
[  271.225753][  T122] bridge_slave_1: left promiscuous mode
[  271.231443][  T122] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.239293][  T122] bridge_slave_0: left allmulticast mode
[  271.244963][  T122] bridge_slave_0: left promiscuous mode
[  271.250654][  T122] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.275077][  T122] bond2 (unregistering): (slave gretap1): Releasing active interface
[  271.316150][  T122] bond1 (unregistering): (slave bridge1): Releasing active interface
[  271.386551][  T122] bond0 (unregistering): (slave 
c
1ÿ): Releasing backup interface
[  271.395812][  T122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  271.404897][  T122] bond0 (unregistering): Released all slaves
[  271.412908][  T122] bond1 (unregistering): Released all slaves
[  271.422550][  T122] bond2 (unregistering): Released all slaves
[  271.490289][   T29] kauditd_printk_skb: 1149 callbacks suppressed
[  271.490307][   T29] audit: type=1400 audit(1755348765.933:43543): avc:  denied  { execmem } for  pid=17124 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  271.519362][   T29] audit: type=1400 audit(1755348765.933:43544): avc:  denied  { open } for  pid=17125 comm="syz.0.5108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  271.519657][  T122] IPVS: stopping backup sync thread 16479 ...
[  271.538865][   T29] audit: type=1400 audit(1755348765.933:43545): avc:  denied  { map_create } for  pid=17125 comm="syz.0.5108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.538959][   T29] audit: type=1400 audit(1755348765.933:43546): avc:  denied  { prog_load } for  pid=17125 comm="syz.0.5108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.539003][   T29] audit: type=1400 audit(1755348765.933:43547): avc:  denied  { prog_load } for  pid=17125 comm="syz.0.5108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.539030][   T29] audit: type=1400 audit(1755348765.933:43548): avc:  denied  { prog_load } for  pid=17125 comm="syz.0.5108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.539057][   T29] audit: type=1326 audit(1755348765.933:43549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17125 comm="syz.0.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  271.539084][   T29] audit: type=1326 audit(1755348765.933:43550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17125 comm="syz.0.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  271.669489][   T29] audit: type=1326 audit(1755348765.933:43551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17125 comm="syz.0.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  271.693140][   T29] audit: type=1326 audit(1755348765.933:43552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17125 comm="syz.0.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  271.717014][  T122] hsr_slave_0: left promiscuous mode
[  271.722738][  T122] hsr_slave_1: left promiscuous mode
[  272.613241][T17145] netlink: 10 bytes leftover after parsing attributes in process `syz.2.5117'.
[  272.634719][T17145] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5117'.
[  276.116412][T17189] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=19 sclass=netlink_tcpdiag_socket pid=17189 comm=syz.4.5135
[  277.177439][   T29] kauditd_printk_skb: 319 callbacks suppressed
[  277.177454][   T29] audit: type=1326 audit(1755348771.623:43872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17193 comm="syz.0.5136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  277.213424][   T29] audit: type=1326 audit(1755348771.623:43873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17193 comm="syz.0.5136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  277.237241][   T29] audit: type=1326 audit(1755348771.623:43874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17193 comm="syz.0.5136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  277.260850][   T29] audit: type=1326 audit(1755348771.623:43875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17193 comm="syz.0.5136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  277.284505][   T29] audit: type=1326 audit(1755348771.623:43876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17193 comm="syz.0.5136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  277.308189][   T29] audit: type=1326 audit(1755348771.623:43877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17193 comm="syz.0.5136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  277.331884][   T29] audit: type=1400 audit(1755348771.623:43878): avc:  denied  { map_create } for  pid=17193 comm="syz.0.5136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  277.351223][   T29] audit: type=1326 audit(1755348771.623:43879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17193 comm="syz.0.5136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  277.374798][   T29] audit: type=1326 audit(1755348771.623:43880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17193 comm="syz.0.5136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  277.398392][   T29] audit: type=1326 audit(1755348771.623:43881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17193 comm="syz.0.5136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  278.476060][T17209] siw: device registration error -23
[  278.493279][T17213] loop0: detected capacity change from 0 to 512
[  278.513224][T17213] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  278.528756][T17221] siw: device registration error -23
[  278.571120][T17213] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.595065][T17213] ext4 filesystem being mounted at /429/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  278.599060][T17230] siw: device registration error -23
[  278.615680][T17231] netlink: 'syz.4.5151': attribute type 4 has an invalid length.
[  278.716531][T17241] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.5145: corrupted xattr block 19: overlapping e_value 
[  278.749999][T17216] lo speed is unknown, defaulting to 1000
[  278.758921][T17241] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[  278.764687][T17244] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5152'.
[  278.812247][T17241] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.5145: corrupted xattr block 19: overlapping e_value 
[  278.894658][T17241] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[  278.954284][T17241] EXT4-fs error (device loop0): ext4_xattr_block_list:762: inode #15: comm syz.0.5145: corrupted xattr block 19: overlapping e_value 
[  279.066734][T17216] chnl_net:caif_netlink_parms(): no params data found
[  279.163461][T17274] netlink: 10 bytes leftover after parsing attributes in process `syz.4.5160'.
[  279.196669][T17216] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.203853][T17216] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.228528][T17216] bridge_slave_0: entered allmulticast mode
[  279.239834][T17277] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5160'.
[  279.252818][T17216] bridge_slave_0: entered promiscuous mode
[  279.262015][T17216] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.269173][T17216] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.277583][T17216] bridge_slave_1: entered allmulticast mode
[  279.284276][T17216] bridge_slave_1: entered promiscuous mode
[  279.317195][T17280] loop3: detected capacity change from 0 to 512
[  279.339052][T17216] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.352898][T17280] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  279.373472][T17284] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5163'.
[  279.393744][T17216] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.407127][T17280] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.437064][T17280] ext4 filesystem being mounted at /482/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.452096][T17216] team0: Port device team_slave_0 added
[  279.473040][T17216] team0: Port device team_slave_1 added
[  279.502947][T17216] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.509965][T17216] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.536015][T17216] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.547493][T17216] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.554525][T17216] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.580565][T17216] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  279.581019][T17292] netlink: 'syz.4.5166': attribute type 10 has an invalid length.
[  279.599073][T17292] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5166'.
[  279.618288][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.643481][T17298] siw: device registration error -23
[  279.653960][T17292] dummy0: entered promiscuous mode
[  279.661144][T17292] bridge0: port 4(dummy0) entered blocking state
[  279.667573][T17292] bridge0: port 4(dummy0) entered disabled state
[  279.674301][T17292] dummy0: entered allmulticast mode
[  279.681453][T17292] bridge0: port 4(dummy0) entered blocking state
[  279.687883][T17292] bridge0: port 4(dummy0) entered forwarding state
[  279.695836][T17301] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.5161: corrupted xattr block 19: overlapping e_value 
[  279.713625][T17301] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  279.728774][T17301] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.5161: corrupted xattr block 19: overlapping e_value 
[  279.731362][T17216] hsr_slave_0: entered promiscuous mode
[  279.761919][T17216] hsr_slave_1: entered promiscuous mode
[  279.763451][T17301] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  279.768025][T17216] debugfs: 'hsr0' already exists in 'hsr'
[  279.782247][T17216] Cannot create hsr debugfs directory
[  279.836902][T17306] loop2: detected capacity change from 0 to 512
[  279.843490][T17306] EXT4-fs: Ignoring removed bh option
[  279.854685][T17301] EXT4-fs error (device loop3): ext4_xattr_block_list:762: inode #15: comm syz.3.5161: corrupted xattr block 19: overlapping e_value 
[  279.891242][T17300] loop0: detected capacity change from 0 to 8192
[  279.924405][T17306] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  279.933513][T17306] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  279.946426][T17300] netlink: 'syz.0.5168': attribute type 15 has an invalid length.
[  280.037318][T17306] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  280.057713][T17313] loop0: detected capacity change from 0 to 512
[  280.071071][T17306] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  280.080999][T17313] EXT4-fs: Ignoring removed bh option
[  280.089347][T17306] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  280.112184][T17313] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  280.121364][T17313] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  280.154711][T17313] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  280.171890][T11557] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.193252][T17216] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  280.194689][T17313] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  280.210346][T17216] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  280.219080][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.219019][T17313] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  280.247168][T17216] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  280.269103][T17216] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  280.281570][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.335587][T17332] loop2: detected capacity change from 0 to 512
[  280.342379][T17332] EXT4-fs: Ignoring removed nobh option
[  280.351249][T17329] netlink: 292 bytes leftover after parsing attributes in process `syz.3.5180'.
[  280.363406][T17332] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.5181: corrupted inode contents
[  280.381450][T17332] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #3: comm syz.2.5181: mark_inode_dirty error
[  280.393403][T17332] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.5181: corrupted inode contents
[  280.406964][T17332] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.5181: mark_inode_dirty error
[  280.419183][T17332] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.5181: Failed to acquire dquot type 0
[  280.464640][T17332] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5181: corrupted inode contents
[  280.480892][T17216] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.492774][T17339] loop0: detected capacity change from 0 to 4096
[  280.499846][T17332] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.5181: mark_inode_dirty error
[  280.514925][T17216] 8021q: adding VLAN 0 to HW filter on device team0
[  280.523547][T17332] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5181: corrupted inode contents
[  280.542332][T16495] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.549496][T16495] bridge0: port 1(bridge_slave_0) entered forwarding state
[  280.562257][T17344] siw: device registration error -23
[  280.568106][T17332] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.5181: mark_inode_dirty error
[  280.581038][T17339] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.582949][T17332] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5181: corrupted inode contents
[  280.595190][T16495] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.612499][T16495] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.664128][T17216] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  280.674573][T17216] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  280.701164][T17332] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  280.718367][T17332] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5181: corrupted inode contents
[  280.749918][T17346] netlink: 10 bytes leftover after parsing attributes in process `syz.3.5184'.
[  280.773578][T17332] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.5181: mark_inode_dirty error
[  280.779561][T17346] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5184'.
[  280.819963][T17332] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  280.846912][T17216] 8021q: adding VLAN 0 to HW filter on device batadv0
[  280.865780][T17355] loop3: detected capacity change from 0 to 512
[  280.872438][T17355] EXT4-fs: Ignoring removed bh option
[  280.878683][T17332] EXT4-fs (loop2): 1 truncate cleaned up
[  280.886101][T17355] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  280.888870][T17332] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.895262][T17355] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  280.925929][T17332] ext4 filesystem being mounted at /410/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  280.937226][T17355] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  280.954632][T17355] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  280.963815][T17355] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.024814][T17363] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5186'.
[  281.067439][T17369] loop2: detected capacity change from 0 to 512
[  281.102039][T17369] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  281.113948][T17375] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5189'.
[  281.150339][T17369] ext4 filesystem being mounted at /411/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  281.181170][T17216] veth0_vlan: entered promiscuous mode
[  281.192366][T17216] veth1_vlan: entered promiscuous mode
[  281.207661][T17216] veth0_macvtap: entered promiscuous mode
[  281.224608][T17216] veth1_macvtap: entered promiscuous mode
[  281.242326][T17216] batman_adv: batadv0: Interface activated: batadv_slave_0
[  281.248219][T17385] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.5188: corrupted xattr block 19: overlapping e_value 
[  281.252910][T17216] batman_adv: batadv0: Interface activated: batadv_slave_1
[  281.276549][T17385] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  281.291809][T16531] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  281.308140][T16531] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  281.331280][T16531] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  281.342554][T17385] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.5188: corrupted xattr block 19: overlapping e_value 
[  281.360259][T16531] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  281.392283][T17393] siw: device registration error -23
[  281.393268][T17395] netlink: 'syz.5.5107': attribute type 27 has an invalid length.
[  281.409109][T17385] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  281.420185][T17385] EXT4-fs error (device loop2): ext4_xattr_block_list:762: inode #15: comm syz.2.5188: corrupted xattr block 19: overlapping e_value 
[  281.446341][T17395] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.453650][T17395] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.457238][T17397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.471118][T17397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.512841][T17395] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  281.530531][T17395] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.594160][T17398] 8021q: adding VLAN 0 to HW filter on device bond0
[  281.602694][T17398] 8021q: adding VLAN 0 to HW filter on device team0
[  281.614214][T17398] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  281.635428][  T122] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.657072][  T122] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.669694][T17397] lo speed is unknown, defaulting to 1000
[  281.731743][  T122] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.742624][  T122] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.943908][T17405] 9pnet_fd: Insufficient options for proto=fd
[  282.106998][T17426] siw: device registration error -23
[  282.189593][T17434] loop5: detected capacity change from 0 to 512
[  282.197094][T17434] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  282.220970][T17434] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  282.232152][   T29] kauditd_printk_skb: 1060 callbacks suppressed
[  282.232168][   T29] audit: type=1326 audit(1755348776.683:44940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17429 comm="syz.4.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053a00ebe9 code=0x7ffc0000
[  282.285204][   T29] audit: type=1326 audit(1755348776.713:44941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17435 comm="syz.3.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff260765ba7 code=0x7ffc0000
[  282.308754][   T29] audit: type=1326 audit(1755348776.713:44942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17435 comm="syz.3.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff26070add9 code=0x7ffc0000
[  282.332326][   T29] audit: type=1326 audit(1755348776.713:44943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17435 comm="syz.3.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff260765ba7 code=0x7ffc0000
[  282.355865][   T29] audit: type=1326 audit(1755348776.713:44944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17435 comm="syz.3.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff26070add9 code=0x7ffc0000
[  282.379464][   T29] audit: type=1326 audit(1755348776.713:44945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17435 comm="syz.3.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff26076ebe9 code=0x7ffc0000
[  282.403165][   T29] audit: type=1326 audit(1755348776.713:44946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17435 comm="syz.3.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff26076ebe9 code=0x7ffc0000
[  282.426801][   T29] audit: type=1326 audit(1755348776.713:44947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17435 comm="syz.3.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff260765ba7 code=0x7ffc0000
[  282.450429][   T29] audit: type=1326 audit(1755348776.713:44948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17435 comm="syz.3.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff26070add9 code=0x7ffc0000
[  282.474046][   T29] audit: type=1326 audit(1755348776.713:44949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17435 comm="syz.3.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff260765ba7 code=0x7ffc0000
[  282.520863][T17447] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17447 comm=syz.3.5211
[  282.588459][T17442] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.5208: corrupted xattr block 19: overlapping e_value 
[  282.705527][T17442] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  282.749057][T17469] lo speed is unknown, defaulting to 1000
[  282.753101][T17442] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.5208: corrupted xattr block 19: overlapping e_value 
[  282.790284][T17442] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  282.799738][T17442] EXT4-fs error (device loop5): ext4_xattr_block_list:762: inode #15: comm syz.5.5208: corrupted xattr block 19: overlapping e_value 
[  282.927572][T17479] netlink: 'syz.3.5221': attribute type 27 has an invalid length.
[  282.974259][T17479] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.987923][T17479] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  283.183327][T17491] SELinux: security policydb version 17 (MLS) not backwards compatible
[  283.229086][T17491] SELinux: failed to load policy
[  283.241256][ T3385] kernel write not supported for file /21/gid_map (pid: 3385 comm: kworker/1:4)
[  283.264685][T17506] siw: device registration error -23
[  283.274896][T17497] netlink: 'syz.3.5228': attribute type 6 has an invalid length.
[  283.332923][T17512] netlink: 'syz.5.5234': attribute type 27 has an invalid length.
[  283.452571][T17525] 8021q: adding VLAN 0 to HW filter on device bond0
[  283.461216][T17525] 8021q: adding VLAN 0 to HW filter on device team0
[  283.471451][T17525] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  283.487845][T17526] 9pnet_virtio: no channels available for device syz
[  283.560735][T17541] FAULT_INJECTION: forcing a failure.
[  283.560735][T17541] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.574093][T17541] CPU: 1 UID: 0 PID: 17541 Comm: syz.5.5246 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  283.574290][T17541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  283.574303][T17541] Call Trace:
[  283.574309][T17541]  <TASK>
[  283.574318][T17541]  __dump_stack+0x1d/0x30
[  283.574345][T17541]  dump_stack_lvl+0xe8/0x140
[  283.574366][T17541]  dump_stack+0x15/0x1b
[  283.574383][T17541]  should_fail_ex+0x265/0x280
[  283.574487][T17541]  should_fail+0xb/0x20
[  283.574507][T17541]  should_fail_usercopy+0x1a/0x20
[  283.574532][T17541]  _copy_to_user+0x20/0xa0
[  283.574563][T17541]  generic_map_lookup_batch+0x523/0x7c0
[  283.574595][T17541]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  283.574661][T17541]  bpf_map_do_batch+0x1ba/0x380
[  283.574695][T17541]  ? security_bpf+0x2b/0x90
[  283.574731][T17541]  __sys_bpf+0x490/0x7b0
[  283.574776][T17541]  __x64_sys_bpf+0x41/0x50
[  283.574802][T17541]  x64_sys_call+0x2aea/0x2ff0
[  283.574825][T17541]  do_syscall_64+0xd2/0x200
[  283.574854][T17541]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  283.574919][T17541]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  283.574946][T17541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.574969][T17541] RIP: 0033:0x7fd9ee07ebe9
[  283.574984][T17541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.575072][T17541] RSP: 002b:00007fd9ecae7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  283.575092][T17541] RAX: ffffffffffffffda RBX: 00007fd9ee2a5fa0 RCX: 00007fd9ee07ebe9
[  283.575106][T17541] RDX: 0000000000000038 RSI: 0000200000000b00 RDI: 0000000000000018
[  283.575119][T17541] RBP: 00007fd9ecae7090 R08: 0000000000000000 R09: 0000000000000000
[  283.575132][T17541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.575145][T17541] R13: 00007fd9ee2a6038 R14: 00007fd9ee2a5fa0 R15: 00007ffda735eb08
[  283.575167][T17541]  </TASK>
[  283.784394][T17546] siw: device registration error -23
[  283.843867][T17556] netlink: 'syz.2.5253': attribute type 27 has an invalid length.
[  283.852135][T17551] loop0: detected capacity change from 0 to 512
[  283.852958][T17554] __nla_validate_parse: 10 callbacks suppressed
[  283.853055][T17554] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5252'.
[  283.860573][T17551] EXT4-fs: Ignoring removed nobh option
[  283.893869][T17557] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  283.903961][T17551] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5250: corrupted inode contents
[  283.916687][T17551] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.5250: mark_inode_dirty error
[  283.918125][T17556] 8021q: adding VLAN 0 to HW filter on device 
[  283.928708][T17551] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5250: corrupted inode contents
[  283.946959][T17556] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  283.947891][T17551] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.5250: mark_inode_dirty error
[  283.976489][T17551] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.5250: Failed to acquire dquot type 0
[  283.995688][T17551] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5250: corrupted inode contents
[  284.008410][T17551] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.5250: mark_inode_dirty error
[  284.028181][T17551] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5250: corrupted inode contents
[  284.029418][T17566] netlink: 10 bytes leftover after parsing attributes in process `syz.5.5255'.
[  284.053464][T17566] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5255'.
[  284.053858][T17551] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.5250: mark_inode_dirty error
[  284.074597][T17551] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5250: corrupted inode contents
[  284.089294][T17551] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  284.101204][T17551] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5250: corrupted inode contents
[  284.115436][T17551] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.5250: mark_inode_dirty error
[  284.127437][T17551] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  284.129940][T17569] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5257'.
[  284.137416][T17551] EXT4-fs (loop0): 1 truncate cleaned up
[  284.165883][T17551] EXT4-fs mount: 7 callbacks suppressed
[  284.165981][T17551] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  284.185458][T17551] ext4 filesystem being mounted at /444/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  284.221481][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.283266][T17584] siw: device registration error -23
[  284.326315][T17588] loop2: detected capacity change from 0 to 512
[  284.333106][T17588] EXT4-fs: Ignoring removed bh option
[  284.339454][T17588] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  284.348628][T17588] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  284.360629][T17588] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  284.373771][T17588] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  284.385099][T17588] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.510016][T11557] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.703571][T17614] siw: device registration error -23
[  284.787012][T17619] loop2: detected capacity change from 0 to 512
[  284.806585][T17619] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  284.831929][T17619] EXT4-fs (loop2): mount failed
[  284.916250][T17627] loop2: detected capacity change from 0 to 512
[  284.936954][T17627] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  284.968362][T17627] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  284.998088][T17627] ext4 filesystem being mounted at /433/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.095097][T17639] netlink: 'syz.2.5279': attribute type 4 has an invalid length.
[  285.102920][T17639] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5279'.
[  285.103774][T17641] loop0: detected capacity change from 0 to 512
[  285.118738][T17641] EXT4-fs: Ignoring removed nobh option
[  285.124206][T17639] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.5279: corrupted xattr block 19: overlapping e_value 
[  285.160233][T17641] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5284: corrupted inode contents
[  285.173936][T17639] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  285.189901][T17638] netlink: 'syz.4.5283': attribute type 4 has an invalid length.
[  285.197717][T17638] netlink: 152 bytes leftover after parsing attributes in process `syz.4.5283'.
[  285.197879][T17639] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.5279: corrupted xattr block 19: overlapping e_value 
[  285.221545][T17641] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.5284: mark_inode_dirty error
[  285.222255][T17639] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  285.242101][T17639] EXT4-fs error (device loop2): ext4_xattr_block_list:762: inode #15: comm syz.2.5279: corrupted xattr block 19: overlapping e_value 
[  285.258961][T17638] : renamed from bond0 (while UP)
[  285.269894][T17641] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5284: corrupted inode contents
[  285.308580][T17641] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.5284: mark_inode_dirty error
[  285.346393][T17641] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.5284: Failed to acquire dquot type 0
[  285.366081][T17641] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5284: corrupted inode contents
[  285.380522][T17641] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.5284: mark_inode_dirty error
[  285.393716][T17641] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5284: corrupted inode contents
[  285.420695][T17641] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.5284: mark_inode_dirty error
[  285.448433][T17648] siw: device registration error -23
[  285.497861][T17641] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5284: corrupted inode contents
[  285.676012][T17641] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  285.694109][T17641] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5284: corrupted inode contents
[  285.764310][T17641] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.5284: mark_inode_dirty error
[  285.791810][T17641] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  285.807243][T11557] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.830598][T17641] EXT4-fs (loop0): 1 truncate cleaned up
[  285.840643][T17641] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.867870][T17641] ext4 filesystem being mounted at /446/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  286.003298][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.047466][T17661] netlink: 'syz.2.5293': attribute type 27 has an invalid length.
[  286.130095][T17661] 8021q: adding VLAN 0 to HW filter on device 
[  286.141130][T17661] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  286.212692][T17667] siw: device registration error -23
[  286.242109][T17673] loop0: detected capacity change from 0 to 512
[  286.250437][T17673] EXT4-fs: Ignoring removed bh option
[  286.258472][T17673] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  286.267634][T17673] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  286.294245][T17673] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  286.306136][T17673] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  286.314817][T17673] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.342899][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.406962][T17681] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5302'.
[  286.645064][T17700] siw: device registration error -23
[  286.830809][T17718] siw: device registration error -23
[  286.888113][T17725] siw: device registration error -23
[  286.942127][T17729] loop0: detected capacity change from 0 to 1764
[  286.951417][T17729] ISOFS: unable to read i-node block
[  286.956992][T17729] isofs_fill_super: get root inode failed
[  286.998494][T17729] netlink: 'syz.0.5323': attribute type 1 has an invalid length.
[  287.006327][T17729] netlink: 224 bytes leftover after parsing attributes in process `syz.0.5323'.
[  287.018360][T17732] netlink: 'syz.0.5323': attribute type 1 has an invalid length.
[  287.026206][T17732] netlink: 224 bytes leftover after parsing attributes in process `syz.0.5323'.
[  287.234694][   T29] kauditd_printk_skb: 867 callbacks suppressed
[  287.234712][   T29] audit: type=1326 audit(1755348781.673:45812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17742 comm="syz.0.5328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  287.275246][   T29] audit: type=1326 audit(1755348781.713:45813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17742 comm="syz.0.5328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  287.299160][   T29] audit: type=1326 audit(1755348781.713:45814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17742 comm="syz.0.5328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  287.322892][   T29] audit: type=1326 audit(1755348781.713:45815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17742 comm="syz.0.5328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  287.346735][   T29] audit: type=1326 audit(1755348781.713:45816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17742 comm="syz.0.5328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  287.393525][T17747] loop0: detected capacity change from 0 to 512
[  287.402784][   T29] audit: type=1326 audit(1755348781.843:45817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.2.5307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  287.426540][   T29] audit: type=1326 audit(1755348781.843:45818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17689 comm="syz.2.5307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  287.475798][   T29] audit: type=1326 audit(1755348781.923:45819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17748 comm="syz.2.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  287.503685][T17749] siw: device registration error -23
[  287.513723][   T29] audit: type=1326 audit(1755348781.943:45820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17748 comm="syz.2.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  287.537442][   T29] audit: type=1326 audit(1755348781.943:45821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17748 comm="syz.2.5331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  287.538274][T17747] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  287.584689][T17747] EXT4-fs (loop0): orphan cleanup on readonly fs
[  287.596992][T17755] netlink: 'syz.2.5333': attribute type 27 has an invalid length.
[  287.601459][T17747] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  287.637586][T17747] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  287.660469][T17747] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5330: bg 0: block 40: padding at end of block bitmap is not set
[  287.680039][T17755] 8021q: adding VLAN 0 to HW filter on device 
[  287.688116][T17759] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5335'.
[  287.697400][T17755] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  287.713234][T17747] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  287.723666][T17747] EXT4-fs (loop0): 1 truncate cleaned up
[  287.729894][T17747] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  287.790948][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.840896][T17769] FAULT_INJECTION: forcing a failure.
[  287.840896][T17769] name failslab, interval 1, probability 0, space 0, times 0
[  287.853679][T17769] CPU: 0 UID: 0 PID: 17769 Comm: syz.4.5341 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  287.853715][T17769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  287.853731][T17769] Call Trace:
[  287.853739][T17769]  <TASK>
[  287.853755][T17769]  __dump_stack+0x1d/0x30
[  287.853779][T17769]  dump_stack_lvl+0xe8/0x140
[  287.853800][T17769]  dump_stack+0x15/0x1b
[  287.853818][T17769]  should_fail_ex+0x265/0x280
[  287.853841][T17769]  should_failslab+0x8c/0xb0
[  287.853868][T17769]  kmem_cache_alloc_noprof+0x50/0x310
[  287.853899][T17769]  ? __mpol_dup+0x42/0x1b0
[  287.853934][T17769]  __mpol_dup+0x42/0x1b0
[  287.853969][T17769]  mbind_range+0x1e8/0x440
[  287.853990][T17769]  ? mas_find+0x5d5/0x700
[  287.854022][T17769]  __se_sys_mbind+0x648/0xac0
[  287.854066][T17769]  __x64_sys_mbind+0x78/0x90
[  287.854100][T17769]  x64_sys_call+0x2932/0x2ff0
[  287.854125][T17769]  do_syscall_64+0xd2/0x200
[  287.854155][T17769]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  287.854184][T17769]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  287.854213][T17769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.854237][T17769] RIP: 0033:0x7f053a00ebe9
[  287.854255][T17769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.854277][T17769] RSP: 002b:00007f0538a77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  287.854300][T17769] RAX: ffffffffffffffda RBX: 00007f053a235fa0 RCX: 00007f053a00ebe9
[  287.854314][T17769] RDX: 0000000000000001 RSI: 0000000000600000 RDI: 0000200000000000
[  287.854329][T17769] RBP: 00007f0538a77090 R08: 0000000000000000 R09: 0000000000000002
[  287.854343][T17769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.854358][T17769] R13: 00007f053a236038 R14: 00007f053a235fa0 R15: 00007ffe626c28e8
[  287.854380][T17769]  </TASK>
[  288.076244][T17781] bridge0: entered promiscuous mode
[  288.082300][T17781] bridge0: port 5(macsec0) entered blocking state
[  288.088828][T17781] bridge0: port 5(macsec0) entered disabled state
[  288.095532][T17781] macsec0: entered allmulticast mode
[  288.100868][T17781] bridge0: entered allmulticast mode
[  288.101268][T17783] loop3: detected capacity change from 0 to 512
[  288.116172][T17783] EXT4-fs: Ignoring removed nobh option
[  288.122348][T17781] macsec0: left allmulticast mode
[  288.127565][T17781] bridge0: left allmulticast mode
[  288.134416][T17781] bridge0: left promiscuous mode
[  288.147468][T17783] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.5346: corrupted inode contents
[  288.159689][T17783] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.5346: mark_inode_dirty error
[  288.171576][T17783] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.5346: corrupted inode contents
[  288.183735][T17783] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.5346: mark_inode_dirty error
[  288.196781][T17783] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.5346: Failed to acquire dquot type 0
[  288.208688][T17783] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5346: corrupted inode contents
[  288.222384][T17783] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.5346: mark_inode_dirty error
[  288.234094][T17783] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5346: corrupted inode contents
[  288.248762][T17783] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.5346: mark_inode_dirty error
[  288.267861][T17783] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5346: corrupted inode contents
[  288.281361][T17792] netlink: 'syz.0.5349': attribute type 27 has an invalid length.
[  288.292608][T17783] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  288.301613][T17783] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5346: corrupted inode contents
[  288.313899][T17783] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.5346: mark_inode_dirty error
[  288.325921][T17783] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  288.335488][T17783] EXT4-fs (loop3): 1 truncate cleaned up
[  288.341606][T17783] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  288.354705][T17783] ext4 filesystem being mounted at /516/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.373101][T17795] 8021q: adding VLAN 0 to HW filter on device 
[  288.401661][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.415943][T17795] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  288.435544][T17799] siw: device registration error -23
[  288.674152][T17832] netlink: 'syz.0.5367': attribute type 27 has an invalid length.
[  288.723623][T17808] loop5: detected capacity change from 0 to 32768
[  288.752988][T17839] 8021q: adding VLAN 0 to HW filter on device 
[  288.764068][T17839] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  288.764347][T17845] loop2: detected capacity change from 0 to 128
[  288.790842][T17845] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  288.801029][T17845] System zones: 1-3, 19-19, 35-36
[  288.805658][T17808]  loop5: p1 p2 p3 < p5 p6 >
[  288.807052][T17845] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  288.810807][T17808] loop5: p1 size 242222080 extends beyond EOD, truncated
[  288.825711][T17845] ext4 filesystem being mounted at /449/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  288.865314][T17808] loop5: p2 start 4294967295 is beyond EOD, truncated
[  288.918106][T17845] EXT4-fs warning (device loop2): verify_group_input:137: Cannot add at group 25 (only 1 groups)
[  288.944626][T11557] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  288.989087][T17865] __nla_validate_parse: 3 callbacks suppressed
[  288.989109][T17865] netlink: 10 bytes leftover after parsing attributes in process `syz.2.5378'.
[  289.035317][T17865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5378'.
[  289.110784][T17882] netlink: 'syz.2.5386': attribute type 27 has an invalid length.
[  289.136602][T17885] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5387'.
[  289.173717][T17888] loop0: detected capacity change from 0 to 512
[  289.181402][T17888] EXT4-fs: Ignoring removed nobh option
[  289.193624][T17882] 8021q: adding VLAN 0 to HW filter on device 
[  289.205876][T17888] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5388: corrupted inode contents
[  289.231945][T17888] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.5388: mark_inode_dirty error
[  289.251844][T17882] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  289.270433][T17888] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5388: corrupted inode contents
[  289.285807][T17888] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.5388: mark_inode_dirty error
[  289.329112][T17898] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5391'.
[  289.339596][T17888] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.5388: Failed to acquire dquot type 0
[  289.357712][T17900] siw: device registration error -23
[  289.386573][T17888] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5388: corrupted inode contents
[  289.408634][T17888] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.5388: mark_inode_dirty error
[  289.424425][T17888] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5388: corrupted inode contents
[  289.439978][T17888] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.5388: mark_inode_dirty error
[  289.447787][T17907] siw: device registration error -23
[  289.452124][T17888] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5388: corrupted inode contents
[  289.473089][T17888] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  289.513835][T17888] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5388: corrupted inode contents
[  289.534321][T17888] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.5388: mark_inode_dirty error
[  289.614267][T17888] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  289.642772][T17924] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  289.658967][T17888] EXT4-fs (loop0): 1 truncate cleaned up
[  289.669589][T17888] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.690405][T17927] siw: device registration error -23
[  289.701851][T17888] ext4 filesystem being mounted at /479/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  289.741281][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.765052][T17931] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5405'.
[  289.791688][T17935] SELinux: security_context_str_to_sid () failed with errno=-22
[  289.808075][T17938] siw: device registration error -23
[  290.029652][T17956] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  290.135629][T17958] loop2: detected capacity change from 0 to 512
[  290.142880][T17958] EXT4-fs: Ignoring removed nobh option
[  290.158098][T17958] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.5417: corrupted inode contents
[  290.172203][T17958] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #3: comm syz.2.5417: mark_inode_dirty error
[  290.192959][T17958] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.5417: corrupted inode contents
[  290.206877][T17958] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.5417: mark_inode_dirty error
[  290.219369][T17958] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.5417: Failed to acquire dquot type 0
[  290.272051][T17958] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5417: corrupted inode contents
[  290.317227][T17958] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.5417: mark_inode_dirty error
[  290.359186][T17958] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5417: corrupted inode contents
[  290.371820][T17958] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.5417: mark_inode_dirty error
[  290.399932][T17958] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5417: corrupted inode contents
[  290.411537][T17968] siw: device registration error -23
[  290.412723][T17958] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  290.457104][T17970] pimreg: entered allmulticast mode
[  290.463217][T17970] pimreg: left allmulticast mode
[  290.468749][T17958] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5417: corrupted inode contents
[  290.483696][T17958] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.5417: mark_inode_dirty error
[  290.511757][T17958] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  290.524075][T17958] EXT4-fs (loop2): 1 truncate cleaned up
[  290.531733][T17958] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.545167][T17982] netlink: 10 bytes leftover after parsing attributes in process `syz.5.5427'.
[  290.551391][T17958] ext4 filesystem being mounted at /466/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  290.587181][T17988] loop3: detected capacity change from 0 to 512
[  290.593656][T17982] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5427'.
[  290.595794][T17988] EXT4-fs: Ignoring removed bh option
[  290.610160][T17988] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  290.619283][T17988] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  290.631469][T11557] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.641054][T17988] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  290.657266][T17988] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  290.672292][T17996] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  290.679130][T17997] siw: device registration error -23
[  290.685422][T17988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.713175][T18001] siw: device registration error -23
[  290.738208][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.791337][T18007] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  290.820450][T18011] netlink: 'syz.5.5436': attribute type 10 has an invalid length.
[  290.828387][T18011] netlink: 168 bytes leftover after parsing attributes in process `syz.5.5436'.
[  290.879395][T18018] netlink: 10 bytes leftover after parsing attributes in process `syz.3.5441'.
[  290.879874][T18015] 9pnet: Could not find request transport: tcp?	
[  290.912655][T18020] loop0: detected capacity change from 0 to 512
[  290.919725][T18020] EXT4-fs: Ignoring removed nobh option
[  290.946565][T18018] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5441'.
[  290.963138][T18028] siw: device registration error -23
[  290.977214][T18031] loop3: detected capacity change from 0 to 512
[  290.983909][T18031] EXT4-fs: Ignoring removed bh option
[  290.990761][T18020] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5442: corrupted inode contents
[  291.010946][T18031] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  291.020159][T18031] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  291.034995][T18020] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.5442: mark_inode_dirty error
[  291.049574][T18031] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  291.059689][T18020] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5442: corrupted inode contents
[  291.065713][T18031] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  291.080278][T18031] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.093711][T18020] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.5442: mark_inode_dirty error
[  291.107268][T18020] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.5442: Failed to acquire dquot type 0
[  291.119656][T18020] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5442: corrupted inode contents
[  291.133432][T18020] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.5442: mark_inode_dirty error
[  291.150066][T18020] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5442: corrupted inode contents
[  291.173355][T18020] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.5442: mark_inode_dirty error
[  291.212336][T18020] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5442: corrupted inode contents
[  291.226357][T18020] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  291.240781][T18020] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5442: corrupted inode contents
[  291.254828][T18020] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.5442: mark_inode_dirty error
[  291.268918][T18020] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  291.278685][T18020] EXT4-fs (loop0): 1 truncate cleaned up
[  291.285670][T18020] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.300094][T18020] ext4 filesystem being mounted at /484/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  291.599983][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.609945][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.633628][T18055] siw: device registration error -23
[  291.688359][T18065] siw: device registration error -23
[  291.701500][T18067] loop5: detected capacity change from 0 to 512
[  291.709975][T18067] EXT4-fs: Ignoring removed bh option
[  291.723990][T18067] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  291.733116][T18067] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  291.772723][T18074] loop0: detected capacity change from 0 to 512
[  291.779425][T18067] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  291.788943][T18074] EXT4-fs: Ignoring removed nobh option
[  291.795359][T18067] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  291.810219][T18067] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.831999][T18074] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5462: corrupted inode contents
[  291.836124][T18081] loop3: detected capacity change from 0 to 512
[  291.850516][T18074] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.5462: mark_inode_dirty error
[  291.877991][T17216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.887844][T18081] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  291.896818][T18074] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5462: corrupted inode contents
[  291.912750][T18074] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.5462: mark_inode_dirty error
[  291.931015][T18074] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.5462: Failed to acquire dquot type 0
[  291.956551][T18088] siw: device registration error -23
[  291.972226][T18074] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5462: corrupted inode contents
[  291.984957][T18074] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.5462: mark_inode_dirty error
[  291.995212][T18081] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.997236][T18074] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5462: corrupted inode contents
[  292.021521][T18074] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.5462: mark_inode_dirty error
[  292.031623][T18081] ext4 filesystem being mounted at /539/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.036365][T18074] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5462: corrupted inode contents
[  292.055296][T18090] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  292.091323][T18086] netlink: 'syz.4.5466': attribute type 4 has an invalid length.
[  292.108273][T18074] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  292.137661][T18095] netlink: 'syz.3.5465': attribute type 4 has an invalid length.
[  292.148663][T18095] : renamed from bond0 (while UP)
[  292.155290][T18074] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5462: corrupted inode contents
[  292.174219][T18074] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.5462: mark_inode_dirty error
[  292.202771][T18074] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  292.208829][T18099] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.5465: corrupted xattr block 19: overlapping e_value 
[  292.229401][T18074] EXT4-fs (loop0): 1 truncate cleaned up
[  292.235950][T18074] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.287211][T18074] ext4 filesystem being mounted at /488/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.370086][T18099] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  292.528649][T18099] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.5465: corrupted xattr block 19: overlapping e_value 
[  292.695812][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.708561][T18099] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  292.733621][T18099] EXT4-fs error (device loop3): ext4_xattr_block_list:762: inode #15: comm syz.3.5465: corrupted xattr block 19: overlapping e_value 
[  292.738531][T18116] loop2: detected capacity change from 0 to 512
[  292.778324][T18116] EXT4-fs: Ignoring removed bh option
[  292.780243][   T29] kauditd_printk_skb: 1646 callbacks suppressed
[  292.780280][   T29] audit: type=1326 audit(1755348787.223:47457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18118 comm="syz.0.5477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5a27985ba7 code=0x7ffc0000
[  292.819471][T18119] siw: device registration error -23
[  292.827045][   T29] audit: type=1326 audit(1755348787.253:47458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18118 comm="syz.0.5477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5a2792add9 code=0x7ffc0000
[  292.850798][   T29] audit: type=1326 audit(1755348787.253:47459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18118 comm="syz.0.5477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5a27985ba7 code=0x7ffc0000
[  292.874718][   T29] audit: type=1326 audit(1755348787.253:47460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18118 comm="syz.0.5477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5a2792add9 code=0x7ffc0000
[  292.898656][   T29] audit: type=1326 audit(1755348787.253:47461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18118 comm="syz.0.5477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  292.922470][   T29] audit: type=1326 audit(1755348787.253:47462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18118 comm="syz.0.5477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  292.946219][   T29] audit: type=1326 audit(1755348787.263:47463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18118 comm="syz.0.5477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  292.948297][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.969894][   T29] audit: type=1326 audit(1755348787.263:47464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18118 comm="syz.0.5477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  293.002537][   T29] audit: type=1326 audit(1755348787.263:47465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18118 comm="syz.0.5477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  293.026297][   T29] audit: type=1326 audit(1755348787.263:47466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18118 comm="syz.0.5477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2798ebe9 code=0x7ffc0000
[  293.039843][T18116] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  293.059242][T18116] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  293.110574][T18116] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  293.120262][T18116] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  293.130698][T18116] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.248214][T11557] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.520599][T18146] siw: device registration error -23
[  293.567152][T18152] siw: device registration error -23
[  293.586999][T18154] 8021q: adding VLAN 0 to HW filter on device 
[  293.596722][T18154] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  293.624373][T18157] loop3: detected capacity change from 0 to 512
[  293.633389][T18157] EXT4-fs: Ignoring removed nobh option
[  293.658660][T18157] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.5493: corrupted inode contents
[  293.671637][T18157] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.5493: mark_inode_dirty error
[  293.684350][T18157] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.5493: corrupted inode contents
[  293.696986][T18157] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.5493: mark_inode_dirty error
[  293.711219][T18157] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.5493: Failed to acquire dquot type 0
[  293.724233][T18157] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5493: corrupted inode contents
[  293.737932][T18157] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.5493: mark_inode_dirty error
[  293.750642][T18157] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5493: corrupted inode contents
[  293.767009][T18157] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.5493: mark_inode_dirty error
[  293.813408][T18157] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5493: corrupted inode contents
[  293.827110][T18157] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  293.828977][T18175] siw: device registration error -23
[  293.835906][T18157] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5493: corrupted inode contents
[  293.855432][T18157] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.5493: mark_inode_dirty error
[  293.882722][T18157] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  293.899368][T18157] EXT4-fs (loop3): 1 truncate cleaned up
[  293.901880][T18180] siw: device registration error -23
[  293.918505][T18157] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.943414][T18186] siw: device registration error -23
[  293.964556][T18157] ext4 filesystem being mounted at /542/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.991458][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.017858][T18199] __nla_validate_parse: 11 callbacks suppressed
[  294.017877][T18199] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5510'.
[  294.021507][T18201] loop3: detected capacity change from 0 to 512
[  294.048541][T18202] loop5: detected capacity change from 0 to 1764
[  294.056905][T18201] EXT4-fs: Ignoring removed bh option
[  294.062848][T18201] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  294.072052][T18201] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  294.088403][T18202] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  294.098369][T18201] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  294.107257][T18208] siw: device registration error -23
[  294.107807][T18201] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  294.121362][T18201] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.135951][T18201] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5509'.
[  294.157130][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.263733][T18218] siw: device registration error -23
[  294.290498][T18220] netlink: 'syz.3.5517': attribute type 1 has an invalid length.
[  294.298397][T18220] netlink: 224 bytes leftover after parsing attributes in process `syz.3.5517'.
[  294.325748][T18224] IPv6: Can't replace route, no match found
[  294.351453][T18227] 8021q: adding VLAN 0 to HW filter on device 
[  294.360028][T18227] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  294.394913][T18229] loop3: detected capacity change from 0 to 512
[  294.401562][T18229] EXT4-fs: Ignoring removed nobh option
[  294.416468][T18229] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.5520: corrupted inode contents
[  294.428528][T18229] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.5520: mark_inode_dirty error
[  294.440594][T18229] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.5520: corrupted inode contents
[  294.452754][T18229] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.5520: mark_inode_dirty error
[  294.464653][T18229] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.5520: Failed to acquire dquot type 0
[  294.476444][T18229] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5520: corrupted inode contents
[  294.488683][T18229] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.5520: mark_inode_dirty error
[  294.500280][T18229] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5520: corrupted inode contents
[  294.512494][T18229] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.5520: mark_inode_dirty error
[  294.524116][T18229] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5520: corrupted inode contents
[  294.536349][T18229] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  294.545163][T18229] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5520: corrupted inode contents
[  294.557339][T18229] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.5520: mark_inode_dirty error
[  294.568709][T18229] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  294.578089][T18229] EXT4-fs (loop3): 1 truncate cleaned up
[  294.584023][T18229] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.596711][T18229] ext4 filesystem being mounted at /550/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  294.618353][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.655792][T18235] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5522'.
[  294.680670][T18237] siw: device registration error -23
[  294.723848][T18242] loop3: detected capacity change from 0 to 512
[  294.731879][T18242] EXT4-fs: Ignoring removed bh option
[  294.737945][T18242] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  294.747195][T18242] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  294.756150][T18242] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  294.765497][T18242] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  294.774422][T18242] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.788438][T18242] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5525'.
[  294.810313][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.847432][T18250] siw: device registration error -23
[  294.873379][T18254] FAULT_INJECTION: forcing a failure.
[  294.873379][T18254] name failslab, interval 1, probability 0, space 0, times 0
[  294.886089][T18254] CPU: 1 UID: 0 PID: 18254 Comm: syz.5.5530 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  294.886126][T18254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  294.886219][T18254] Call Trace:
[  294.886234][T18254]  <TASK>
[  294.886286][T18254]  __dump_stack+0x1d/0x30
[  294.886313][T18254]  dump_stack_lvl+0xe8/0x140
[  294.886338][T18254]  dump_stack+0x15/0x1b
[  294.886356][T18254]  should_fail_ex+0x265/0x280
[  294.886378][T18254]  should_failslab+0x8c/0xb0
[  294.886403][T18254]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  294.886497][T18254]  ? kasprintf+0x83/0xb0
[  294.886537][T18254]  kvasprintf+0x8a/0x110
[  294.886575][T18254]  ? obj_cgroup_charge_account+0x122/0x1a0
[  294.886638][T18254]  kasprintf+0x83/0xb0
[  294.886724][T18254]  ? __memcg_slab_post_alloc_hook+0x44c/0x580
[  294.886768][T18254]  nf_tables_set_alloc_name+0xaa/0x4b0
[  294.886839][T18254]  ? nla_strdup+0x78/0xc0
[  294.886874][T18254]  nf_tables_newset+0xe24/0x14e0
[  294.886915][T18254]  nfnetlink_rcv+0xb96/0x1690
[  294.887002][T18254]  netlink_unicast+0x5bd/0x690
[  294.887063][T18254]  netlink_sendmsg+0x58b/0x6b0
[  294.887092][T18254]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.887192][T18254]  __sock_sendmsg+0x142/0x180
[  294.887222][T18254]  ____sys_sendmsg+0x31e/0x4e0
[  294.887256][T18254]  ___sys_sendmsg+0x17b/0x1d0
[  294.887321][T18254]  __x64_sys_sendmsg+0xd4/0x160
[  294.887422][T18254]  x64_sys_call+0x191e/0x2ff0
[  294.887445][T18254]  do_syscall_64+0xd2/0x200
[  294.887485][T18254]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  294.887510][T18254]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  294.887590][T18254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.887612][T18254] RIP: 0033:0x7fd9ee07ebe9
[  294.887628][T18254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.887699][T18254] RSP: 002b:00007fd9ecae7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.887719][T18254] RAX: ffffffffffffffda RBX: 00007fd9ee2a5fa0 RCX: 00007fd9ee07ebe9
[  294.887732][T18254] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000003
[  294.887744][T18254] RBP: 00007fd9ecae7090 R08: 0000000000000000 R09: 0000000000000000
[  294.887757][T18254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.887769][T18254] R13: 00007fd9ee2a6038 R14: 00007fd9ee2a5fa0 R15: 00007ffda735eb08
[  294.887856][T18254]  </TASK>
[  294.911751][T18258] loop3: detected capacity change from 0 to 512
[  294.925456][T18258] EXT4-fs: Ignoring removed nobh option
[  294.946770][T18258] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.5532: corrupted inode contents
[  295.016911][T18264] siw: device registration error -23
[  295.022135][T18258] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.5532: mark_inode_dirty error
[  295.031657][T18258] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.5532: corrupted inode contents
[  295.040814][T18258] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.5532: mark_inode_dirty error
[  295.046720][T18256] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  295.055720][T18258] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.5532: Failed to acquire dquot type 0
[  295.225684][T18258] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5532: corrupted inode contents
[  295.239096][T18258] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.5532: mark_inode_dirty error
[  295.250920][T18258] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5532: corrupted inode contents
[  295.263284][T18258] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.5532: mark_inode_dirty error
[  295.279372][T18273] loop5: detected capacity change from 0 to 512
[  295.286128][T18273] EXT4-fs: Ignoring removed bh option
[  295.292181][T18258] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5532: corrupted inode contents
[  295.304324][T18273] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  295.313554][T18273] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  295.314002][T18258] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  295.325850][T18273] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  295.340000][T18258] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5532: corrupted inode contents
[  295.340499][T18273] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  295.354575][T18258] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.5532: mark_inode_dirty error
[  295.372349][T18258] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  295.381858][T18258] EXT4-fs (loop3): 1 truncate cleaned up
[  295.386021][T18273] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.391307][T18258] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.416967][T18275] loop2: detected capacity change from 0 to 1024
[  295.423854][T18258] ext4 filesystem being mounted at /558/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.431423][T18273] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5537'.
[  295.454703][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.463842][T18275] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  295.512930][T18275] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.5538: bg 0: block 10: padding at end of block bitmap is not set
[  295.528783][T18275] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.5538: Failed to acquire dquot type 0
[  295.542606][T17216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.552188][T18275] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.5538: Failed to acquire dquot type 0
[  295.565539][T18275] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.5538: Freeing blocks not in datazone - block = 0, count = 4096
[  295.584719][T18275] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.5538: Failed to acquire dquot type 0
[  295.593072][T18287] siw: device registration error -23
[  295.601695][T18275] EXT4-fs (loop2): 1 orphan inode deleted
[  295.612103][T18275] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.682788][T18293] siw: device registration error -23
[  295.971544][T10826] bridge0: port 3(syz_tun) entered disabled state
[  295.997072][T10826] syz_tun (unregistering): left allmulticast mode
[  296.003661][T10826] syz_tun (unregistering): left promiscuous mode
[  296.010090][T10826] bridge0: port 3(syz_tun) entered disabled state
[  296.091105][T18303] loop0: detected capacity change from 0 to 512
[  296.095279][T11557] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.106951][T18303] EXT4-fs: Ignoring removed nobh option
[  296.128317][T18303] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5550: corrupted inode contents
[  296.140531][T18307] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5546'.
[  296.152670][T18303] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.5550: mark_inode_dirty error
[  296.173645][T18303] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.5550: corrupted inode contents
[  296.189107][T18303] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.5550: mark_inode_dirty error
[  296.198549][T18299] lo speed is unknown, defaulting to 1000
[  296.248773][T18303] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.5550: Failed to acquire dquot type 0
[  296.266034][T18303] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5550: corrupted inode contents
[  296.290406][T18303] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.5550: mark_inode_dirty error
[  296.299868][T18321] loop5: detected capacity change from 0 to 512
[  296.303158][T18303] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5550: corrupted inode contents
[  296.310031][T18321] EXT4-fs: Ignoring removed bh option
[  296.327860][T18321] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  296.336817][T18303] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.5550: mark_inode_dirty error
[  296.337045][T18321] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  296.352062][T18303] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5550: corrupted inode contents
[  296.358927][T18321] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  296.369069][T18303] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  296.379185][T18321] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  296.395243][T18321] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.401414][T18303] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.5550: corrupted inode contents
[  296.419710][T18303] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.5550: mark_inode_dirty error
[  296.431074][T18303] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  296.447083][T18303] EXT4-fs (loop0): 1 truncate cleaned up
[  296.477890][T17216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.477948][T18299] chnl_net:caif_netlink_parms(): no params data found
[  296.492751][T18303] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.508200][T18303] ext4 filesystem being mounted at /492/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.529590][T18332] siw: device registration error -23
[  296.549126][T18335] siw: device registration error -23
[  296.581342][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.606637][T18341] siw: device registration error -23
[  296.636684][T18344] siw: device registration error -23
[  296.656609][T18299] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.663723][T18299] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.675045][T18299] bridge_slave_0: entered allmulticast mode
[  296.681505][T18299] bridge_slave_0: entered promiscuous mode
[  296.695377][T18299] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.702509][T18299] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.709817][T18347] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5561'.
[  296.709999][T18299] bridge_slave_1: entered allmulticast mode
[  296.726100][T18299] bridge_slave_1: entered promiscuous mode
[  296.733987][T16509] dummy0: left allmulticast mode
[  296.739098][T16509] dummy0: left promiscuous mode
[  296.744100][T16509] bridge0: port 4(dummy0) entered disabled state
[  296.751133][T16509] bridge_slave_1: left allmulticast mode
[  296.757075][T16509] bridge_slave_1: left promiscuous mode
[  296.762845][T16509] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.771027][T16509] bridge_slave_0: left allmulticast mode
[  296.776819][T16509] bridge_slave_0: left promiscuous mode
[  296.782622][T16509] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.857032][T16509]  (unregistering): (slave 
c
1ÿ): Releasing backup interface
[  296.867762][T16509]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  296.876676][T16509]  (unregistering): Released all slaves
[  296.887209][T16509] bond1 (unregistering): Released all slaves
[  296.930896][T18299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.933927][T18357] loop0: detected capacity change from 0 to 512
[  296.949286][T18357] EXT4-fs: Ignoring removed bh option
[  296.952142][T18299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.964151][T18357] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  296.973322][T18357] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  296.983407][T16509] tipc: Left network mode
[  296.988641][T18357] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  297.003582][T18357] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  297.012801][T18357] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  297.068295][T18362] FAULT_INJECTION: forcing a failure.
[  297.068295][T18362] name failslab, interval 1, probability 0, space 0, times 0
[  297.081093][T18362] CPU: 1 UID: 0 PID: 18362 Comm: syz.3.5566 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  297.081143][T18362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  297.081160][T18362] Call Trace:
[  297.081169][T18362]  <TASK>
[  297.081178][T18362]  __dump_stack+0x1d/0x30
[  297.081279][T18362]  dump_stack_lvl+0xe8/0x140
[  297.081322][T18362]  dump_stack+0x15/0x1b
[  297.081340][T18362]  should_fail_ex+0x265/0x280
[  297.081367][T18362]  should_failslab+0x8c/0xb0
[  297.081392][T18362]  kmem_cache_alloc_noprof+0x50/0x310
[  297.081420][T18362]  ? audit_log_start+0x365/0x6c0
[  297.081563][T18362]  audit_log_start+0x365/0x6c0
[  297.081597][T18362]  ? do_user_addr_fault+0xceb/0x1090
[  297.081697][T18362]  audit_seccomp+0x48/0x100
[  297.081723][T18362]  ? __seccomp_filter+0x68c/0x10d0
[  297.081748][T18362]  __seccomp_filter+0x69d/0x10d0
[  297.081809][T18362]  ? rep_movs_alternative+0x1e/0x90
[  297.081857][T18362]  __secure_computing+0x82/0x150
[  297.081877][T18362]  syscall_trace_enter+0xcf/0x1e0
[  297.081962][T18362]  do_syscall_64+0xac/0x200
[  297.081993][T18362]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  297.082091][T18362]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  297.082123][T18362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.082147][T18362] RIP: 0033:0x7ff26076d5fc
[  297.082162][T18362] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  297.082257][T18362] RSP: 002b:00007ff25f1cf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  297.082276][T18362] RAX: ffffffffffffffda RBX: 00007ff260995fa0 RCX: 00007ff26076d5fc
[  297.082288][T18362] RDX: 000000000000000f RSI: 00007ff25f1cf0a0 RDI: 0000000000000005
[  297.082305][T18362] RBP: 00007ff25f1cf090 R08: 0000000000000000 R09: 0000000000000000
[  297.082338][T18362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.082361][T18362] R13: 00007ff260996038 R14: 00007ff260995fa0 R15: 00007ffc11b2ca58
[  297.082386][T18362]  </TASK>
[  297.283722][T11342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.316137][T16509] hsr_slave_0: left promiscuous mode
[  297.322635][T16509] hsr_slave_1: left promiscuous mode
[  297.330062][T16509] batman_adv: batadv0: Removing interface: batadv_slave_0
[  297.338832][T16509] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.375824][T18369] siw: device registration error -23
[  297.612566][T18299] team0: Port device team_slave_0 added
[  297.623982][T18367] bridge0: entered promiscuous mode
[  297.632061][T18367] bridge0: port 4(macsec0) entered blocking state
[  297.638633][T18367] bridge0: port 4(macsec0) entered disabled state
[  297.648805][T18367] macsec0: entered allmulticast mode
[  297.654217][T18367] bridge0: entered allmulticast mode
[  297.661551][T18367] macsec0: left allmulticast mode
[  297.666706][T18367] bridge0: left allmulticast mode
[  297.674553][T18367] bridge0: left promiscuous mode
[  297.684255][ T3407] lo speed is unknown, defaulting to 1000
[  297.690057][ T3407] infiniband syz0: ib_query_port failed (-19)
[  297.705764][T18299] team0: Port device team_slave_1 added
[  297.822966][T18299] batman_adv: batadv0: Adding interface: batadv_slave_0
[  297.830006][T18299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  297.856066][T18299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  297.869584][T18299] batman_adv: batadv0: Adding interface: batadv_slave_1
[  297.876658][T18299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  297.902833][T18299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  297.937209][   T29] kauditd_printk_skb: 1486 callbacks suppressed
[  297.937228][   T29] audit: type=1400 audit(1755348792.383:48934): avc:  denied  { mount } for  pid=18390 comm="syz.5.5575" name="/" dev="ramfs" ino=69009 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  297.967966][   T29] audit: type=1400 audit(1755348792.383:48935): avc:  denied  { write } for  pid=18390 comm="syz.5.5575" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  297.991847][   T29] audit: type=1400 audit(1755348792.383:48936): avc:  denied  { ioctl } for  pid=18390 comm="syz.5.5575" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  298.025039][   T29] audit: type=1326 audit(1755348792.423:48937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18388 comm="syz.3.5573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff26076ebe9 code=0x7ffc0000
[  298.045030][T18299] hsr_slave_0: entered promiscuous mode
[  298.048807][   T29] audit: type=1326 audit(1755348792.423:48938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18388 comm="syz.3.5573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff26076ebe9 code=0x7ffc0000
[  298.058302][T18299] hsr_slave_1: entered promiscuous mode
[  298.077902][   T29] audit: type=1326 audit(1755348792.423:48939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18388 comm="syz.3.5573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff26076ebe9 code=0x7ffc0000
[  298.077948][   T29] audit: type=1326 audit(1755348792.423:48940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18388 comm="syz.3.5573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff26076ebe9 code=0x7ffc0000
[  298.108067][T18299] debugfs: 'hsr0' already exists in 'hsr'
[  298.130741][   T29] audit: type=1326 audit(1755348792.433:48941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18388 comm="syz.3.5573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff26076ebe9 code=0x7ffc0000
[  298.136450][T18299] Cannot create hsr debugfs directory
[  298.165423][   T29] audit: type=1326 audit(1755348792.433:48942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18388 comm="syz.3.5573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff26076ebe9 code=0x7ffc0000
[  298.189023][   T29] audit: type=1326 audit(1755348792.463:48943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18384 comm="syz.2.5572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff53febe9 code=0x7ffc0000
[  298.307105][T18405] lo speed is unknown, defaulting to 1000
[  298.336095][T18409] siw: device registration error -23
[  298.345328][T18407] loop2: detected capacity change from 0 to 4096
[  298.356741][T18407] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.376551][T18413] loop3: detected capacity change from 0 to 512
[  298.383202][T18413] EXT4-fs: Ignoring removed nobh option
[  298.396022][T18405] lo speed is unknown, defaulting to 1000
[  298.404173][T18413] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.5582: corrupted inode contents
[  298.431503][T11557] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.442621][T18405] lo speed is unknown, defaulting to 1000
[  298.449547][T18405] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  298.463123][T18413] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #3: comm syz.3.5582: mark_inode_dirty error
[  298.474988][T18405] lo speed is unknown, defaulting to 1000
[  298.481341][T18405] lo speed is unknown, defaulting to 1000
[  298.487803][T18405] lo speed is unknown, defaulting to 1000
[  298.488682][T18413] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #3: comm syz.3.5582: corrupted inode contents
[  298.510864][T18405] lo speed is unknown, defaulting to 1000
[  298.511007][T18413] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.5582: mark_inode_dirty error
[  298.517275][T18405] lo speed is unknown, defaulting to 1000
[  298.529914][T18413] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.5582: Failed to acquire dquot type 0
[  298.546953][T18413] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5582: corrupted inode contents
[  298.576206][T18413] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #16: comm syz.3.5582: mark_inode_dirty error
[  298.589971][T18420] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5584'.
[  298.599473][T18413] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5582: corrupted inode contents
[  298.614291][T18422] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5585'.
[  298.625919][T18413] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.5582: mark_inode_dirty error
[  298.637325][T18413] ==================================================================
[  298.645424][T18413] BUG: KCSAN: data-race in console_flush_all / console_flush_all
[  298.653170][T18413] 
[  298.655500][T18413] write to 0xffffffff86a20b48 of 8 bytes by task 18420 on cpu 0:
[  298.663231][T18413]  console_flush_all+0x35a/0x730
[  298.668192][T18413]  console_unlock+0xa1/0x330
[  298.672795][T18413]  vprintk_emit+0x388/0x650
[  298.677309][T18413]  vprintk_default+0x26/0x30
[  298.681923][T18413]  vprintk+0x1d/0x30
[  298.685841][T18413]  _printk+0x79/0xa0
[  298.689769][T18413]  chnl_net_open+0x2a9/0x560
[  298.694393][T18413]  __dev_open+0x2d2/0x530
[  298.698745][T18413]  __dev_change_flags+0x163/0x400
[  298.703808][T18413]  netif_change_flags+0x5a/0xd0
[  298.708692][T18413]  do_setlink+0x9d2/0x2810
[  298.713138][T18413]  rtnl_newlink+0xd8b/0x12d0
[  298.718011][T18413]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  298.722983][T18413]  netlink_rcv_skb+0x123/0x220
[  298.727774][T18413]  rtnetlink_rcv+0x1c/0x30
[  298.732223][T18413]  netlink_unicast+0x5bd/0x690
[  298.737029][T18413]  netlink_sendmsg+0x58b/0x6b0
[  298.741824][T18413]  __sock_sendmsg+0x142/0x180
[  298.746529][T18413]  ____sys_sendmsg+0x31e/0x4e0
[  298.751318][T18413]  ___sys_sendmsg+0x17b/0x1d0
[  298.756109][T18413]  __x64_sys_sendmsg+0xd4/0x160
[  298.760984][T18413]  x64_sys_call+0x191e/0x2ff0
[  298.765692][T18413]  do_syscall_64+0xd2/0x200
[  298.770230][T18413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.776150][T18413] 
[  298.778490][T18413] read to 0xffffffff86a20b48 of 8 bytes by task 18413 on cpu 1:
[  298.786159][T18413]  console_flush_all+0x563/0x730
[  298.791103][T18413]  console_unlock+0xa1/0x330
[  298.795697][T18413]  vprintk_emit+0x388/0x650
[  298.800236][T18413]  vprintk_default+0x26/0x30
[  298.804828][T18413]  vprintk+0x1d/0x30
[  298.808733][T18413]  _printk+0x79/0xa0
[  298.812663][T18413]  __ext4_error_inode+0x2ca/0x3f0
[  298.817698][T18413]  __ext4_mark_inode_dirty+0xbd/0x3f0
[  298.823080][T18413]  __ext4_ext_dirty+0xdb/0x1f0
[  298.827845][T18413]  ext4_ext_remove_space+0x135b/0x2900
[  298.833318][T18413]  ext4_ext_truncate+0xc7/0x170
[  298.838173][T18413]  ext4_truncate+0x708/0xad0
[  298.842769][T18413]  ext4_process_orphan+0x110/0x1c0
[  298.847886][T18413]  ext4_orphan_cleanup+0x6a8/0xa00
[  298.853001][T18413]  ext4_fill_super+0x3171/0x34e0
[  298.857972][T18413]  get_tree_bdev_flags+0x28e/0x300
[  298.863089][T18413]  get_tree_bdev+0x1f/0x30
[  298.867509][T18413]  ext4_get_tree+0x1c/0x30
[  298.871941][T18413]  vfs_get_tree+0x57/0x1d0
[  298.876359][T18413]  do_new_mount+0x207/0x5e0
[  298.880864][T18413]  path_mount+0x4a4/0xb20
[  298.885212][T18413]  __se_sys_mount+0x28f/0x2e0
[  298.889897][T18413]  __x64_sys_mount+0x67/0x80
[  298.894517][T18413]  x64_sys_call+0x2b4d/0x2ff0
[  298.899253][T18413]  do_syscall_64+0xd2/0x200
[  298.903792][T18413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.909697][T18413] 
[  298.912017][T18413] value changed: 0x00000000000034b5 -> 0x00000000000034b6
[  298.919119][T18413] 
[  298.921437][T18413] Reported by Kernel Concurrency Sanitizer on:
[  298.927591][T18413] CPU: 1 UID: 0 PID: 18413 Comm: syz.3.5582 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) 
[  298.940086][T18413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  298.950167][T18413] ==================================================================
[  298.958700][T18413] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5582: corrupted inode contents
[  298.970671][T18420] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  298.970941][T18413] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  298.997006][T18413] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.5582: corrupted inode contents
[  299.009564][T18413] EXT4-fs error (device loop3): ext4_truncate:4666: inode #16: comm syz.3.5582: mark_inode_dirty error
[  299.022384][T18413] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  299.031909][T18413] EXT4-fs (loop3): 1 truncate cleaned up
[  299.038087][T18413] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.050682][T18413] ext4 filesystem being mounted at /568/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.083973][T11067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.109628][T18299] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  299.118313][T18299] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  299.127095][T18299] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  299.135951][T18299] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  299.168400][T18299] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.179981][T18299] 8021q: adding VLAN 0 to HW filter on device team0
[  299.189415][T16533] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.196574][T16533] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.207996][T16509] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.215094][T16509] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.278209][T18299] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.381977][T18299] veth0_vlan: entered promiscuous mode
[  299.389752][T18299] veth1_vlan: entered promiscuous mode
[  299.404924][T18299] veth0_macvtap: entered promiscuous mode
[  299.412086][T18299] veth1_macvtap: entered promiscuous mode
[  299.423196][T18299] batman_adv: batadv0: Interface activated: batadv_slave_0
[  299.434172][T18299] batman_adv: batadv0: Interface activated: batadv_slave_1
[  299.447132][T16533] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  299.457778][T16533] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  299.466778][T16533] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  299.475977][T16533] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0