last executing test programs:

3.880869678s ago: executing program 1 (id=558):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_disconnect={0xffffffff})
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x12, &(0x7f0000000480)=0x4, 0x4)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x0, 0x8}, 0x4a00, 0x10000, 0x0, 0x6, 0x8, 0x40, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000000)=0x1)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x3, 0x0, 0x2, 0x0, 0x9, 0x64039, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x4000000000, 0x3fff8000}, 0x12205, 0x32, 0x0, 0x4, 0x9, 0x9, 0x2, 0x0, 0x800, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
syz_clone(0x200, &(0x7f0000000300)="f598c1835426d886908f7cbd7ad30182b728e4657859e717b3481705df9cb2d4c597924352612f23c7f42b0fd7637fbfb3059a6728ba11a1c3c88cf7d0b7a2ad698bd375d52fc9f16212acfcf76c85b3f12cf05cda2b1fbe0801c87cda990289071c433c9a94a4f5ec37a094479779530d5184213325cf86d0e74a4d89fc168430c25aa523bbaa792fa0f8774e6e74bd67b9bf0565e32b61d46d36e740e0265df4ef883c874af330df61d367401baff9a787dcb4a67da6bc1edc9f3a392e228460e47dacf7e93b80e9605e16ae9c7dd38d9ffaa11c119f1f7eb0929bb1e84c502fbacea18759e7b91bec8a8b", 0xec, &(0x7f00000001c0), &(0x7f0000000400), &(0x7f0000000640)="33bdd7d5540718424694773d1ae8459eb4d9e398f45ff5c50447b92068d82903ad9650782be97a24be97b095269faa654c0775ec464dfde1aab4d810fcc90724f0a5ba93c90fda6b8f351ceec1286d9a44271aa60fe04be395c7af6cf2164110590e04b572bd3f5e994faf06be28d23262")
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r1, 0x29, 0x1a, 0x0, 0x4)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x33, 0x1, [{0xfe, 0x40000}]}})
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000000)={0xd, {{0x2, 0x0, @multicast1}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000001140)=ANY=[@ANYBLOB="030000000000000002004e23e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004800"/144], 0x90)
socket(0xb, 0x3, 0x371)
write$UHID_CREATE(r2, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x10001}}, 0x120)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000000))
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x68}, 0x1, 0x0, 0x0, 0x40000}, 0x8000006)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r7, 0x0, 0x401}, 0x11)
write$UHID_DESTROY(r2, &(0x7f0000000080), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)

3.504490765s ago: executing program 0 (id=565):
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

3.335950611s ago: executing program 1 (id=569):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x80500, 0x4)
setsockopt$inet_mreqsrc(r2, 0x0, 0x28, &(0x7f0000000080)={@dev={0xac, 0x14, 0x14, 0x1c}, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r3}, 0x18)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f00000002c0)={'ip_vti0\x00', &(0x7f00000001c0)={'gre0\x00', 0x0, 0x44a4da6a6f8f5bf0, 0x7, 0x900, 0x4, {{0x6, 0x4, 0x1, 0x2, 0x18, 0x68, 0x0, 0x9, 0x2f, 0x0, @multicast1, @private=0xa010102, {[@noop]}}}}})
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="180058f613ecde46e90000000000000000fbffffff850000002a", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b70400000000000085000000330000009500000000000000"], &(0x7f00000001c0)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r6, 0x84, 0x6e, &(0x7f0000000340)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x31}}, @in={0x2, 0x4e24, @broadcast}, @in6={0xa, 0x4e20, 0x4, @local, 0x1}], 0x3c)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRES8=r4, @ANYRES32=r6, @ANYBLOB="5d980a1910b71a5d6573e0ba25a72a718ad850c5c47d68ffa9ac8b8107cee376001bb40293908a962321f6e8dca32fc94930debcc0f6d386baa19327170b9c73034983abf52da8f2cea07529baf3c3dbee109250d25459dc797cc3f08e0e699b7f50ffcd8c9f28712d8852949de9ab92e0c506f322d223a8cde5afd901bfddf3e4864e39fd734a56b00dc02d7f4719fbd0140d5ba712ce5ea27da8a3647866ecdc83d1b0fe237974f608c5262469b80faf2be43122f78b3a2deef40327ced67ebd01427b"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r7, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r10, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0xffffffff}]}}]}, 0x38}}, 0x4048000)

3.268064918s ago: executing program 0 (id=570):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_QUANTUM={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

3.171438828s ago: executing program 0 (id=573):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000050000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
r2 = syz_io_uring_setup(0x10e, &(0x7f0000001cc0)={0x0, 0xf07d, 0x400, 0x40000, 0x101}, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000380)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index=0x1, 0x8, &(0x7f0000002a40)=[{&(0x7f0000000280)=""/221, 0xdd}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000002b00)=""/4099, 0x1000}, {&(0x7f0000000440)=""/107}, {&(0x7f0000000500)=""/193}, {&(0x7f00000003c0)=""/18}, {&(0x7f0000000700)=""/148}, {&(0x7f0000002840)=""/245}, {&(0x7f0000002940)=""/226}], 0x11b, 0x1d})
io_uring_enter(r2, 0x8aa, 0x0, 0x0, 0x0, 0x0)

2.809405813s ago: executing program 1 (id=577):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20)
r2 = syz_io_uring_setup(0x10e, &(0x7f0000001cc0)={0x0, 0xf07d, 0x400, 0x40000, 0x101}, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000380)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index=0x1, 0x8, &(0x7f0000002a40)=[{&(0x7f0000000280)=""/221, 0xdd}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000002b00)=""/4099, 0x1003}, {&(0x7f0000000440)=""/107, 0x6b}, {&(0x7f0000000500)=""/193, 0xc1}, {&(0x7f00000003c0)=""/18, 0x12}, {&(0x7f0000000700)=""/148, 0x94}, {&(0x7f0000002840)=""/245, 0xf5}], 0x8, 0x1d})
io_uring_enter(r2, 0x8aa, 0x0, 0x0, 0x0, 0x0)

2.685576796s ago: executing program 1 (id=578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000400)={@rand_addr, @local, <r3=>0x0}, &(0x7f0000000440)=0xc)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000580)={'gre0\x00', &(0x7f0000000480)={'syztnl2\x00', <r4=>0x0, 0x7800, 0x7, 0x37, 0x6, {{0x2b, 0x4, 0x0, 0x15, 0xac, 0x68, 0x0, 0x5, 0x2f, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x34}, {[@timestamp={0x44, 0x20, 0x9e, 0x0, 0x8, [0x9, 0xc, 0x8, 0x854e, 0x9, 0x6, 0x7]}, @cipso={0x86, 0x3a, 0x1, [{0x5, 0x8, "1211caa9171c"}, {0x6, 0x8, "ef45fbeb672a"}, {0x7, 0xc, "ebcfbd7367de138b95c7"}, {0x5, 0x9, "9261c647fe5da3"}, {0x0, 0xf, "2c0c87dfd7b9a20a14848ca942"}]}, @rr={0x7, 0xb, 0x2f, [@remote, @broadcast]}, @lsrr={0x83, 0x1b, 0xe7, [@private=0xa010100, @dev={0xac, 0x14, 0x14, 0x22}, @rand_addr=0x64010100, @rand_addr=0x64010102, @broadcast, @loopback]}, @rr={0x7, 0x17, 0x89, [@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @rand_addr=0x64010102, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @noop]}}}}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000800)={'erspan0\x00', &(0x7f0000000600)={'ip_vti0\x00', <r5=>0x0, 0x1, 0x10, 0x1, 0xc54e, {{0x25, 0x4, 0x1, 0x1e, 0x94, 0x64, 0x0, 0x35, 0x29, 0x0, @private=0xa010102, @multicast2, {[@timestamp_prespec={0x44, 0x14, 0xa1, 0x3, 0x8, [{@remote, 0x101}, {@local, 0x6}]}, @timestamp_addr={0x44, 0x24, 0x2, 0x1, 0x5, [{@private=0xa010102, 0x2}, {@multicast1, 0x4}, {@dev={0xac, 0x14, 0x14, 0xe}, 0x19}, {@remote, 0x28f0c3a2}]}, @ssrr={0x89, 0x7, 0x9b, [@local]}, @noop, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x1c, 0xa3, 0x1, 0x2, [{@remote, 0x2}, {@rand_addr=0x64010100}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0xe}]}, @ssrr={0x89, 0xb, 0x58, [@empty, @loopback]}, @cipso={0x86, 0x15, 0x3, [{0x6, 0xc, "82a07b609820f6b1e2bd"}, {0x5, 0x3, '.'}]}]}}}}})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000840)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000880)=0x14)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000940)={'ip6tnl0\x00', &(0x7f00000008c0)={'syztnl2\x00', <r7=>0x0, 0x2f, 0xbd, 0x6, 0x7, 0x26, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, 0x7800, 0xe7, 0x8, 0x9}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000980)={'team_slave_0\x00', <r8=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000ac0)={'sit0\x00', &(0x7f0000000a00)={'gretap0\x00', <r9=>0x0, 0x1d97d4efbf71721, 0x700, 0x9, 0x10, {{0x23, 0x4, 0x0, 0x5, 0x8c, 0x66, 0x0, 0x9, 0x2f, 0x0, @rand_addr=0x64010100, @loopback, {[@lsrr={0x83, 0x1b, 0xc5, [@multicast2, @broadcast, @rand_addr=0x64010100, @private=0xa010100, @multicast2, @dev={0xac, 0x14, 0x14, 0x12}]}, @timestamp={0x44, 0x24, 0xde, 0x0, 0x7, [0x5, 0xe0000, 0x4, 0x2, 0xb, 0x5, 0x9, 0xa8]}, @timestamp_prespec={0x44, 0x34, 0xd4, 0x3, 0x6, [{@loopback, 0x1}, {@broadcast}, {@multicast1, 0x87f0}, {@remote, 0x2103}, {@empty, 0x7}, {@dev={0xac, 0x14, 0x14, 0x1f}, 0x10}]}, @ra={0x94, 0x4, 0x1}]}}}}})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000cc0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000c80)={&(0x7f0000000b00)={0x154, 0x0, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x154}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
unshare(0x2040400)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
pipe(&(0x7f0000000200)={<r11=>0xffffffffffffffff})
vmsplice(r11, &(0x7f0000000080)=[{&(0x7f0000000500)='|', 0x1}], 0x1, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r12, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x400c000}, 0x2ffd2e7a32a5a291)
sendmsg$nl_xfrm(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote}, {@in6=@remote, 0x4d3, 0x32}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0)

2.621735762s ago: executing program 0 (id=580):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_io_uring_setup(0xed9, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x1, 0x3}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000400)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x48ce, 0x0, 0x0, 0x0, 0x0)
ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000140)={0x2, 0x1, {0x0, 0x1e, 0xd, 0x17, 0x1, 0x60, 0x4, 0x0, 0x1}})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = dup(r4)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r6, 0x0, 0x4}, 0x18)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000306012200000000000000000200000a050001"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4)
r7 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r8=>0x0})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@debug}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1)
pwrite64(r10, &(0x7f0000000140)='2', 0x1, 0x8080c61)
pwrite64(r9, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r11}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x4000000000000, 0x40, &(0x7f0000000ec0)=@raw={'raw\x00', 0xc08, 0x3, 0x440, 0x310, 0x5002004a, 0xb, 0x310, 0xea13, 0x3a8, 0x3c8, 0x3c8, 0x3a8, 0x3c8, 0x3, 0x0, {[{{@ip={@multicast2, @private=0xa010101, 0xff, 0xffffffff, 'bridge0\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x5c, 0x3, 0x2}, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x2, 0x0, [{}, {0x16}, {0x4}, {}, {}, {0x0, 0x0, 0x5e}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}, {0x0, 0x0, 0x4}, {}, {0x4, 0x8}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x7f}, {0x0, 0x4}, {}, {}, {}, {0xfffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x80}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfd}]}}, @common=@inet=@socket3={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4a0)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000000)='inet_sock_set_state\x00', r12, 0x0, 0x3}, 0x18)
r13 = semget$private(0x0, 0x6, 0x0)
semtimedop(r13, &(0x7f00000003c0)=[{0x4, 0x4, 0x1800}], 0x1, 0x0)
semop(r13, &(0x7f00000000c0)=[{0x4}, {0x2}], 0x2)
semop(r13, &(0x7f0000001240)=[{0x2, 0x102}, {0x0, 0x0, 0x2000}], 0x2)
r14 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r12, 0x6, 0x1d, &(0x7f0000000000)=0xfffffffe, 0x4)
sendmmsg(r14, &(0x7f00000007c0)=[{{&(0x7f0000000380)=@in={0x2, 0x4e24, @local}, 0x80, &(0x7f0000000140)=[{&(0x7f00000004c0)='&', 0x1}], 0x1}}], 0xf00, 0x2c000011)

2.019005431s ago: executing program 2 (id=589):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20)
r2 = syz_io_uring_setup(0x10e, &(0x7f0000001cc0)={0x0, 0xf07d, 0x400, 0x40000, 0x101}, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000380)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index=0x1, 0x8, &(0x7f0000002a40)=[{&(0x7f0000000280)=""/221, 0xdd}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000002b00)=""/4099, 0x1003}, {&(0x7f0000000440)=""/107, 0x6b}, {&(0x7f0000000500)=""/193, 0xc1}, {&(0x7f00000003c0)=""/18, 0x12}, {&(0x7f0000000700)=""/148, 0x94}, {&(0x7f0000002840)=""/245, 0xf5}], 0x8, 0x1d})
io_uring_enter(r2, 0x8aa, 0x0, 0x0, 0x0, 0x0)

2.018365511s ago: executing program 2 (id=590):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000050000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
r2 = syz_io_uring_setup(0x10e, &(0x7f0000001cc0)={0x0, 0xf07d, 0x400, 0x40000, 0x101}, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000380)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index=0x1, 0x8, &(0x7f0000002a40)=[{&(0x7f0000000280)=""/221, 0xdd}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000002b00)=""/4099, 0x1000}, {&(0x7f0000000440)=""/107}, {&(0x7f0000000500)=""/193}, {&(0x7f00000003c0)=""/18}, {&(0x7f0000000700)=""/148}, {&(0x7f0000002840)=""/245}, {&(0x7f0000002940)=""/226}], 0x11b, 0x1d})
io_uring_enter(r2, 0x8aa, 0x0, 0x0, 0x0, 0x0)

1.956079227s ago: executing program 4 (id=592):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
sendmsg$nl_route(r1, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)

1.703797582s ago: executing program 2 (id=594):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r2, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8036, 0x0, 0x0, 0x10, &(0x7f0000002e00), 0x0, 0x0, 0x9e, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r2, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

1.685492284s ago: executing program 2 (id=595):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
io_setup(0x2004, 0x0)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000800), 0x8000, 0x0)
dup(r2)
io_setup(0x10001, &(0x7f0000000200))
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r4 = dup2(r3, r3)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x1, 0x40000000, 0x10})
ioctl$BLKTRACETEARDOWN(r4, 0x1276, 0x0)

1.62062954s ago: executing program 3 (id=596):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7}, 0x18)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{&(0x7f0000000080)={0x2, 0x4, @private=0xa010100}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd0", 0x2a1}], 0x1}}], 0x2, 0x0)

1.604126992s ago: executing program 0 (id=597):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200a}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000280)=0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108)

804.15763ms ago: executing program 4 (id=598):
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})

784.293143ms ago: executing program 4 (id=599):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x42718, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0xc, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket(0x8000000010, 0x2, 0x0)
write(r2, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00'}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})

776.353234ms ago: executing program 3 (id=600):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x19, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0))
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000240)={@private, @multicast1}, &(0x7f0000000280)=0xc)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000002c0)={'gre0\x00', &(0x7f0000000640)={'syztnl2\x00', 0x0, 0x700, 0x10, 0x8000, 0x101, {{0x39, 0x4, 0x1, 0x3, 0xe4, 0x67, 0x0, 0x4, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x1c}, {[@end, @timestamp_addr={0x44, 0x54, 0xd1, 0x1, 0x2, [{@multicast2, 0x1}, {@empty, 0x1}, {@dev={0xac, 0x14, 0x14, 0xe}, 0x9}, {@local, 0x5}, {@loopback, 0xae}, {@multicast2, 0x1}, {@multicast2, 0x9}, {@loopback, 0xe}, {@loopback, 0x4}, {@rand_addr=0x64010102}]}, @generic={0x88, 0xb, "171a5d3ab1fae369da"}, @timestamp={0x44, 0xc, 0xe6, 0x0, 0xd, [0x6, 0x727]}, @end, @timestamp={0x44, 0x1c, 0x36, 0x0, 0x6, [0x400, 0x0, 0xc, 0x4, 0x5, 0x9]}, @timestamp_prespec={0x44, 0x3c, 0xcc, 0x3, 0xd, [{@dev={0xac, 0x14, 0x14, 0x1b}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x2c}, 0x4}, {@empty, 0xa8}, {@multicast1, 0xffff42bc}, {@local, 0xba}, {@private=0xa010101, 0x5}, {@loopback, 0x6}]}, @lsrr={0x83, 0xb, 0x57, [@multicast2, @empty]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'vxcan1\x00'})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000003c0)={'tunl0\x00', &(0x7f0000000780)={'syztnl1\x00', 0x0, 0x700, 0x700, 0x5, 0x0, {{0x3b, 0x4, 0x3, 0x1, 0xec, 0x64, 0x0, 0x9, 0x29, 0x0, @empty, @rand_addr=0x64010102, {[@timestamp_prespec={0x44, 0x54, 0xad, 0x3, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x9}, {@multicast2, 0x6}, {@private=0xa010100}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7f}, {@remote, 0x1}, {@multicast2, 0x7fffffff}, {@remote, 0x3}, {@dev={0xac, 0x14, 0x14, 0x23}, 0x8}, {@multicast2, 0xd860}, {@dev={0xac, 0x14, 0x14, 0x3a}, 0xaace}]}, @cipso={0x86, 0x19, 0x3, [{0x2, 0x8, "b39602380fff"}, {0x2, 0xb, "e5589a07d8edba308f"}]}, @timestamp_prespec={0x44, 0x1c, 0xf9, 0x3, 0xe, [{@loopback, 0x7}, {@rand_addr=0x64010101}, {@remote, 0x5}]}, @timestamp={0x44, 0x8, 0x23, 0x0, 0x5, [0x4]}, @timestamp_addr={0x44, 0x34, 0x4c, 0x1, 0x8, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0xffff}, {@rand_addr=0x64010100, 0x4}, {@local, 0x800}, {@multicast1, 0xd1c6}, {@dev={0xac, 0x14, 0x14, 0x2f}, 0x100}, {@local, 0x5}]}, @lsrr={0x83, 0x13, 0x40, [@multicast2, @broadcast, @dev={0xac, 0x14, 0x14, 0x22}, @rand_addr=0x64010100]}]}}}}})
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000c80), r1)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x2c, r3, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH={0x8, 0x14, 0xbca}, @ETHTOOL_A_COALESCE_STATS_BLOCK_USECS={0x8, 0xa, 0x9}, @ETHTOOL_A_COALESCE_TX_USECS_IRQ={0x8, 0x8, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x800)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1503, 0x12001}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000891}, 0x0)

763.048345ms ago: executing program 1 (id=601):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8036, 0x0, 0x0, 0x10, &(0x7f0000002e00), 0x0, 0x0, 0x9e, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r1, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

684.123803ms ago: executing program 2 (id=602):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x19, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f00000000c0)={'syztnl0\x00', <r4=>0x0, 0x2f, 0xfb, 0x7, 0x684, 0x22, @mcast2, @empty, 0x700, 0x20, 0x26, 0x4b9f}})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r5=>0x0})
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000240)={@private, @multicast1, <r6=>0x0}, &(0x7f0000000280)=0xc)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000002c0)={'gre0\x00', &(0x7f0000000640)={'syztnl2\x00', <r7=>0x0, 0x700, 0x10, 0x8000, 0x101, {{0x39, 0x4, 0x1, 0x3, 0xe4, 0x67, 0x0, 0x4, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x1c}, {[@end, @timestamp_addr={0x44, 0x54, 0xd1, 0x1, 0x2, [{@multicast2, 0x1}, {@empty, 0x1}, {@dev={0xac, 0x14, 0x14, 0xe}, 0x9}, {@local, 0x5}, {@loopback, 0xae}, {@multicast2, 0x1}, {@multicast2, 0x9}, {@loopback, 0xe}, {@loopback, 0x4}, {@rand_addr=0x64010102}]}, @generic={0x88, 0xb, "171a5d3ab1fae369da"}, @timestamp={0x44, 0xc, 0xe6, 0x0, 0xd, [0x6, 0x727]}, @end, @timestamp={0x44, 0x1c, 0x36, 0x0, 0x6, [0x400, 0x0, 0xc, 0x4, 0x5, 0x9]}, @timestamp_prespec={0x44, 0x3c, 0xcc, 0x3, 0xd, [{@dev={0xac, 0x14, 0x14, 0x1b}, 0x7}, {@dev={0xac, 0x14, 0x14, 0x2c}, 0x4}, {@empty, 0xa8}, {@multicast1, 0xffff42bc}, {@local, 0xba}, {@private=0xa010101, 0x5}, {@loopback, 0x6}]}, @lsrr={0x83, 0xb, 0x57, [@multicast2, @empty]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r8=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000003c0)={'tunl0\x00', &(0x7f0000000780)={'syztnl1\x00', <r9=>0x0, 0x700, 0x700, 0x5, 0x0, {{0x3b, 0x4, 0x3, 0x1, 0xec, 0x64, 0x0, 0x9, 0x29, 0x0, @empty, @rand_addr=0x64010102, {[@timestamp_prespec={0x44, 0x54, 0xad, 0x3, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x9}, {@multicast2, 0x6}, {@private=0xa010100}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7f}, {@remote, 0x1}, {@multicast2, 0x7fffffff}, {@remote, 0x3}, {@dev={0xac, 0x14, 0x14, 0x23}, 0x8}, {@multicast2, 0xd860}, {@dev={0xac, 0x14, 0x14, 0x3a}, 0xaace}]}, @cipso={0x86, 0x19, 0x3, [{0x2, 0x8, "b39602380fff"}, {0x2, 0xb, "e5589a07d8edba308f"}]}, @timestamp_prespec={0x44, 0x1c, 0xf9, 0x3, 0xe, [{@loopback, 0x7}, {@rand_addr=0x64010101}, {@remote, 0x5}]}, @timestamp={0x44, 0x8, 0x23, 0x0, 0x5, [0x4]}, @timestamp_addr={0x44, 0x34, 0x4c, 0x1, 0x8, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0xffff}, {@rand_addr=0x64010100, 0x4}, {@local, 0x800}, {@multicast1, 0xd1c6}, {@dev={0xac, 0x14, 0x14, 0x2f}, 0x100}, {@local, 0x5}]}, @lsrr={0x83, 0x13, 0x40, [@multicast2, @broadcast, @dev={0xac, 0x14, 0x14, 0x22}, @rand_addr=0x64010100]}]}}}}})
pwrite64(0xffffffffffffffff, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000c80), r2)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x2c, r10, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH={0x8, 0x14, 0xbca}, @ETHTOOL_A_COALESCE_STATS_BLOCK_USECS={0x8, 0xa, 0x9}, @ETHTOOL_A_COALESCE_TX_USECS_IRQ={0x8, 0x8, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x800)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r12=>0x0})
sendmsg$nl_route(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1503, 0x12001}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r12}, @IFLA_MASTER={0x8, 0xa, r12}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000891}, 0x0)
umount2(&(0x7f0000000c00)='./file0\x00', 0x4)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000440)={&(0x7f0000000040), 0xc, &(0x7f0000000400)={&(0x7f00000008c0)={0x314, r3, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [{{0x8, 0x1, r4}, {0x270, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x400}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r5}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r7}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8}}}, {0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0x1, 0xc, 0x10, 0x4}, {0x7, 0xf, 0x0, 0xd4}]}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xa30}}, {0x8, 0x6, r8}}}]}}, {{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r12}}}]}}]}, 0x314}}, 0x0)
pipe2$9p(&(0x7f0000001900)={<r13=>0xffffffffffffffff, <r14=>0xffffffffffffffff}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='9p_protocol_dump\x00', r1}, 0x18)
r15 = dup(r14)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r13}, 0x2c, {'wfdno', 0x3d, r15}, 0x2c, {[], [], 0x6b}})

681.325383ms ago: executing program 1 (id=603):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000400)={@rand_addr, @local, <r3=>0x0}, &(0x7f0000000440)=0xc)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000580)={'gre0\x00', &(0x7f0000000480)={'syztnl2\x00', <r4=>0x0, 0x7800, 0x7, 0x37, 0x6, {{0x2b, 0x4, 0x0, 0x15, 0xac, 0x68, 0x0, 0x5, 0x2f, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x34}, {[@timestamp={0x44, 0x20, 0x9e, 0x0, 0x8, [0x9, 0xc, 0x8, 0x854e, 0x9, 0x6, 0x7]}, @cipso={0x86, 0x3a, 0x1, [{0x5, 0x8, "1211caa9171c"}, {0x6, 0x8, "ef45fbeb672a"}, {0x7, 0xc, "ebcfbd7367de138b95c7"}, {0x5, 0x9, "9261c647fe5da3"}, {0x0, 0xf, "2c0c87dfd7b9a20a14848ca942"}]}, @rr={0x7, 0xb, 0x2f, [@remote, @broadcast]}, @lsrr={0x83, 0x1b, 0xe7, [@private=0xa010100, @dev={0xac, 0x14, 0x14, 0x22}, @rand_addr=0x64010100, @rand_addr=0x64010102, @broadcast, @loopback]}, @rr={0x7, 0x17, 0x89, [@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @rand_addr=0x64010102, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @noop]}}}}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000800)={'erspan0\x00', &(0x7f0000000600)={'ip_vti0\x00', <r5=>0x0, 0x1, 0x10, 0x1, 0xc54e, {{0x25, 0x4, 0x1, 0x1e, 0x94, 0x64, 0x0, 0x35, 0x29, 0x0, @private=0xa010102, @multicast2, {[@timestamp_prespec={0x44, 0x14, 0xa1, 0x3, 0x8, [{@remote, 0x101}, {@local, 0x6}]}, @timestamp_addr={0x44, 0x24, 0x2, 0x1, 0x5, [{@private=0xa010102, 0x2}, {@multicast1, 0x4}, {@dev={0xac, 0x14, 0x14, 0xe}, 0x19}, {@remote, 0x28f0c3a2}]}, @ssrr={0x89, 0x7, 0x9b, [@local]}, @noop, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x1c, 0xa3, 0x1, 0x2, [{@remote, 0x2}, {@rand_addr=0x64010100}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0xe}]}, @ssrr={0x89, 0xb, 0x58, [@empty, @loopback]}, @cipso={0x86, 0x15, 0x3, [{0x6, 0xc, "82a07b609820f6b1e2bd"}, {0x5, 0x3, '.'}]}]}}}}})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000840)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000880)=0x14)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000940)={'ip6tnl0\x00', &(0x7f00000008c0)={'syztnl2\x00', <r7=>0x0, 0x2f, 0xbd, 0x6, 0x7, 0x26, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, 0x7800, 0xe7, 0x8, 0x9}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000980)={'team_slave_0\x00', <r8=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000ac0)={'sit0\x00', &(0x7f0000000a00)={'gretap0\x00', <r9=>0x0, 0x1d97d4efbf71721, 0x700, 0x9, 0x10, {{0x23, 0x4, 0x0, 0x5, 0x8c, 0x66, 0x0, 0x9, 0x2f, 0x0, @rand_addr=0x64010100, @loopback, {[@lsrr={0x83, 0x1b, 0xc5, [@multicast2, @broadcast, @rand_addr=0x64010100, @private=0xa010100, @multicast2, @dev={0xac, 0x14, 0x14, 0x12}]}, @timestamp={0x44, 0x24, 0xde, 0x0, 0x7, [0x5, 0xe0000, 0x4, 0x2, 0xb, 0x5, 0x9, 0xa8]}, @timestamp_prespec={0x44, 0x34, 0xd4, 0x3, 0x6, [{@loopback, 0x1}, {@broadcast}, {@multicast1, 0x87f0}, {@remote, 0x2103}, {@empty, 0x7}, {@dev={0xac, 0x14, 0x14, 0x1f}, 0x10}]}, @ra={0x94, 0x4, 0x1}]}}}}})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000cc0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000c80)={&(0x7f0000000b00)={0x154, 0x0, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x154}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r10 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r10}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
pipe(&(0x7f0000000200)={<r11=>0xffffffffffffffff})
vmsplice(r11, &(0x7f0000000080)=[{&(0x7f0000000500)='|', 0x1}], 0x1, 0x0)

575.940963ms ago: executing program 3 (id=604):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket(0x2, 0x80805, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
sendmmsg$inet(r2, &(0x7f0000000900)=[{{&(0x7f0000000080)={0x2, 0x4, @private=0xa010100}, 0x10, 0x0}, 0x20000000}, {{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x2, 0x0)

526.457658ms ago: executing program 3 (id=605):
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0xa, 0x0, 0x0, 0x7995}, 0x846e, 0x0, 0x0, 0x48000000, 0x0, 0x5e, 0x0})

525.958658ms ago: executing program 3 (id=606):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x1, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x60ff, 0x0, 0x0, 0xffffffffffffffe8, 0x0, 0x0, 0x6}, 0xf)

486.294542ms ago: executing program 3 (id=607):
r0 = socket$kcm(0x21, 0x2, 0x2)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x2, 0x0, &(0x7f0000000000))
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/67, 0x43}, {&(0x7f0000000140)=""/234, 0xea}], 0x2)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000a"], 0x10b8}, 0x0)
socket$isdn(0x22, 0x3, 0x23)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffc8a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000080140000478400e1ffffffffffffff00"/28], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r7 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r7, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000080)="5aee41dea43e63a3f7fb7f110000", 0x0, 0xf004, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)=r4}, 0xffffffffffffff3e)

485.430572ms ago: executing program 4 (id=608):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000008c0)="89", 0x0, 0x1000000}, 0x32)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
pipe2(&(0x7f0000000000)={0x0, <r4=>0x0}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r5, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000180)=@gcm_256={{0x304}, "2d1b228ddbcbeb3b", "125c2b383f5cae83637e9674608276919c8da6d9bb71d92f31fbb014711d772b", "f47262bb", "344faf4b67056082"}, 0x38)
write$binfmt_script(r5, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
close_range(r4, 0xffffffffffffffff, 0x0)

243.456846ms ago: executing program 4 (id=609):
r0 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
pwritev(r0, &(0x7f0000000380)=[{&(0x7f0000001780)="37f92eb4e89ead385bab0506661597", 0xf}], 0x1, 0x7, 0x1)

108.344909ms ago: executing program 0 (id=610):
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})

69.828923ms ago: executing program 2 (id=611):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7}, 0x18)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{&(0x7f0000000080)={0x2, 0x4, @private=0xa010100}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd0", 0x2a1}], 0x1}}], 0x2, 0x0)

0s ago: executing program 4 (id=612):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
socketpair(0x22, 0x2, 0x3, &(0x7f0000000240))
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32, @ANYBLOB="0000000000000000b70300000000000085"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
dup(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8"], &(0x7f0000000100)='GPL\x00'}, 0x94)
socket$packet(0x11, 0x2, 0x300)
syz_mount_image$vfat(&(0x7f0000000cc0), &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f0000000d00)=ANY=[], 0x7, 0x364, &(0x7f0000000900)="$eJzs3c1rO0UYwPEnabJNU9rkIIqCdLAXvSxt9CwGaUEIWNpGbAVh2240ZE1KNlQjYtuTV/HuSfBQerPgoaD9B3rxphcRvPUieLAHdWXfkm1e+hKT5vdrvx8omczMszubmZRn02724t0vP6qUbL1kaBJPKYmJiFyKZCUuoVjwGPfKmkQdyCvTf/784tpGMeVXqOX8+qs5pdTsXKLd7XRSzrPvX/yR+/382fPnL/5d/7Bsq7KtqrWGMtRW7deGsWWZaqdsV3SlVizTsE1Vrtpm3W//LtiOVdvdbSqjujOT3q2btq2MalNVzKZq1FSj3lTGB0a5qnRdVzNpwU2KR6urRn7A4O0hDwYjUq/njQkRmepqKR6NZUAAAGCs2vl/w8v/425KP0j+vymzhcLSqnI7B/n/Dx9/dvzSWWP6nZPZIP8/1Xrl/6/94m/rSv7vnk608/+af35Qujn//1rukP93Z0SPy8D5f3YEg8Fg5rSuqtiVZ27+nw7ev57D944XvAL5PwAAAAAAAAAAAAAAAAAAAAAAT4NLx8k4jpMJH8Of9iUEwXM8SP3mf1JEUu7sO8z/Q7a2sSkp78I9d46tL/aKe0X/MehwJiKWmP84ndy1EV55pFxZ+dHaD+L394oTXku+JGU3XhYlI1lvPUXiHWf5rcLSovIF8a3LlNLR+Jxk5Jlo/Pfe6nTjc1fjg/1r8vJ8JF6XjPy0LTWxZMeLbO//80Wl3ny70BE/5fUTkd/ufVIAAAAAABgyXbX0PH/XtX7t/reM5Evex0SmLEhG/u59fr/Q8/w8kXkhMe6jBwAAAADgcbCbn1YMiZt1r2BZvQpT0rdpCIVEq2bSMetJEenZWeuoSV635YnIEd52PJr4dzD5v8f1Tfiq3iUq/EcKd+CtpuCOKjLYeMLj92piicGnKXYg3gI4iDbF5Rbhic7Bz7kVqmfn+b7bOQwOpFUTfmyk9XmdZaV7O/FrVkKyq8aJDbYAnvvq27+G9wZ5/SRYAZ/c3PnQMp19uc2kdBTcXXQ3JUf+iwcAAADAvWsn/WHNG9Hm6I1EojfL4S/3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM0Ui+0q+jMO5jBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4U/wUAAP//nVbxdQ==")

kernel console output (not intermixed with test programs):

syz.1.9: error while reading EA inode 3171687 err=-117
[   39.822959][ T3503] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9'.
[   40.264785][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.282497][ T3525] hub 1-0:1.0: USB hub found
[   40.354634][ T3525] hub 1-0:1.0: 8 ports detected
[   40.392389][ T3528] netlink: 16 bytes leftover after parsing attributes in process `syz.4.15'.
[   40.468924][ T3528] netlink: 'syz.4.15': attribute type 10 has an invalid length.
[   40.476662][ T3528] netlink: 40 bytes leftover after parsing attributes in process `syz.4.15'.
[   40.491916][ T3529] netdevsim netdevsim0: Direct firmware load for þ failed with error -2
[   40.512731][ T3533] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11'.
[   40.544787][ T3528] batman_adv: batadv0: Adding interface: veth1_vlan
[   40.551542][ T3528] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   40.578125][ T3528] batman_adv: batadv0: Interface activated: veth1_vlan
[   40.580446][ T3401] hid-generic 0000:0000:10001.0001: unknown main item tag 0x0
[   40.592684][ T3401] hid-generic 0000:0000:10001.0001: unknown main item tag 0x0
[   40.600354][ T3401] hid-generic 0000:0000:10001.0001: unknown main item tag 0x0
[   40.607995][ T3401] hid-generic 0000:0000:10001.0001: unknown main item tag 0x0
[   40.615573][ T3401] hid-generic 0000:0000:10001.0001: unknown main item tag 0x0
[   40.619323][ T3533] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11'.
[   40.623091][ T3401] hid-generic 0000:0000:10001.0001: unknown main item tag 0x0
[   40.639492][ T3401] hid-generic 0000:0000:10001.0001: unknown main item tag 0x0
[   40.647100][ T3401] hid-generic 0000:0000:10001.0001: unknown main item tag 0x0
[   40.654603][ T3401] hid-generic 0000:0000:10001.0001: unknown main item tag 0x0
[   40.662191][ T3401] hid-generic 0000:0000:10001.0001: unknown main item tag 0x0
[   40.679167][ T3525] team_slave_0: entered promiscuous mode
[   40.684892][ T3525] team_slave_1: entered promiscuous mode
[   40.723015][ T3401] hid-generic 0000:0000:10001.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   40.727181][ T3538] loop3: detected capacity change from 0 to 4096
[   40.740259][ T3525] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   40.796163][ T3538] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   40.816409][ T3543] bridge0: port 3(ipvlan2) entered blocking state
[   40.823467][ T3543] bridge0: port 3(ipvlan2) entered disabled state
[   40.840789][ T3546] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18'.
[   40.860114][ T3543] ipvlan2: entered allmulticast mode
[   40.866217][ T3543] bridge0: entered allmulticast mode
[   40.872425][ T3538] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.911970][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.921795][ T3549] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18'.
[   40.977367][ T3552] loop3: detected capacity change from 0 to 512
[   40.994513][ T3552] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   41.039257][ T3543] ipvlan2: left allmulticast mode
[   41.044434][ T3543] bridge0: left allmulticast mode
[   41.120789][ T3553] 9pnet_fd: Insufficient options for proto=fd
[   41.159538][ T3544] bridge0: port 3(ipvlan2) entered blocking state
[   41.166127][ T3544] bridge0: port 3(ipvlan2) entered disabled state
[   41.189143][ T3544] ipvlan2: entered allmulticast mode
[   41.194593][ T3544] bridge0: entered allmulticast mode
[   41.217621][ T3544] ipvlan2: left allmulticast mode
[   41.222787][ T3544] bridge0: left allmulticast mode
[   41.229765][ T3558] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.20' sets config #1
[   41.249947][ T3525] 8021q: adding VLAN 0 to HW filter on device macvlan3
[   41.262980][ T3525] syz.0.13 (3525) used greatest stack depth: 10264 bytes left
[   41.312131][ T3560] netlink: 'syz.2.21': attribute type 12 has an invalid length.
[   41.417792][ T3560] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   41.427512][ T3562] usb usb8: usbfs: process 3562 (syz.0.22) did not claim interface 0 before use
[   41.477235][ T3569] netlink: 4 bytes leftover after parsing attributes in process `syz.4.24'.
[   41.491087][ T3569] team1: entered promiscuous mode
[   41.496244][ T3569] team1: entered allmulticast mode
[   41.501533][ T3569] Zero length message leads to an empty skb
[   41.532068][ T3571] loop2: detected capacity change from 0 to 1024
[   41.581868][ T3575] usb usb8: usbfs: process 3575 (syz.0.27) did not claim interface 0 before use
[   41.585863][ T3571] EXT4-fs: Ignoring removed nomblk_io_submit option
[   41.638337][ T3571] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[   41.647526][ T3575] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   41.689217][ T3580] hub 1-0:1.0: USB hub found
[   41.698645][ T3580] hub 1-0:1.0: 8 ports detected
[   41.715192][ T3585] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.32' sets config #1
[   41.739665][ T3588] bridge0: port 3(ipvlan2) entered blocking state
[   41.746270][ T3588] bridge0: port 3(ipvlan2) entered disabled state
[   41.765342][ T3588] ipvlan2: entered allmulticast mode
[   41.770783][ T3588] bridge0: entered allmulticast mode
[   41.795559][ T3588] ipvlan2: left allmulticast mode
[   41.800706][ T3588] bridge0: left allmulticast mode
[   41.929907][ T3580] netdevsim netdevsim4: Direct firmware load for þ failed with error -2
[   42.154040][ T3603] hid-generic 0000:0000:10001.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   42.267598][ T3580] team_slave_0: entered promiscuous mode
[   42.273381][ T3580] team_slave_1: entered promiscuous mode
[   42.465228][ T3582] 9pnet_fd: Insufficient options for proto=fd
[   42.475065][ T3580] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   42.594850][ T3595] 8021q: adding VLAN 0 to HW filter on device macvlan3
[   42.674568][ T3607] loop1: detected capacity change from 0 to 512
[   42.694873][ T3580] syz.4.31 (3580) used greatest stack depth: 10168 bytes left
[   42.709855][ T3607] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.34: iget: bad i_size value: 38620345925642
[   42.754110][ T3607] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.34: couldn't read orphan inode 15 (err -117)
[   42.775780][ T3607] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.870680][ T3618] netlink: 4 bytes leftover after parsing attributes in process `syz.1.34'.
[   42.931700][ T3620] loop0: detected capacity change from 0 to 1024
[   42.945609][ T3609] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[   43.037177][ T3620] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.163137][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.441784][ T3653] loop0: detected capacity change from 0 to 128
[   43.465898][ T3653] vfat: Unknown parameter '“Ëu9ž3r¿Q5Mø'
[   43.482174][ T3655] hub 1-0:1.0: USB hub found
[   43.489558][ T3655] hub 1-0:1.0: 8 ports detected
[   43.515587][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.545314][ T3655] netdevsim netdevsim3: Direct firmware load for þ failed with error -2
[   43.550691][ T3660] netlink: 16 bytes leftover after parsing attributes in process `syz.0.50'.
[   43.569814][   T29] kauditd_printk_skb: 143 callbacks suppressed
[   43.569832][   T29] audit: type=1400 audit(1761576778.132:232): avc:  denied  { create } for  pid=3661 comm="syz.1.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   43.581251][ T3655] team_slave_0: entered promiscuous mode
[   43.601117][ T3655] team_slave_1: entered promiscuous mode
[   43.609638][    T9] hid-generic 0000:0000:10001.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   43.637475][   T29] audit: type=1400 audit(1761576778.132:233): avc:  denied  { write } for  pid=3661 comm="syz.1.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   43.656893][   T29] audit: type=1326 audit(1761576778.192:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3662 comm="syz.4.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfbee8efc9 code=0x7ffc0000
[   43.663267][ T3655] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   43.680070][   T29] audit: type=1326 audit(1761576778.192:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3662 comm="syz.4.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfbee8efc9 code=0x7ffc0000
[   43.711036][   T29] audit: type=1326 audit(1761576778.192:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3662 comm="syz.4.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfbee8efc9 code=0x7ffc0000
[   43.734710][   T29] audit: type=1326 audit(1761576778.202:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3662 comm="syz.4.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfbee8efc9 code=0x7ffc0000
[   43.745414][ T3671] netlink: 'syz.0.50': attribute type 10 has an invalid length.
[   43.758086][   T29] audit: type=1326 audit(1761576778.202:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3662 comm="syz.4.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfbee8efc9 code=0x7ffc0000
[   43.776271][   T29] audit: type=1326 audit(1761576778.202:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3662 comm="syz.4.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdfbee8efc9 code=0x7ffc0000
[   43.813450][ T3591] Bluetooth: hci0: command 0x1003 tx timeout
[   43.853036][ T3671] batman_adv: batadv0: Adding interface: veth1_vlan
[   43.859787][ T3671] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   43.902265][ T3666] tmpfs: Bad value for 'mpol'
[   43.913881][ T3526] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   43.933619][   T29] audit: type=1326 audit(1761576778.452:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3662 comm="syz.4.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfbee8efc9 code=0x7ffc0000
[   43.957810][   T29] audit: type=1326 audit(1761576778.452:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3662 comm="syz.4.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfbee8efc9 code=0x7ffc0000
[   44.065212][ T3671] batman_adv: batadv0: Interface activated: veth1_vlan
[   44.316244][ T3669] 8021q: adding VLAN 0 to HW filter on device macvlan3
[   44.426780][ T3660] sch_fq: defrate 4294967295 ignored.
[   44.608305][ T3685] loop1: detected capacity change from 0 to 512
[   44.650999][ T3685] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   44.728282][ T3683] bridge_slave_0: left allmulticast mode
[   44.734010][ T3683] bridge_slave_0: left promiscuous mode
[   44.740067][ T3683] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.810718][ T3696] loop1: detected capacity change from 0 to 512
[   44.905731][ T3696] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.59: iget: bad i_size value: 38620345925642
[   44.919028][ T3696] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.59: couldn't read orphan inode 15 (err -117)
[   44.931663][ T3696] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.950976][ T3702] loop0: detected capacity change from 0 to 128
[   44.959363][ T3702] vfat: Unknown parameter '“Ëu9ž3r¿Q5Mø'
[   45.049704][ T3683] bridge_slave_1: left allmulticast mode
[   45.055587][ T3683] bridge_slave_1: left promiscuous mode
[   45.061540][ T3683] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.099079][ T3683] bond0: (slave bond_slave_0): Releasing backup interface
[   45.123949][ T3683] bond0: (slave bond_slave_1): Releasing backup interface
[   45.134095][ T3703] __nla_validate_parse: 1 callbacks suppressed
[   45.134112][ T3703] netlink: 4 bytes leftover after parsing attributes in process `syz.1.59'.
[   45.160534][ T3683] team_slave_0: left promiscuous mode
[   45.168030][ T3683] team0: Port device team_slave_0 removed
[   45.179705][ T3683] team_slave_1: left promiscuous mode
[   45.197543][ T3683] team0: Port device team_slave_1 removed
[   45.223650][ T3683] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   45.231335][ T3683] batman_adv: batadv0: Removing interface: batadv_slave_0
[   45.242169][ T3707] hub 1-0:1.0: USB hub found
[   45.247280][ T3707] hub 1-0:1.0: 8 ports detected
[   45.273769][ T3683] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   45.281486][ T3683] batman_adv: batadv0: Removing interface: batadv_slave_1
[   45.319060][ T3683] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   45.347723][ T3707] netdevsim netdevsim0: Direct firmware load for þ failed with error -2
[   45.416273][ T3711] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.63' sets config #1
[   45.455427][ T3707] 8021q: adding VLAN 0 to HW filter on device macvlan4
[   45.462584][ T1036] hid-generic 0000:0000:10001.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   45.475397][ T3715] netlink: 'syz.4.64': attribute type 10 has an invalid length.
[   45.483071][ T3715] netlink: 40 bytes leftover after parsing attributes in process `syz.4.64'.
[   45.502424][ T3707] 8021q: adding VLAN 0 to HW filter on device macvlan5
[   45.537163][ T3715] sch_fq: defrate 4294967295 ignored.
[   45.574104][ T3718] netlink: 16 bytes leftover after parsing attributes in process `syz.4.65'.
[   45.601013][ T3718] netlink: 'syz.4.65': attribute type 10 has an invalid length.
[   45.608942][ T3718] netlink: 40 bytes leftover after parsing attributes in process `syz.4.65'.
[   45.684921][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.709159][ T3723] bridge_slave_0: left allmulticast mode
[   45.714906][ T3723] bridge_slave_0: left promiscuous mode
[   45.720701][ T3723] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.744285][ T3723] bridge_slave_1: left allmulticast mode
[   45.750464][ T3723] bridge_slave_1: left promiscuous mode
[   45.756372][ T3723] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.768479][ T3730] loop3: detected capacity change from 0 to 512
[   45.775511][ T3730] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   45.795370][ T3723] bond0: (slave bond_slave_0): Releasing backup interface
[   45.835817][ T3723] bond0: (slave bond_slave_1): Releasing backup interface
[   45.851110][ T3723] team0: Port device team_slave_0 removed
[   45.870712][ T3723] team0: Port device team_slave_1 removed
[   45.881953][ T3735] loop1: detected capacity change from 0 to 2048
[   45.886546][ T3723] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   45.895875][ T3723] batman_adv: batadv0: Removing interface: batadv_slave_0
[   45.907149][ T3723] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   45.914712][ T3723] batman_adv: batadv0: Removing interface: batadv_slave_1
[   45.925514][ T3723] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   45.925995][ T3735] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.953910][ T3718] sch_fq: defrate 4294967295 ignored.
[   46.096629][ T3741] netlink: 'syz.4.73': attribute type 12 has an invalid length.
[   46.103522][ T3312] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   46.147872][ T3312] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   46.170369][ T3745] loop0: detected capacity change from 0 to 512
[   46.172208][ T3747] netlink: 'syz.2.77': attribute type 10 has an invalid length.
[   46.182293][ T3745] ext4: Unknown parameter 'nouser_xattr'
[   46.184557][ T3747] netlink: 40 bytes leftover after parsing attributes in process `syz.2.77'.
[   46.203050][ T3744] loop3: detected capacity change from 0 to 512
[   46.206421][ T3747] batman_adv: batadv0: Adding interface: veth1_vlan
[   46.216004][ T3747] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   46.220398][ T3744] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   46.243629][ T3747] batman_adv: batadv0: Interface activated: veth1_vlan
[   46.258388][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.320591][ T3750] bridge0: port 3(ipvlan2) entered blocking state
[   46.327373][ T3750] bridge0: port 3(ipvlan2) entered disabled state
[   46.342704][ T3745] loop0: detected capacity change from 0 to 2048
[   46.346731][ T3750] ipvlan2: entered allmulticast mode
[   46.354533][ T3750] bridge0: entered allmulticast mode
[   46.375713][ T3745] EXT4-fs: Ignoring removed bh option
[   46.382171][ T3750] ipvlan2: left allmulticast mode
[   46.387499][ T3750] bridge0: left allmulticast mode
[   46.412480][ T3744] 9pnet_fd: Insufficient options for proto=fd
[   46.418360][ T3752] bridge_slave_0: left allmulticast mode
[   46.424343][ T3752] bridge_slave_0: left promiscuous mode
[   46.430307][ T3752] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.441021][ T3752] bridge_slave_1: left allmulticast mode
[   46.447040][ T3752] bridge_slave_1: left promiscuous mode
[   46.452945][ T3752] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.461581][ T3745] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.529058][ T3752] bond0: (slave bond_slave_0): Releasing backup interface
[   46.561378][ T3752] bond0: (slave bond_slave_1): Releasing backup interface
[   46.589325][ T3752] team0: Port device team_slave_0 removed
[   46.598483][ T3752] team0: Port device team_slave_1 removed
[   46.605687][ T3752] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.613128][ T3752] batman_adv: batadv0: Removing interface: batadv_slave_0
[   46.622509][ T3752] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.630192][ T3752] batman_adv: batadv0: Removing interface: batadv_slave_1
[   46.641236][ T3752] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   46.678173][ T3763] 9pnet_fd: Insufficient options for proto=fd
[   46.721348][ T3759] bridge0: port 1(ipvlan2) entered blocking state
[   46.727893][ T3759] bridge0: port 1(ipvlan2) entered disabled state
[   46.734897][ T3771] netlink: 'syz.1.83': attribute type 10 has an invalid length.
[   46.742792][ T3771] netlink: 40 bytes leftover after parsing attributes in process `syz.1.83'.
[   46.757477][ T3759] ipvlan2: entered allmulticast mode
[   46.762825][ T3759] bridge0: entered allmulticast mode
[   46.799343][ T3759] ipvlan2: left allmulticast mode
[   46.804426][ T3759] bridge0: left allmulticast mode
[   46.810580][ T3775] FAULT_INJECTION: forcing a failure.
[   46.810580][ T3775] name failslab, interval 1, probability 0, space 0, times 0
[   46.823281][ T3775] CPU: 0 UID: 0 PID: 3775 Comm: syz.4.84 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.823397][ T3775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   46.823411][ T3775] Call Trace:
[   46.823418][ T3775]  <TASK>
[   46.823426][ T3775]  __dump_stack+0x1d/0x30
[   46.823449][ T3775]  dump_stack_lvl+0xe8/0x140
[   46.823470][ T3775]  dump_stack+0x15/0x1b
[   46.823487][ T3775]  should_fail_ex+0x265/0x280
[   46.823574][ T3775]  should_failslab+0x8c/0xb0
[   46.823604][ T3775]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   46.823634][ T3775]  ? __alloc_skb+0x101/0x320
[   46.823665][ T3775]  __alloc_skb+0x101/0x320
[   46.823767][ T3775]  netlink_alloc_large_skb+0xbf/0xf0
[   46.823798][ T3775]  netlink_sendmsg+0x3cf/0x6b0
[   46.823819][ T3775]  ? __pfx_netlink_sendmsg+0x10/0x10
[   46.823917][ T3775]  __sock_sendmsg+0x145/0x180
[   46.823941][ T3775]  ____sys_sendmsg+0x31e/0x4e0
[   46.823977][ T3775]  ___sys_sendmsg+0x17b/0x1d0
[   46.824094][ T3775]  __x64_sys_sendmsg+0xd4/0x160
[   46.824133][ T3775]  x64_sys_call+0x191e/0x3000
[   46.824156][ T3775]  do_syscall_64+0xd2/0x200
[   46.824174][ T3775]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   46.824230][ T3775]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   46.824262][ T3775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.824284][ T3775] RIP: 0033:0x7fdfbee8efc9
[   46.824308][ T3775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.824414][ T3775] RSP: 002b:00007fdfbd8ce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   46.824433][ T3775] RAX: ffffffffffffffda RBX: 00007fdfbf0e6090 RCX: 00007fdfbee8efc9
[   46.824446][ T3775] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[   46.824458][ T3775] RBP: 00007fdfbd8ce090 R08: 0000000000000000 R09: 0000000000000000
[   46.824470][ T3775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.824527][ T3775] R13: 00007fdfbf0e6128 R14: 00007fdfbf0e6090 R15: 00007fffe5872018
[   46.824546][ T3775]  </TASK>
[   47.057252][ T3771] batman_adv: batadv0: Adding interface: veth1_vlan
[   47.063928][ T3771] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   47.098860][ T3771] batman_adv: batadv0: Interface activated: veth1_vlan
[   47.108543][ T3774] sch_fq: defrate 4294967295 ignored.
[   47.172431][   T12] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   47.208137][ T3779] FAULT_INJECTION: forcing a failure.
[   47.208137][ T3779] name failslab, interval 1, probability 0, space 0, times 0
[   47.220920][ T3779] CPU: 1 UID: 0 PID: 3779 Comm: syz.3.85 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   47.221002][ T3779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   47.221015][ T3779] Call Trace:
[   47.221024][ T3779]  <TASK>
[   47.221091][ T3779]  __dump_stack+0x1d/0x30
[   47.221162][ T3779]  dump_stack_lvl+0xe8/0x140
[   47.221182][ T3779]  dump_stack+0x15/0x1b
[   47.221198][ T3779]  should_fail_ex+0x265/0x280
[   47.221219][ T3779]  should_failslab+0x8c/0xb0
[   47.221295][ T3779]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   47.221361][ T3779]  ? __request_module+0x1df/0x3e0
[   47.221387][ T3779]  ? should_failslab+0x8c/0xb0
[   47.221479][ T3779]  kstrdup+0x3e/0xd0
[   47.221503][ T3779]  __request_module+0x1df/0x3e0
[   47.221528][ T3779]  ? capable+0x7c/0xb0
[   47.221556][ T3779]  dev_load+0x61/0xc0
[   47.221578][ T3779]  dev_ioctl+0x2d1/0x960
[   47.221597][ T3779]  sock_do_ioctl+0x197/0x220
[   47.221623][ T3779]  sock_ioctl+0x41b/0x610
[   47.221650][ T3779]  ? __pfx_sock_ioctl+0x10/0x10
[   47.221671][ T3779]  __se_sys_ioctl+0xce/0x140
[   47.221753][ T3779]  __x64_sys_ioctl+0x43/0x50
[   47.221777][ T3779]  x64_sys_call+0x1816/0x3000
[   47.221798][ T3779]  do_syscall_64+0xd2/0x200
[   47.221896][ T3779]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   47.221929][ T3779]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   47.221965][ T3779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.221990][ T3779] RIP: 0033:0x7fb7139cefc9
[   47.222007][ T3779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.222056][ T3779] RSP: 002b:00007fb71242f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   47.222079][ T3779] RAX: ffffffffffffffda RBX: 00007fb713c25fa0 RCX: 00007fb7139cefc9
[   47.222092][ T3779] RDX: 0000200000000400 RSI: 0000000000008946 RDI: 0000000000000006
[   47.222104][ T3779] RBP: 00007fb71242f090 R08: 0000000000000000 R09: 0000000000000000
[   47.222115][ T3779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.222128][ T3779] R13: 00007fb713c26038 R14: 00007fb713c25fa0 R15: 00007ffc0178b8c8
[   47.222150][ T3779]  </TASK>
[   47.285274][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   47.449591][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[   47.449591][   T12] 
[   47.459278][   T12] EXT4-fs (loop0): Total free blocks count 0
[   47.465339][   T12] EXT4-fs (loop0): Free/Dirty block details
[   47.471556][   T12] EXT4-fs (loop0): free_blocks=2415919104
[   47.477431][   T12] EXT4-fs (loop0): dirty_blocks=3776
[   47.482778][   T12] EXT4-fs (loop0): Block reservation details
[   47.488871][   T12] EXT4-fs (loop0): i_reserved_data_blocks=236
[   47.700795][ T3790] netlink: 'syz.1.89': attribute type 10 has an invalid length.
[   47.708764][ T3790] netlink: 40 bytes leftover after parsing attributes in process `syz.1.89'.
[   47.923611][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 1720 with error 28
[   48.081549][ T3810] loop1: detected capacity change from 0 to 512
[   48.090346][ T3810] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   48.193635][ T3817] loop3: detected capacity change from 0 to 512
[   48.200433][ T3817] ext4: Unknown parameter 'nouser_xattr'
[   48.220780][ T3810] 9pnet_fd: Insufficient options for proto=fd
[   48.227820][ T3819] netlink: 12 bytes leftover after parsing attributes in process `syz.4.99'.
[   48.725644][ T3819] netlink: 12 bytes leftover after parsing attributes in process `syz.4.99'.
[   48.753728][ T3819] netlink: 12 bytes leftover after parsing attributes in process `syz.4.99'.
[   48.789789][ T3829] FAULT_INJECTION: forcing a failure.
[   48.789789][ T3829] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.803007][ T3829] CPU: 0 UID: 0 PID: 3829 Comm: syz.4.101 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.803038][ T3829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   48.803051][ T3829] Call Trace:
[   48.803058][ T3829]  <TASK>
[   48.803065][ T3829]  __dump_stack+0x1d/0x30
[   48.803086][ T3829]  dump_stack_lvl+0xe8/0x140
[   48.803161][ T3829]  dump_stack+0x15/0x1b
[   48.803179][ T3829]  should_fail_ex+0x265/0x280
[   48.803198][ T3829]  should_fail+0xb/0x20
[   48.803213][ T3829]  should_fail_usercopy+0x1a/0x20
[   48.803285][ T3829]  _copy_from_user+0x1c/0xb0
[   48.803316][ T3829]  ___sys_sendmsg+0xc1/0x1d0
[   48.803368][ T3829]  __x64_sys_sendmsg+0xd4/0x160
[   48.803420][ T3829]  x64_sys_call+0x191e/0x3000
[   48.803445][ T3829]  do_syscall_64+0xd2/0x200
[   48.803476][ T3829]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   48.803511][ T3829]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   48.803541][ T3829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.803585][ T3829] RIP: 0033:0x7fdfbee8efc9
[   48.803600][ T3829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.803617][ T3829] RSP: 002b:00007fdfbd8ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.803635][ T3829] RAX: ffffffffffffffda RBX: 00007fdfbf0e5fa0 RCX: 00007fdfbee8efc9
[   48.803672][ T3829] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000005
[   48.803687][ T3829] RBP: 00007fdfbd8ef090 R08: 0000000000000000 R09: 0000000000000000
[   48.803733][ T3829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.803748][ T3829] R13: 00007fdfbf0e6038 R14: 00007fdfbf0e5fa0 R15: 00007fffe5872018
[   48.803771][ T3829]  </TASK>
[   49.045703][ T3839] hub 1-0:1.0: USB hub found
[   49.050491][ T3839] hub 1-0:1.0: 8 ports detected
[   49.092910][ T3841] hub 1-0:1.0: USB hub found
[   49.118257][ T3841] hub 1-0:1.0: 8 ports detected
[   49.124600][   T29] kauditd_printk_skb: 187 callbacks suppressed
[   49.124615][   T29] audit: type=1326 audit(1761576783.682:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.2.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   49.156301][   T29] audit: type=1326 audit(1761576783.722:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.2.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   49.156456][ T3843] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   49.235207][   T29] audit: type=1326 audit(1761576783.752:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.2.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   49.258712][   T29] audit: type=1326 audit(1761576783.752:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.2.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   49.281973][   T29] audit: type=1326 audit(1761576783.752:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.2.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   49.305257][   T29] audit: type=1326 audit(1761576783.752:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.2.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   49.328784][   T29] audit: type=1326 audit(1761576783.752:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.2.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   49.352286][   T29] audit: type=1326 audit(1761576783.752:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.2.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   49.375691][   T29] audit: type=1326 audit(1761576783.752:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.2.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   49.399031][   T29] audit: type=1326 audit(1761576783.752:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3833 comm="syz.2.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   49.403572][    T9] hid_parser_main: 162 callbacks suppressed
[   49.403594][    T9] hid-generic 0000:0000:10001.0005: unknown main item tag 0x0
[   49.436677][    T9] hid-generic 0000:0000:10001.0005: unknown main item tag 0x0
[   49.444300][    T9] hid-generic 0000:0000:10001.0005: unknown main item tag 0x0
[   49.451926][    T9] hid-generic 0000:0000:10001.0005: unknown main item tag 0x0
[   49.459462][    T9] hid-generic 0000:0000:10001.0005: unknown main item tag 0x0
[   49.467096][    T9] hid-generic 0000:0000:10001.0005: unknown main item tag 0x0
[   49.474608][    T9] hid-generic 0000:0000:10001.0005: unknown main item tag 0x0
[   49.482176][    T9] hid-generic 0000:0000:10001.0005: unknown main item tag 0x0
[   49.489707][    T9] hid-generic 0000:0000:10001.0005: unknown main item tag 0x0
[   49.490425][ T3409] hid-generic 0000:0000:10001.0006: unknown main item tag 0x0
[   49.535442][    T9] hid-generic 0000:0000:10001.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   49.555639][ T3839] netdevsim netdevsim4: Direct firmware load for þ failed with error -2
[   49.564689][ T3409] hid-generic 0000:0000:10001.0006: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   49.599167][ T3870] loop3: detected capacity change from 0 to 512
[   49.631699][ T3870] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   49.656410][ T3859] 8021q: adding VLAN 0 to HW filter on device macvlan6
[   49.729179][ T3860] 8021q: adding VLAN 0 to HW filter on device macvlan7
[   49.770613][ T3858] 8021q: adding VLAN 0 to HW filter on device macvlan4
[   50.282050][ T3916] netlink: 'syz.3.121': attribute type 12 has an invalid length.
[   50.371513][ T3912] bridge0: port 3(ipvlan2) entered blocking state
[   50.378124][ T3912] bridge0: port 3(ipvlan2) entered disabled state
[   50.574493][ T3912] ipvlan2: entered allmulticast mode
[   50.579981][ T3912] bridge0: entered allmulticast mode
[   50.586006][ T3912] ipvlan2: left allmulticast mode
[   50.591176][ T3912] bridge0: left allmulticast mode
[   50.618497][ T3928] 9pnet_fd: Insufficient options for proto=fd
[   50.665744][ T3938] netlink: 'syz.4.122': attribute type 4 has an invalid length.
[   50.706578][ T3934] netlink: 'syz.4.122': attribute type 4 has an invalid length.
[   50.779403][ T3944] netlink: 'syz.4.125': attribute type 12 has an invalid length.
[   51.051226][ T3964] netlink: 'syz.2.134': attribute type 12 has an invalid length.
[   51.077254][ T3962] loop4: detected capacity change from 0 to 128
[   51.105130][ T3965] bridge0: port 1(ipvlan2) entered blocking state
[   51.111739][ T3965] bridge0: port 1(ipvlan2) entered disabled state
[   51.171885][ T3968] hub 1-0:1.0: USB hub found
[   51.185471][ T3968] hub 1-0:1.0: 8 ports detected
[   51.215369][ T3965] ipvlan2: entered allmulticast mode
[   51.220742][ T3965] bridge0: entered allmulticast mode
[   51.259637][ T3971] 9pnet_fd: Insufficient options for proto=fd
[   51.275638][ T3965] ipvlan2: left allmulticast mode
[   51.280744][ T3965] bridge0: left allmulticast mode
[   51.324815][ T3968] netdevsim netdevsim4: Direct firmware load for þ failed with error -2
[   51.380754][ T1003] hid-generic 0000:0000:10001.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   51.414679][ T3972] 8021q: adding VLAN 0 to HW filter on device macvlan5
[   52.010871][ T3974] 8021q: adding VLAN 0 to HW filter on device macvlan6
[   52.038134][ T3992] loop1: detected capacity change from 0 to 2048
[   52.069838][ T3992] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.134903][ T3992] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.177650][ T3992] FAULT_INJECTION: forcing a failure.
[   52.177650][ T3992] name failslab, interval 1, probability 0, space 0, times 0
[   52.190696][ T3992] CPU: 1 UID: 0 PID: 3992 Comm: syz.1.138 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.190762][ T3992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.190776][ T3992] Call Trace:
[   52.190784][ T3992]  <TASK>
[   52.190794][ T3992]  __dump_stack+0x1d/0x30
[   52.190821][ T3992]  dump_stack_lvl+0xe8/0x140
[   52.190917][ T3992]  dump_stack+0x15/0x1b
[   52.190935][ T3992]  should_fail_ex+0x265/0x280
[   52.190956][ T3992]  should_failslab+0x8c/0xb0
[   52.190986][ T3992]  kmem_cache_alloc_noprof+0x50/0x480
[   52.191016][ T3992]  ? __es_insert_extent+0x508/0xee0
[   52.191081][ T3992]  __es_insert_extent+0x508/0xee0
[   52.191196][ T3992]  ext4_es_insert_extent+0x435/0x1c10
[   52.191243][ T3992]  ext4_map_query_blocks+0x2fd/0x480
[   52.191345][ T3992]  ext4_da_get_block_prep+0x25b/0xbb0
[   52.191405][ T3992]  ? alloc_buffer_head+0x1c3/0x1f0
[   52.191437][ T3992]  ? folio_alloc_buffers+0x2e5/0x310
[   52.191500][ T3992]  ext4_block_write_begin+0x5e8/0xc00
[   52.191527][ T3992]  ? __pfx_ext4_da_get_block_prep+0x10/0x10
[   52.191550][ T3992]  ? __filemap_get_folio+0x466/0x650
[   52.191608][ T3992]  ext4_da_write_begin+0x48f/0x6e0
[   52.191647][ T3992]  generic_perform_write+0x184/0x490
[   52.191676][ T3992]  ext4_buffered_write_iter+0x1ee/0x3c0
[   52.191701][ T3992]  ? ext4_file_write_iter+0xfe/0xf60
[   52.191725][ T3992]  ext4_file_write_iter+0x387/0xf60
[   52.191755][ T3992]  ? kstrtouint+0x76/0xc0
[   52.191791][ T3992]  ? kstrtouint_from_user+0x9f/0xf0
[   52.191875][ T3992]  ? avc_policy_seqno+0x15/0x30
[   52.191902][ T3992]  ? selinux_file_permission+0x1e4/0x320
[   52.191938][ T3992]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   52.192010][ T3992]  vfs_write+0x52a/0x960
[   52.192083][ T3992]  ksys_write+0xda/0x1a0
[   52.192189][ T3992]  __x64_sys_write+0x40/0x50
[   52.192216][ T3992]  x64_sys_call+0x2802/0x3000
[   52.192245][ T3992]  do_syscall_64+0xd2/0x200
[   52.192264][ T3992]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.192293][ T3992]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.192326][ T3992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.192391][ T3992] RIP: 0033:0x7f273955efc9
[   52.192409][ T3992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.192431][ T3992] RSP: 002b:00007f2737fbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   52.192519][ T3992] RAX: ffffffffffffffda RBX: 00007f27397b5fa0 RCX: 00007f273955efc9
[   52.192534][ T3992] RDX: 00000000fffffdab RSI: 0000200000000000 RDI: 0000000000000004
[   52.192548][ T3992] RBP: 00007f2737fbf090 R08: 0000000000000000 R09: 0000000000000000
[   52.192562][ T3992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.192577][ T3992] R13: 00007f27397b6038 R14: 00007f27397b5fa0 R15: 00007ffd4a1104f8
[   52.192605][ T3992]  </TASK>
[   52.530970][ T3999] FAULT_INJECTION: forcing a failure.
[   52.530970][ T3999] name failslab, interval 1, probability 0, space 0, times 0
[   52.543835][ T3999] CPU: 1 UID: 0 PID: 3999 Comm: syz.4.140 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.543884][ T3999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.543899][ T3999] Call Trace:
[   52.543906][ T3999]  <TASK>
[   52.543915][ T3999]  __dump_stack+0x1d/0x30
[   52.543943][ T3999]  dump_stack_lvl+0xe8/0x140
[   52.543968][ T3999]  dump_stack+0x15/0x1b
[   52.544050][ T3999]  should_fail_ex+0x265/0x280
[   52.544068][ T3999]  should_failslab+0x8c/0xb0
[   52.544130][ T3999]  kmem_cache_alloc_noprof+0x50/0x480
[   52.544166][ T3999]  ? audit_log_start+0x342/0x720
[   52.544320][ T3999]  audit_log_start+0x342/0x720
[   52.544380][ T3999]  ? kstrtouint+0x76/0xc0
[   52.544417][ T3999]  audit_seccomp+0x48/0x100
[   52.544448][ T3999]  ? __seccomp_filter+0x82d/0x1250
[   52.544528][ T3999]  __seccomp_filter+0x83e/0x1250
[   52.544555][ T3999]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   52.544590][ T3999]  ? vfs_write+0x7e8/0x960
[   52.544670][ T3999]  ? __rcu_read_unlock+0x4f/0x70
[   52.544734][ T3999]  ? __fget_files+0x184/0x1c0
[   52.544770][ T3999]  __secure_computing+0x82/0x150
[   52.544802][ T3999]  syscall_trace_enter+0xcf/0x1e0
[   52.544892][ T3999]  do_syscall_64+0xac/0x200
[   52.544916][ T3999]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.544950][ T3999]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.544988][ T3999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.545089][ T3999] RIP: 0033:0x7fdfbee8efc9
[   52.545105][ T3999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.545126][ T3999] RSP: 002b:00007fdfbd8ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000005b
[   52.545148][ T3999] RAX: ffffffffffffffda RBX: 00007fdfbf0e5fa0 RCX: 00007fdfbee8efc9
[   52.545162][ T3999] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffffffffffff
[   52.545175][ T3999] RBP: 00007fdfbd8ef090 R08: 0000000000000000 R09: 0000000000000000
[   52.545264][ T3999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.545278][ T3999] R13: 00007fdfbf0e6038 R14: 00007fdfbf0e5fa0 R15: 00007fffe5872018
[   52.545298][ T3999]  </TASK>
[   52.771121][ T4001] netlink: 'syz.2.141': attribute type 12 has an invalid length.
[   52.838909][ T4003] syz.3.139 (4003) used greatest stack depth: 9984 bytes left
[   52.887447][ T4007] netlink: 'syz.2.143': attribute type 12 has an invalid length.
[   52.931316][   T37] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 345: padding at end of block bitmap is not set
[   52.946176][ T4010] loop3: detected capacity change from 0 to 128
[   52.955224][   T37] EXT4-fs (loop1): Remounting filesystem read-only
[   52.961975][  T264] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   53.002821][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.071182][ T4017] loop1: detected capacity change from 0 to 1024
[   53.082204][ T4021] __nla_validate_parse: 14 callbacks suppressed
[   53.082218][ T4021] netlink: 4 bytes leftover after parsing attributes in process `syz.2.148'.
[   53.133374][ T4017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.142986][ T4025] usb usb8: usbfs: process 4025 (syz.0.150) did not claim interface 0 before use
[   53.160389][ T4017] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: comm syz.1.145: inode #3171687: comm syz.1.145: iget: illegal inode #
[   53.178214][ T4017] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.145: error while reading EA inode 3171687 err=-117
[   53.191772][ T4025] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   53.204837][ T4017] netlink: 8 bytes leftover after parsing attributes in process `syz.1.145'.
[   53.280082][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.554798][ T4046] loop2: detected capacity change from 0 to 512
[   53.604279][ T4046] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   53.615943][ T4051] usb usb8: usbfs: process 4051 (syz.1.160) did not claim interface 0 before use
[   53.652738][ T4051] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   53.824379][ T4056] 9pnet_fd: Insufficient options for proto=fd
[   53.884932][ T4058] loop1: detected capacity change from 0 to 1024
[   53.938341][ T4058] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.992635][ T4058] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: comm syz.1.162: inode #3171687: comm syz.1.162: iget: illegal inode #
[   54.056462][ T4062] netlink: 8 bytes leftover after parsing attributes in process `syz.1.162'.
[   54.079453][ T4058] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.162: error while reading EA inode 3171687 err=-117
[   54.104091][ T4064] netlink: 4 bytes leftover after parsing attributes in process `syz.0.163'.
[   54.137329][ T4064] netlink: 4 bytes leftover after parsing attributes in process `syz.0.163'.
[   54.159786][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.194754][ T4066] loop1: detected capacity change from 0 to 512
[   54.216816][ T4066] ext4: Unknown parameter 'nouser_xattr'
[   54.257482][ T4066] loop1: detected capacity change from 0 to 2048
[   54.268365][ T4066] EXT4-fs: Ignoring removed bh option
[   54.316273][ T4066] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.330339][ T4072] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   54.358223][ T4074] netlink: 'syz.0.166': attribute type 4 has an invalid length.
[   54.366058][ T4074] netlink: 152 bytes leftover after parsing attributes in process `syz.0.166'.
[   54.435046][   T29] kauditd_printk_skb: 400 callbacks suppressed
[   54.435060][   T29] audit: type=1326 audit(1761576788.992:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   54.479626][ T4079] netlink: 16 bytes leftover after parsing attributes in process `syz.3.169'.
[   54.490729][ T4074] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[   54.507039][ T4079] netlink: 'syz.3.169': attribute type 10 has an invalid length.
[   54.514866][ T4079] netlink: 40 bytes leftover after parsing attributes in process `syz.3.169'.
[   54.524369][   T29] audit: type=1326 audit(1761576789.042:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   54.525778][ T4079] batman_adv: batadv0: Adding interface: veth1_vlan
[   54.547792][   T29] audit: type=1326 audit(1761576789.042:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   54.554369][ T4079] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.577727][   T29] audit: type=1326 audit(1761576789.042:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   54.627080][   T29] audit: type=1326 audit(1761576789.042:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   54.629052][ T4079] batman_adv: batadv0: Interface activated: veth1_vlan
[   54.652639][   T29] audit: type=1326 audit(1761576789.042:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   54.683282][   T29] audit: type=1326 audit(1761576789.042:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   54.706674][   T29] audit: type=1326 audit(1761576789.042:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   54.730052][   T29] audit: type=1326 audit(1761576789.042:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   54.753765][   T29] audit: type=1326 audit(1761576789.042:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4077 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   54.820051][ T4089] netlink: 'syz.0.171': attribute type 4 has an invalid length.
[   54.860737][ T4089] netlink: 'syz.0.171': attribute type 4 has an invalid length.
[   54.910735][ T4091] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   55.008503][ T4097] hub 1-0:1.0: USB hub found
[   55.016065][ T4097] hub 1-0:1.0: 8 ports detected
[   55.107183][ T4097] netdevsim netdevsim3: Direct firmware load for þ failed with error -2
[   55.128507][ T4097] 8021q: adding VLAN 0 to HW filter on device macvlan4
[   55.141941][ T4097] 8021q: adding VLAN 0 to HW filter on device macvlan5
[   55.150736][   T10] hid_parser_main: 119 callbacks suppressed
[   55.150756][   T10] hid-generic 0000:0000:10001.0008: unknown main item tag 0x0
[   55.165369][   T10] hid-generic 0000:0000:10001.0008: unknown main item tag 0x0
[   55.172888][   T10] hid-generic 0000:0000:10001.0008: unknown main item tag 0x0
[   55.180608][   T10] hid-generic 0000:0000:10001.0008: unknown main item tag 0x0
[   55.188430][   T10] hid-generic 0000:0000:10001.0008: unknown main item tag 0x0
[   55.195978][   T10] hid-generic 0000:0000:10001.0008: unknown main item tag 0x0
[   55.203747][   T10] hid-generic 0000:0000:10001.0008: unknown main item tag 0x0
[   55.211472][   T10] hid-generic 0000:0000:10001.0008: unknown main item tag 0x0
[   55.219086][   T10] hid-generic 0000:0000:10001.0008: unknown main item tag 0x0
[   55.226786][   T10] hid-generic 0000:0000:10001.0008: unknown main item tag 0x0
[   55.260627][ T4108] bridge_slave_0: left allmulticast mode
[   55.266589][ T4108] bridge_slave_0: left promiscuous mode
[   55.272870][ T4108] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.284678][ T4108] bridge_slave_1: left allmulticast mode
[   55.290536][ T4108] bridge_slave_1: left promiscuous mode
[   55.296277][ T4108] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.305355][ T1075] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   55.336940][ T1075] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   55.349532][ T1075] EXT4-fs (loop1): This should not happen!! Data will be lost
[   55.349532][ T1075] 
[   55.359329][ T1075] EXT4-fs (loop1): Total free blocks count 0
[   55.365522][ T1075] EXT4-fs (loop1): Free/Dirty block details
[   55.371616][ T1075] EXT4-fs (loop1): free_blocks=2415919104
[   55.377541][ T1075] EXT4-fs (loop1): dirty_blocks=7584
[   55.383046][ T1075] EXT4-fs (loop1): Block reservation details
[   55.389102][ T1075] EXT4-fs (loop1): i_reserved_data_blocks=474
[   55.407105][ T4108] bond0: (slave bond_slave_0): Releasing backup interface
[   55.430569][   T10] hid-generic 0000:0000:10001.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   55.493301][ T4108] bond0: (slave bond_slave_1): Releasing backup interface
[   55.508464][ T1075] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   55.640301][ T4108] team_slave_0: left promiscuous mode
[   55.681340][ T4108] team0: Port device team_slave_0 removed
[   55.771483][ T4108] team_slave_1: left promiscuous mode
[   55.847548][ T4108] team0: Port device team_slave_1 removed
[   55.905922][ T4108] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   55.913394][ T4108] batman_adv: batadv0: Removing interface: batadv_slave_0
[   55.997329][ T4108] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.005092][ T4108] batman_adv: batadv0: Removing interface: batadv_slave_1
[   56.080005][ T4141] usb usb8: usbfs: process 4141 (syz.1.178) did not claim interface 0 before use
[   56.086150][ T4108] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   56.089469][ T4141] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   56.113480][ T4109] sch_fq: defrate 4294967295 ignored.
[   56.140824][ T4125] netlink: 'syz.0.182': attribute type 12 has an invalid length.
[   56.243468][ T4148] loop2: detected capacity change from 0 to 512
[   56.262272][ T4149] FAULT_INJECTION: forcing a failure.
[   56.262272][ T4149] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.275525][ T4149] CPU: 1 UID: 0 PID: 4149 Comm: syz.1.184 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   56.275558][ T4149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   56.275573][ T4149] Call Trace:
[   56.275581][ T4149]  <TASK>
[   56.275589][ T4149]  __dump_stack+0x1d/0x30
[   56.275611][ T4149]  dump_stack_lvl+0xe8/0x140
[   56.275631][ T4149]  dump_stack+0x15/0x1b
[   56.275710][ T4149]  should_fail_ex+0x265/0x280
[   56.275735][ T4149]  should_fail+0xb/0x20
[   56.275756][ T4149]  should_fail_usercopy+0x1a/0x20
[   56.275860][ T4149]  _copy_from_iter+0xd2/0xe80
[   56.275884][ T4149]  ? alloc_pages_mpol+0x217/0x260
[   56.275912][ T4149]  copy_page_from_iter+0x178/0x2a0
[   56.275941][ T4149]  tun_get_user+0x679/0x26e0
[   56.276021][ T4149]  ? ref_tracker_alloc+0x1f2/0x2f0
[   56.276131][ T4149]  tun_chr_write_iter+0x15e/0x210
[   56.276165][ T4149]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   56.276191][ T4149]  vfs_write+0x52a/0x960
[   56.276277][ T4149]  ksys_write+0xda/0x1a0
[   56.276311][ T4149]  __x64_sys_write+0x40/0x50
[   56.276343][ T4149]  x64_sys_call+0x2802/0x3000
[   56.276494][ T4149]  do_syscall_64+0xd2/0x200
[   56.276515][ T4149]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   56.276550][ T4149]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   56.276620][ T4149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.276647][ T4149] RIP: 0033:0x7f273955da7f
[   56.276666][ T4149] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   56.276697][ T4149] RSP: 002b:00007f2737fbf000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   56.276721][ T4149] RAX: ffffffffffffffda RBX: 00007f27397b5fa0 RCX: 00007f273955da7f
[   56.276736][ T4149] RDX: 0000000000000019 RSI: 0000200000001480 RDI: 00000000000000c8
[   56.276751][ T4149] RBP: 00007f2737fbf090 R08: 0000000000000000 R09: 0000000000000000
[   56.276764][ T4149] R10: 0000000000000019 R11: 0000000000000293 R12: 0000000000000001
[   56.276775][ T4149] R13: 00007f27397b6038 R14: 00007f27397b5fa0 R15: 00007ffd4a1104f8
[   56.276809][ T4149]  </TASK>
[   56.281878][ T4153] netlink: 'syz.4.186': attribute type 4 has an invalid length.
[   56.354356][ T4148] ext4: Unknown parameter 'nouser_xattr'
[   56.501599][ T4153] netlink: 'syz.4.186': attribute type 4 has an invalid length.
[   56.577278][ T4148] loop2: detected capacity change from 0 to 2048
[   56.615737][ T4148] EXT4-fs: Ignoring removed bh option
[   56.622866][ T4166] usb usb8: usbfs: process 4166 (syz.4.190) did not claim interface 0 before use
[   56.645439][ T4166] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   56.645979][ T4167] loop3: detected capacity change from 0 to 512
[   56.676935][ T4148] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.700404][ T4172] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   56.700443][ T4167] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   56.963151][ T4187] loop1: detected capacity change from 0 to 1024
[   57.177554][ T4187] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.788057][ T4187] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: comm syz.1.196: inode #3171687: comm syz.1.196: iget: illegal inode #
[   57.822783][ T4187] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.196: error while reading EA inode 3171687 err=-117
[   57.848601][ T3484] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   57.925270][ T3484] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   57.937867][ T3484] EXT4-fs (loop2): This should not happen!! Data will be lost
[   57.937867][ T3484] 
[   57.947695][ T3484] EXT4-fs (loop2): Total free blocks count 0
[   57.953708][ T3484] EXT4-fs (loop2): Free/Dirty block details
[   57.959736][ T3484] EXT4-fs (loop2): free_blocks=2415919104
[   57.965526][ T3484] EXT4-fs (loop2): dirty_blocks=2160
[   57.970823][ T3484] EXT4-fs (loop2): Block reservation details
[   57.976899][ T3484] EXT4-fs (loop2): i_reserved_data_blocks=135
[   58.124603][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.143213][ T3484] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 100 with error 28
[   58.342593][ T4214] loop1: detected capacity change from 0 to 1024
[   58.357440][ T4214] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.580535][ T4214] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: comm syz.1.201: inode #3171687: comm syz.1.201: iget: illegal inode #
[   58.645377][ T4218] loop3: detected capacity change from 0 to 512
[   58.681840][ T4214] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.201: error while reading EA inode 3171687 err=-117
[   58.755657][ T4218] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   58.910468][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.038485][ T4227] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   59.057042][ T4229] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   59.088573][ T4225] netlink: 16 bytes leftover after parsing attributes in process `syz.2.198'.
[   59.134936][ T4235] 9pnet_fd: Insufficient options for proto=fd
[   59.163738][ T4237] netlink: 'syz.1.210': attribute type 4 has an invalid length.
[   59.194902][ T4237] netlink: 'syz.1.210': attribute type 4 has an invalid length.
[   59.445437][ T4255] usb usb8: usbfs: process 4255 (syz.4.214) did not claim interface 0 before use
[   59.473028][   T29] kauditd_printk_skb: 119 callbacks suppressed
[   59.473045][   T29] audit: type=1400 audit(1761576794.032:966): avc:  denied  { create } for  pid=4256 comm="syz.1.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   59.520370][ T4255] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   59.545249][   T29] audit: type=1400 audit(1761576794.072:967): avc:  denied  { write } for  pid=4256 comm="syz.1.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   59.565306][   T29] audit: type=1400 audit(1761576794.072:968): avc:  denied  { nlmsg_write } for  pid=4256 comm="syz.1.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   59.597893][   T29] audit: type=1326 audit(1761576794.162:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4260 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   59.621584][   T29] audit: type=1326 audit(1761576794.162:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4260 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   59.645136][   T29] audit: type=1326 audit(1761576794.162:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4260 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   59.668614][   T29] audit: type=1326 audit(1761576794.162:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4260 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   59.691961][   T29] audit: type=1326 audit(1761576794.162:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4260 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   59.715221][   T29] audit: type=1326 audit(1761576794.162:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4260 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   59.738522][   T29] audit: type=1326 audit(1761576794.162:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4260 comm="syz.2.218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   59.801401][ T4270] loop4: detected capacity change from 0 to 512
[   59.814280][ T4229] loop3: detected capacity change from 0 to 512
[   59.845654][ T4271] loop2: detected capacity change from 0 to 512
[   59.874658][ T4270] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   59.886873][ T4273] loop1: detected capacity change from 0 to 512
[   59.905830][ T4273] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   59.920979][ T4273] EXT4-fs (loop1): mount failed
[   59.926935][ T4271] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   59.940050][ T4271] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   59.973989][ T4275] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   60.006637][ T4275] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   60.020063][ T4275] netlink: 16 bytes leftover after parsing attributes in process `syz.0.223'.
[   60.035334][ T4271] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.221: invalid indirect mapped block 4294967295 (level 0)
[   60.069068][ T4271] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.221: invalid indirect mapped block 4294967295 (level 1)
[   60.071143][ T4229] EXT4-fs (loop3): too many log groups per flexible block group
[   60.085672][ T4288] FAULT_INJECTION: forcing a failure.
[   60.085672][ T4288] name failslab, interval 1, probability 0, space 0, times 0
[   60.103923][ T4288] CPU: 1 UID: 0 PID: 4288 Comm: syz.1.227 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.103989][ T4288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.104003][ T4288] Call Trace:
[   60.104010][ T4288]  <TASK>
[   60.104019][ T4288]  __dump_stack+0x1d/0x30
[   60.104186][ T4288]  dump_stack_lvl+0xe8/0x140
[   60.104210][ T4288]  dump_stack+0x15/0x1b
[   60.104231][ T4288]  should_fail_ex+0x265/0x280
[   60.104250][ T4288]  should_failslab+0x8c/0xb0
[   60.104326][ T4288]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   60.104358][ T4288]  ? __alloc_skb+0x101/0x320
[   60.104393][ T4288]  __alloc_skb+0x101/0x320
[   60.104420][ T4288]  ? audit_log_start+0x342/0x720
[   60.104555][ T4288]  audit_log_start+0x3a0/0x720
[   60.104575][ T4288]  ? kstrtouint+0x76/0xc0
[   60.104607][ T4288]  audit_seccomp+0x48/0x100
[   60.104693][ T4288]  ? __seccomp_filter+0x82d/0x1250
[   60.104727][ T4288]  __seccomp_filter+0x83e/0x1250
[   60.104761][ T4288]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   60.104791][ T4288]  ? vfs_write+0x7e8/0x960
[   60.104851][ T4288]  ? __rcu_read_unlock+0x4f/0x70
[   60.104891][ T4288]  ? __fget_files+0x184/0x1c0
[   60.104919][ T4288]  __secure_computing+0x82/0x150
[   60.104947][ T4288]  syscall_trace_enter+0xcf/0x1e0
[   60.105026][ T4288]  do_syscall_64+0xac/0x200
[   60.105049][ T4288]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.105131][ T4288]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   60.105161][ T4288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.105188][ T4288] RIP: 0033:0x7f273955efc9
[   60.105221][ T4288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.105242][ T4288] RSP: 002b:00007f2737fbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000009b
[   60.105261][ T4288] RAX: ffffffffffffffda RBX: 00007f27397b5fa0 RCX: 00007f273955efc9
[   60.105272][ T4288] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000200000000240
[   60.105283][ T4288] RBP: 00007f2737fbf090 R08: 0000000000000000 R09: 0000000000000000
[   60.105295][ T4288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.105383][ T4288] R13: 00007f27397b6038 R14: 00007f27397b5fa0 R15: 00007ffd4a1104f8
[   60.105401][ T4288]  </TASK>
[   60.106927][ T4229] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   60.143097][ T4290] netlink: 4 bytes leftover after parsing attributes in process `syz.4.228'.
[   60.145478][ T4229] EXT4-fs (loop3): mount failed
[   60.150530][ T4286] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[   60.162681][ T4290] netlink: 4 bytes leftover after parsing attributes in process `syz.4.228'.
[   60.164903][ T4286] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   60.368933][ T4286] vhci_hcd vhci_hcd.0: Device attached
[   60.373849][ T4271] EXT4-fs (loop2): 1 orphan inode deleted
[   60.380323][ T4271] EXT4-fs (loop2): 1 truncate cleaned up
[   60.395175][ T4271] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.432467][ T4286] loop0: detected capacity change from 0 to 1024
[   60.448232][ T4286] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.612625][   T36] usb 1-1: new low-speed USB device number 2 using vhci_hcd
[   60.636434][ T4291] vhci_hcd: connection reset by peer
[   60.637515][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.652566][ T3484] vhci_hcd: stop threads
[   60.656951][ T3484] vhci_hcd: release socket
[   60.661383][ T3484] vhci_hcd: disconnect device
[   60.704879][ T4315] FAULT_INJECTION: forcing a failure.
[   60.704879][ T4315] name failslab, interval 1, probability 0, space 0, times 0
[   60.717681][ T4315] CPU: 1 UID: 0 PID: 4315 Comm: syz.2.236 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.717732][ T4315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.717747][ T4315] Call Trace:
[   60.717755][ T4315]  <TASK>
[   60.717764][ T4315]  __dump_stack+0x1d/0x30
[   60.717785][ T4315]  dump_stack_lvl+0xe8/0x140
[   60.717881][ T4315]  dump_stack+0x15/0x1b
[   60.717902][ T4315]  should_fail_ex+0x265/0x280
[   60.717925][ T4315]  should_failslab+0x8c/0xb0
[   60.717960][ T4315]  kmem_cache_alloc_noprof+0x50/0x480
[   60.717987][ T4315]  ? getname_flags+0x80/0x3b0
[   60.718087][ T4315]  ? fput+0x8f/0xc0
[   60.718176][ T4315]  getname_flags+0x80/0x3b0
[   60.718233][ T4315]  __x64_sys_execve+0x42/0x70
[   60.718261][ T4315]  x64_sys_call+0x271a/0x3000
[   60.718282][ T4315]  do_syscall_64+0xd2/0x200
[   60.718300][ T4315]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.718334][ T4315]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   60.718417][ T4315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.718442][ T4315] RIP: 0033:0x7f52bbcdefc9
[   60.718507][ T4315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.718528][ T4315] RSP: 002b:00007f52ba73f038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   60.718551][ T4315] RAX: ffffffffffffffda RBX: 00007f52bbf35fa0 RCX: 00007f52bbcdefc9
[   60.718606][ T4315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000400
[   60.718620][ T4315] RBP: 00007f52ba73f090 R08: 0000000000000000 R09: 0000000000000000
[   60.718714][ T4315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.718728][ T4315] R13: 00007f52bbf36038 R14: 00007f52bbf35fa0 R15: 00007ffd48ecca68
[   60.718748][ T4315]  </TASK>
[   60.908656][ T4317] netlink: 'syz.3.237': attribute type 4 has an invalid length.
[   60.916697][ T4317] netlink: 152 bytes leftover after parsing attributes in process `syz.3.237'.
[   60.930054][ T4317] .`: renamed from bond0 (while UP)
[   60.965773][ T4323] netlink: 12 bytes leftover after parsing attributes in process `syz.2.240'.
[   61.004257][ T4325] bridge0: port 1(ipvlan2) entered blocking state
[   61.010942][ T4325] bridge0: port 1(ipvlan2) entered disabled state
[   61.019632][ T4325] ipvlan2: entered allmulticast mode
[   61.024986][ T4325] bridge0: entered allmulticast mode
[   61.031457][ T4325] ipvlan2: left allmulticast mode
[   61.036714][ T4325] bridge0: left allmulticast mode
[   61.102318][ T4328] 9pnet_fd: Insufficient options for proto=fd
[   61.146712][ T4330] netlink: 'syz.3.242': attribute type 12 has an invalid length.
[   61.275975][ T4337] 9p: Unknown access argument ‘SW
rRHÜ„: -22
[   61.332109][ T4338] bridge0: port 1(ipvlan2) entered blocking state
[   61.338719][ T4338] bridge0: port 1(ipvlan2) entered disabled state
[   61.377387][ T4338] ipvlan2: entered allmulticast mode
[   61.382749][ T4338] bridge0: entered allmulticast mode
[   61.406076][ T4338] ipvlan2: left allmulticast mode
[   61.408974][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.411167][ T4338] bridge0: left allmulticast mode
[   61.469562][ T4346] loop0: detected capacity change from 0 to 1024
[   61.488677][ T4346] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.508010][ T4346] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.247: Allocating blocks 497-513 which overlap fs metadata
[   61.526313][ T4346] EXT4-fs (loop0): pa ffff888106ec85b0: logic 16, phys. 129, len 24
[   61.534373][ T4346] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   61.687935][ T4357] 9pnet_fd: Insufficient options for proto=fd
[   61.781396][ T4363] netlink: 12 bytes leftover after parsing attributes in process `syz.4.253'.
[   62.160383][ T4389] FAULT_INJECTION: forcing a failure.
[   62.160383][ T4389] name failslab, interval 1, probability 0, space 0, times 0
[   62.173197][ T4389] CPU: 0 UID: 0 PID: 4389 Comm: syz.2.257 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.173235][ T4389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   62.173246][ T4389] Call Trace:
[   62.173252][ T4389]  <TASK>
[   62.173260][ T4389]  __dump_stack+0x1d/0x30
[   62.173280][ T4389]  dump_stack_lvl+0xe8/0x140
[   62.173298][ T4389]  dump_stack+0x15/0x1b
[   62.173382][ T4389]  should_fail_ex+0x265/0x280
[   62.173399][ T4389]  should_failslab+0x8c/0xb0
[   62.173424][ T4389]  kmem_cache_alloc_noprof+0x50/0x480
[   62.173448][ T4389]  ? fcntl_setlk+0x53/0x950
[   62.173474][ T4389]  fcntl_setlk+0x53/0x950
[   62.173579][ T4389]  ? should_fail_ex+0xdb/0x280
[   62.173597][ T4389]  do_fcntl+0x5dd/0xdf0
[   62.173621][ T4389]  ? selinux_file_fcntl+0x1cb/0x1e0
[   62.173663][ T4389]  __se_sys_fcntl+0xb1/0x120
[   62.173688][ T4389]  __x64_sys_fcntl+0x43/0x50
[   62.173747][ T4389]  x64_sys_call+0x29a4/0x3000
[   62.173767][ T4389]  do_syscall_64+0xd2/0x200
[   62.173843][ T4389]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   62.173868][ T4389]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   62.173921][ T4389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.173941][ T4389] RIP: 0033:0x7f52bbcdefc9
[   62.173955][ T4389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.173970][ T4389] RSP: 002b:00007f52ba73f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[   62.173986][ T4389] RAX: ffffffffffffffda RBX: 00007f52bbf35fa0 RCX: 00007f52bbcdefc9
[   62.173996][ T4389] RDX: 00002000000000c0 RSI: 0000000000000025 RDI: 0000000000000006
[   62.174079][ T4389] RBP: 00007f52ba73f090 R08: 0000000000000000 R09: 0000000000000000
[   62.174089][ T4389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.174099][ T4389] R13: 00007f52bbf36038 R14: 00007f52bbf35fa0 R15: 00007ffd48ecca68
[   62.174116][ T4389]  </TASK>
[   62.478246][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.084105][ T4406] loop4: detected capacity change from 0 to 512
[   63.091206][ T4406] ext4: Unknown parameter 'nouser_xattr'
[   63.120764][ T4406] loop4: detected capacity change from 0 to 2048
[   63.127837][ T4406] EXT4-fs: Ignoring removed bh option
[   63.166714][ T4406] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.191011][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.385011][ T4414] FAULT_INJECTION: forcing a failure.
[   63.385011][ T4414] name failslab, interval 1, probability 0, space 0, times 0
[   63.397771][ T4414] CPU: 1 UID: 0 PID: 4414 Comm: syz.4.268 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.397803][ T4414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   63.397817][ T4414] Call Trace:
[   63.397825][ T4414]  <TASK>
[   63.397834][ T4414]  __dump_stack+0x1d/0x30
[   63.397860][ T4414]  dump_stack_lvl+0xe8/0x140
[   63.397884][ T4414]  dump_stack+0x15/0x1b
[   63.397923][ T4414]  should_fail_ex+0x265/0x280
[   63.397945][ T4414]  should_failslab+0x8c/0xb0
[   63.397980][ T4414]  __kmalloc_noprof+0xa5/0x570
[   63.398014][ T4414]  ? io_cache_alloc_new+0x2a/0xb0
[   63.398105][ T4414]  io_cache_alloc_new+0x2a/0xb0
[   63.398135][ T4414]  __io_prep_rw+0xcf/0x6d0
[   63.398171][ T4414]  ? io_issue_sqe+0x2ea/0xa80
[   63.398209][ T4414]  io_prep_write+0x34/0xe0
[   63.398295][ T4414]  io_submit_sqes+0x5ef/0x1060
[   63.398364][ T4414]  __se_sys_io_uring_enter+0x1c1/0x1b70
[   63.398403][ T4414]  ? 0xffffffff81000000
[   63.398419][ T4414]  ? __rcu_read_unlock+0x4f/0x70
[   63.398448][ T4414]  ? get_pid_task+0x96/0xd0
[   63.398543][ T4414]  ? proc_fail_nth_write+0x13b/0x160
[   63.398574][ T4414]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   63.398664][ T4414]  ? vfs_write+0x7e8/0x960
[   63.398694][ T4414]  ? __rcu_read_unlock+0x4f/0x70
[   63.398726][ T4414]  ? __fget_files+0x184/0x1c0
[   63.398765][ T4414]  ? fput+0x8f/0xc0
[   63.398783][ T4414]  __x64_sys_io_uring_enter+0x78/0x90
[   63.398890][ T4414]  x64_sys_call+0x2df0/0x3000
[   63.398920][ T4414]  do_syscall_64+0xd2/0x200
[   63.398943][ T4414]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   63.399033][ T4414]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   63.399073][ T4414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.399177][ T4414] RIP: 0033:0x7fdfbee8efc9
[   63.399196][ T4414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.399218][ T4414] RSP: 002b:00007fdfbd8ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   63.399242][ T4414] RAX: ffffffffffffffda RBX: 00007fdfbf0e5fa0 RCX: 00007fdfbee8efc9
[   63.399257][ T4414] RDX: 0000000000007721 RSI: 0000000000002219 RDI: 0000000000000000
[   63.399289][ T4414] RBP: 00007fdfbd8ef090 R08: 0000000000000000 R09: 0000000000000000
[   63.399304][ T4414] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000001
[   63.399319][ T4414] R13: 00007fdfbf0e6038 R14: 00007fdfbf0e5fa0 R15: 00007fffe5872018
[   63.399397][ T4414]  </TASK>
[   63.663493][ T4422] bridge0: port 3(ipvlan2) entered blocking state
[   63.670253][ T4422] bridge0: port 3(ipvlan2) entered disabled state
[   63.676999][ T4422] ipvlan2: entered allmulticast mode
[   63.682363][ T4422] bridge0: entered allmulticast mode
[   63.688874][ T4422] ipvlan2: left allmulticast mode
[   63.693983][ T4422] bridge0: left allmulticast mode
[   63.706869][ T4426] loop2: detected capacity change from 0 to 1024
[   63.726977][ T4426] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.747371][ T4426] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: comm syz.2.273: inode #3171687: comm syz.2.273: iget: illegal inode #
[   63.764466][ T4426] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.273: error while reading EA inode 3171687 err=-117
[   63.797553][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.844039][ T4433] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   63.860176][ T4431] netlink: 'syz.4.275': attribute type 12 has an invalid length.
[   63.872640][ T4433] sch_fq: defrate 4294967295 ignored.
[   64.031960][ T4443] netlink: 20 bytes leftover after parsing attributes in process `syz.4.279'.
[   64.049253][ T4443] netlink: 4 bytes leftover after parsing attributes in process `syz.4.279'.
[   64.255620][ T3402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   64.475126][   T29] kauditd_printk_skb: 667 callbacks suppressed
[   64.475144][   T29] audit: type=1326 audit(1761576799.032:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4450 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0280f3efc9 code=0x7ffc0000
[   64.505647][   T29] audit: type=1326 audit(1761576799.032:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4450 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0280f3efc9 code=0x7ffc0000
[   64.563244][   T29] audit: type=1326 audit(1761576799.092:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4450 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0280f3efc9 code=0x7ffc0000
[   64.586679][   T29] audit: type=1326 audit(1761576799.092:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4450 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0280f3efc9 code=0x7ffc0000
[   64.610697][   T29] audit: type=1326 audit(1761576799.092:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4450 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0280f3efc9 code=0x7ffc0000
[   64.634883][   T29] audit: type=1326 audit(1761576799.102:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4450 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0280f3efc9 code=0x7ffc0000
[   64.658157][   T29] audit: type=1326 audit(1761576799.102:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4450 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0280f3efc9 code=0x7ffc0000
[   64.681495][   T29] audit: type=1326 audit(1761576799.102:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4450 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0280f3efc9 code=0x7ffc0000
[   64.704954][   T29] audit: type=1326 audit(1761576799.102:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4450 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0280f3efc9 code=0x7ffc0000
[   64.728460][   T29] audit: type=1326 audit(1761576799.102:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4450 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0280f3efc9 code=0x7ffc0000
[   64.751845][ T4472] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   64.773000][ T4472] sch_fq: defrate 4294967295 ignored.
[   64.800274][ T4474] netlink: 'syz.2.287': attribute type 4 has an invalid length.
[   64.815858][ T4476] netlink: 'syz.0.288': attribute type 12 has an invalid length.
[   64.832040][ T4478] netlink: 16 bytes leftover after parsing attributes in process `syz.2.289'.
[   64.841479][ T4478] netlink: 'syz.2.289': attribute type 10 has an invalid length.
[   64.849439][ T4478] netlink: 40 bytes leftover after parsing attributes in process `syz.2.289'.
[   64.886290][ T4480] netlink: 12 bytes leftover after parsing attributes in process `syz.2.290'.
[   64.912618][ T4483] bridge0: port 3(ipvlan2) entered blocking state
[   64.919465][ T4483] bridge0: port 3(ipvlan2) entered disabled state
[   64.926488][ T4483] ipvlan2: entered allmulticast mode
[   64.931807][ T4483] bridge0: entered allmulticast mode
[   64.938193][ T4483] ipvlan2: left allmulticast mode
[   64.943273][ T4483] bridge0: left allmulticast mode
[   64.949932][ T4485] netlink: 16 bytes leftover after parsing attributes in process `syz.4.292'.
[   64.961274][ T4485] netlink: 4 bytes leftover after parsing attributes in process `syz.4.292'.
[   64.985258][ T1036] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   65.040656][ T4494] loop0: detected capacity change from 0 to 512
[   65.047382][ T4494] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   65.061031][ T4494] netlink: 8 bytes leftover after parsing attributes in process `syz.0.296'.
[   65.112194][ T4499] bridge_slave_0: left allmulticast mode
[   65.118076][ T4499] bridge_slave_0: left promiscuous mode
[   65.124038][ T4499] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.133293][ T4499] bridge_slave_1: left allmulticast mode
[   65.139101][ T4499] bridge_slave_1: left promiscuous mode
[   65.144894][ T4499] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.155326][ T4499] bond0: (slave bond_slave_0): Releasing backup interface
[   65.164914][ T4499] bond0: (slave bond_slave_1): Releasing backup interface
[   65.175341][ T4499] team_slave_0: left promiscuous mode
[   65.182520][ T4499] team0: Port device team_slave_0 removed
[   65.189925][ T4499] team_slave_1: left promiscuous mode
[   65.197062][ T4499] team0: Port device team_slave_1 removed
[   65.207057][ T4499] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   65.214454][ T4499] batman_adv: batadv0: Removing interface: batadv_slave_0
[   65.223865][ T4499] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   65.231337][ T4499] batman_adv: batadv0: Removing interface: batadv_slave_1
[   65.240957][ T4499] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   65.265043][ T4503] sch_fq: defrate 4294967295 ignored.
[   65.335998][ T4508] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   65.338137][ T4510] netlink: 'syz.2.302': attribute type 10 has an invalid length.
[   65.360117][ T4510] netlink: 40 bytes leftover after parsing attributes in process `syz.2.302'.
[   65.376454][ T4510] sch_fq: defrate 4294967295 ignored.
[   65.392836][ T4512] netlink: 16 bytes leftover after parsing attributes in process `syz.0.303'.
[   65.402467][ T4512] netlink: 4 bytes leftover after parsing attributes in process `syz.0.303'.
[   65.454005][ T4521] netlink: 12 bytes leftover after parsing attributes in process `syz.0.307'.
[   65.625166][   T36] usb 1-1: enqueue for inactive port 0
[   65.630711][   T36] usb 1-1: enqueue for inactive port 0
[   65.630921][ T4525] loop0: detected capacity change from 0 to 512
[   65.643458][ T4525] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   65.706329][   T36] vhci_hcd: vhci_device speed not set
[   65.783483][ T4535] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   66.370826][ T4550] loop2: detected capacity change from 0 to 512
[   66.383081][ T4550] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   66.398563][ T4550] EXT4-fs (loop2): mount failed
[   66.848319][ T4565] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   66.922024][ T4572] syz.3.328 uses obsolete (PF_INET,SOCK_PACKET)
[   66.987062][ T4578] loop4: detected capacity change from 0 to 128
[   66.993860][ T4578] vfat: Unknown parameter '“Ëu9ž3r¿Q5Mø'
[   67.302621][ T4609] loop0: detected capacity change from 0 to 128
[   67.309513][ T4609] vfat: Unknown parameter '“Ëu9ž3r¿Q5Mø'
[   67.378731][ T4617] loop4: detected capacity change from 0 to 4096
[   67.385421][ T4617] EXT4-fs: Ignoring removed nomblk_io_submit option
[   67.393918][ T4617] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.597532][ T4629] hub 1-0:1.0: USB hub found
[   67.605490][ T4629] hub 1-0:1.0: 8 ports detected
[   67.619345][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.640301][ T4629] netdevsim netdevsim1: Direct firmware load for þ failed with error -2
[   67.662892][ T4637] loop4: detected capacity change from 0 to 512
[   67.685549][ T4640] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4640 comm=syz.0.351
[   67.706850][ T4637] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   67.715508][ T4629] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   67.775707][ T4629] 8021q: adding VLAN 0 to HW filter on device macvlan3
[   67.796382][ T4646] FAULT_INJECTION: forcing a failure.
[   67.796382][ T4646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.809624][ T4646] CPU: 1 UID: 0 PID: 4646 Comm: syz.0.354 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.809653][ T4646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   67.809743][ T4646] Call Trace:
[   67.809753][ T4646]  <TASK>
[   67.809761][ T4646]  __dump_stack+0x1d/0x30
[   67.809783][ T4646]  dump_stack_lvl+0xe8/0x140
[   67.809809][ T4646]  dump_stack+0x15/0x1b
[   67.809831][ T4646]  should_fail_ex+0x265/0x280
[   67.809854][ T4646]  should_fail+0xb/0x20
[   67.809874][ T4646]  should_fail_usercopy+0x1a/0x20
[   67.809900][ T4646]  _copy_from_user+0x1c/0xb0
[   67.809989][ T4646]  ___sys_sendmsg+0xc1/0x1d0
[   67.810040][ T4646]  __x64_sys_sendmsg+0xd4/0x160
[   67.810187][ T4646]  x64_sys_call+0x191e/0x3000
[   67.810209][ T4646]  do_syscall_64+0xd2/0x200
[   67.810303][ T4646]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   67.810330][ T4646]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   67.810367][ T4646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.810441][ T4646] RIP: 0033:0x7f0280f3efc9
[   67.810459][ T4646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.810536][ T4646] RSP: 002b:00007f027f9a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.810558][ T4646] RAX: ffffffffffffffda RBX: 00007f0281195fa0 RCX: 00007f0280f3efc9
[   67.810570][ T4646] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[   67.810582][ T4646] RBP: 00007f027f9a7090 R08: 0000000000000000 R09: 0000000000000000
[   67.810593][ T4646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.810669][ T4646] R13: 00007f0281196038 R14: 00007f0281195fa0 R15: 00007fffcb9faed8
[   67.810742][ T4646]  </TASK>
[   68.048018][ T4657] 9pnet_fd: Insufficient options for proto=fd
[   68.083077][ T4659] FAULT_INJECTION: forcing a failure.
[   68.083077][ T4659] name failslab, interval 1, probability 0, space 0, times 0
[   68.095915][ T4659] CPU: 0 UID: 0 PID: 4659 Comm: syz.1.359 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.095945][ T4659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   68.095986][ T4659] Call Trace:
[   68.095993][ T4659]  <TASK>
[   68.096001][ T4659]  __dump_stack+0x1d/0x30
[   68.096106][ T4659]  dump_stack_lvl+0xe8/0x140
[   68.096126][ T4659]  dump_stack+0x15/0x1b
[   68.096201][ T4659]  should_fail_ex+0x265/0x280
[   68.096225][ T4659]  should_failslab+0x8c/0xb0
[   68.096259][ T4659]  kmem_cache_alloc_noprof+0x50/0x480
[   68.096370][ T4659]  ? alloc_empty_file+0x76/0x200
[   68.096484][ T4659]  alloc_empty_file+0x76/0x200
[   68.096521][ T4659]  alloc_file_pseudo+0xc6/0x160
[   68.096586][ T4659]  __shmem_file_setup+0x1de/0x210
[   68.096659][ T4659]  shmem_file_setup+0x3b/0x50
[   68.096682][ T4659]  __se_sys_memfd_create+0x2c3/0x590
[   68.096713][ T4659]  __x64_sys_memfd_create+0x31/0x40
[   68.096813][ T4659]  x64_sys_call+0x2ac2/0x3000
[   68.096841][ T4659]  do_syscall_64+0xd2/0x200
[   68.096863][ T4659]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   68.096958][ T4659]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   68.096998][ T4659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.097072][ T4659] RIP: 0033:0x7f273955efc9
[   68.097087][ T4659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.097104][ T4659] RSP: 002b:00007f2737fbee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   68.097122][ T4659] RAX: ffffffffffffffda RBX: 0000000000001045 RCX: 00007f273955efc9
[   68.097134][ T4659] RDX: 00007f2737fbeef0 RSI: 0000000000000000 RDI: 00007f27395e2960
[   68.097145][ T4659] RBP: 0000200000001140 R08: 00007f2737fbebb7 R09: 00007f2737fbee40
[   68.097214][ T4659] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000010c0
[   68.097227][ T4659] R13: 00007f2737fbeef0 R14: 00007f2737fbeeb0 R15: 0000200000001100
[   68.097246][ T4659]  </TASK>
[   68.424000][ T4667] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   68.853612][ T4704] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.376' sets config #1
[   68.985674][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   69.320851][ T4720] bridge0: port 1(ipvlan2) entered blocking state
[   69.327492][ T4720] bridge0: port 1(ipvlan2) entered disabled state
[   69.386190][ T4720] ipvlan2: entered allmulticast mode
[   69.391563][ T4720] bridge0: entered allmulticast mode
[   69.425493][ T4720] ipvlan2: left allmulticast mode
[   69.430660][ T4720] bridge0: left allmulticast mode
[   69.532507][ T4732] hub 1-0:1.0: USB hub found
[   69.550635][ T4732] hub 1-0:1.0: 8 ports detected
[   69.568960][ T4738] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.390' sets config #1
[   69.663344][ T4732] netdevsim netdevsim0: Direct firmware load for þ failed with error -2
[   69.699333][ T4732] 8021q: adding VLAN 0 to HW filter on device macvlan8
[   69.724557][ T4732] 8021q: adding VLAN 0 to HW filter on device macvlan9
[   69.742804][ T4747] tmpfs: Bad value for 'mpol'
[   69.807259][ T4749] loop4: detected capacity change from 0 to 128
[   69.828662][   T29] kauditd_printk_skb: 726 callbacks suppressed
[   69.828676][   T29] audit: type=1326 audit(1761576804.392:2375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   69.830327][ T4749] vfat: Unknown parameter '“Ëu9ž3r¿Q5Mø'
[   69.835029][   T29] audit: type=1326 audit(1761576804.392:2376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   69.835059][   T29] audit: type=1326 audit(1761576804.392:2377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   69.912207][   T29] audit: type=1326 audit(1761576804.392:2378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   69.925880][ T4755] netlink: 'syz.3.392': attribute type 12 has an invalid length.
[   69.936266][   T29] audit: type=1326 audit(1761576804.392:2379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   69.967733][   T29] audit: type=1326 audit(1761576804.392:2380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   70.136210][   T29] audit: type=1326 audit(1761576804.432:2381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   70.159592][   T29] audit: type=1326 audit(1761576804.482:2382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   70.183141][   T29] audit: type=1326 audit(1761576804.482:2383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   70.183251][   T29] audit: type=1326 audit(1761576804.492:2384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   70.397204][ T4776] loop3: detected capacity change from 0 to 512
[   71.461958][ T4776] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   71.506210][ T4776] EXT4-fs (loop3): mount failed
[   71.529223][ T4794] loop4: detected capacity change from 0 to 512
[   71.543053][ T4794] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 not in group (block 4294967295)!
[   71.554469][ T4794] EXT4-fs (loop4): group descriptors corrupted!
[   71.776778][ T4808] loop2: detected capacity change from 0 to 512
[   71.959833][ T4808] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   71.970472][ T4801] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   72.001881][ T4813] netlink: 'syz.3.411': attribute type 10 has an invalid length.
[   72.009712][ T4813] __nla_validate_parse: 14 callbacks suppressed
[   72.009731][ T4813] netlink: 40 bytes leftover after parsing attributes in process `syz.3.411'.
[   72.119845][ T4813] sch_fq: defrate 4294967295 ignored.
[   72.182160][ T4820] loop2: detected capacity change from 0 to 2048
[   72.200205][ T4822] tmpfs: Bad value for 'mpol'
[   72.340298][ T4820] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.773177][ T4820] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.907793][ T4820] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.414: bg 0: block 345: padding at end of block bitmap is not set
[   72.935430][ T4820] EXT4-fs (loop2): Remounting filesystem read-only
[   72.942684][ T1075] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   72.980820][ T4820] syz.2.414 (4820) used greatest stack depth: 9480 bytes left
[   73.007710][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.184201][ T4852] bridge0: port 1(ipvlan2) entered blocking state
[   73.190868][ T4852] bridge0: port 1(ipvlan2) entered disabled state
[   73.217894][ T4852] ipvlan2: entered allmulticast mode
[   73.223346][ T4852] bridge0: entered allmulticast mode
[   73.245808][ T4852] ipvlan2: left allmulticast mode
[   73.250960][ T4852] bridge0: left allmulticast mode
[   73.295280][ T4860] loop0: detected capacity change from 0 to 512
[   73.311595][ T4860] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.428: iget: bad i_size value: 38620345925642
[   73.404105][ T4860] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.428: couldn't read orphan inode 15 (err -117)
[   73.416743][ T4863] netlink: 'syz.4.429': attribute type 12 has an invalid length.
[   73.501203][ T4860] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.554537][ T4868] loop4: detected capacity change from 0 to 512
[   73.568233][ T4868] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.583188][ T4868] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.617838][ T4872] netlink: 4 bytes leftover after parsing attributes in process `syz.0.428'.
[   73.768269][ T4874] loop3: detected capacity change from 0 to 512
[   73.775907][ T4874] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   73.851851][ T4875] netlink: 64 bytes leftover after parsing attributes in process `syz.3.432'.
[   73.863219][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.895191][ T4877] bridge0: port 1(ipvlan2) entered blocking state
[   73.901881][ T4877] bridge0: port 1(ipvlan2) entered disabled state
[   73.909185][ T4877] ipvlan2: entered allmulticast mode
[   73.914513][ T4877] bridge0: entered allmulticast mode
[   73.921313][ T4877] ipvlan2: left allmulticast mode
[   73.926512][ T4877] bridge0: left allmulticast mode
[   74.020466][ T4880] loop4: detected capacity change from 0 to 512
[   74.028580][ T4881] 9pnet_fd: Insufficient options for proto=fd
[   74.029174][ T4880] ext4: Unknown parameter 'nouser_xattr'
[   74.056165][ T4880] loop4: detected capacity change from 0 to 2048
[   74.063031][ T4880] EXT4-fs: Ignoring removed bh option
[   74.097663][ T4880] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.138578][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.215974][ T4886] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   74.236103][ T4849] syz.2.426 (4849) used greatest stack depth: 7240 bytes left
[   74.302208][ T4891] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   74.319031][ T4886] sch_fq: defrate 4294967295 ignored.
[   74.367343][ T4897] tmpfs: Bad value for 'mpol'
[   74.379819][ T4899] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.440' sets config #1
[   74.499657][ T4908] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   74.533334][ T4908] netlink: 'syz.0.444': attribute type 10 has an invalid length.
[   74.541241][ T4908] netlink: 40 bytes leftover after parsing attributes in process `syz.0.444'.
[   74.587762][ T4910] loop2: detected capacity change from 0 to 512
[   74.606522][ T4910] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.445: iget: bad i_size value: 38620345925642
[   74.643584][ T4910] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.445: couldn't read orphan inode 15 (err -117)
[   74.669965][ T4910] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.688774][ T4920] loop1: detected capacity change from 0 to 1024
[   74.720412][ T4920] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.738092][   T52] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   74.755095][   T52] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   74.767645][   T52] EXT4-fs (loop4): This should not happen!! Data will be lost
[   74.767645][   T52] 
[   74.776438][ T4931] tmpfs: Bad value for 'mpol'
[   74.777335][   T52] EXT4-fs (loop4): Total free blocks count 0
[   74.787997][   T52] EXT4-fs (loop4): Free/Dirty block details
[   74.794183][   T52] EXT4-fs (loop4): free_blocks=2415919104
[   74.800422][   T52] EXT4-fs (loop4): dirty_blocks=8192
[   74.805896][   T52] EXT4-fs (loop4): Block reservation details
[   74.812031][   T52] EXT4-fs (loop4): i_reserved_data_blocks=512
[   74.821150][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.831812][ T4933] loop3: detected capacity change from 0 to 1024
[   74.832999][ T4929] netlink: 4 bytes leftover after parsing attributes in process `syz.2.445'.
[   74.855645][   T52] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   74.888338][ T4933] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.913768][ T4933] blktrace: Concurrent blktraces are not allowed on loop6
[   74.913911][ T4938] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   74.989548][ T4942] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.451' sets config #1
[   75.083912][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.133219][   T29] kauditd_printk_skb: 1615 callbacks suppressed
[   75.133237][   T29] audit: type=1326 audit(1761576809.692:3999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4946 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   75.163469][   T29] audit: type=1326 audit(1761576809.692:4000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4946 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   75.187632][   T29] audit: type=1326 audit(1761576809.692:4001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4946 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   75.211260][   T29] audit: type=1326 audit(1761576809.692:4002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4946 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   75.234759][   T29] audit: type=1326 audit(1761576809.692:4003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4946 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   75.258348][   T29] audit: type=1326 audit(1761576809.692:4004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4946 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   75.281936][   T29] audit: type=1326 audit(1761576809.692:4005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4946 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   75.305324][   T29] audit: type=1326 audit(1761576809.692:4006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4946 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   75.328987][   T29] audit: type=1326 audit(1761576809.692:4007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4946 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   75.352749][   T29] audit: type=1326 audit(1761576809.692:4008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4946 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7139cefc9 code=0x7ffc0000
[   75.562640][ T4952] netlink: 'syz.3.457': attribute type 10 has an invalid length.
[   75.570889][ T4952] netlink: 40 bytes leftover after parsing attributes in process `syz.3.457'.
[   75.614887][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.630993][ T4954] loop0: detected capacity change from 0 to 128
[   75.672283][ T4954] netlink: 16 bytes leftover after parsing attributes in process `syz.0.458'.
[   75.691360][ T4951] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   75.734700][ T4956] netlink: 'syz.4.460': attribute type 12 has an invalid length.
[   75.919065][ T4961] loop2: detected capacity change from 0 to 128
[   75.938747][ T4963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.461'.
[   75.954051][ T4961] vfat: Unknown parameter '“Ëu9ž3r¿Q5Mø'
[   75.977208][ T4963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.461'.
[   76.014007][ T4969] loop4: detected capacity change from 0 to 1024
[   76.021981][ T4969] EXT4-fs (loop4): unsupported inode size: 143
[   76.028247][ T4969] EXT4-fs (loop4): blocksize: 1024
[   76.034388][ T4973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.466'.
[   76.043557][ T4969] loop4: detected capacity change from 0 to 164
[   76.051964][ T4969] process 'syz.4.464' launched '/dev/fd/7' with NULL argv: empty string added
[   76.071676][ T4969] syz.4.464: attempt to access beyond end of device
[   76.071676][ T4969] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   76.087106][ T4980] netlink: 'syz.3.467': attribute type 10 has an invalid length.
[   76.095800][ T4969] syz.4.464: attempt to access beyond end of device
[   76.095800][ T4969] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[   76.103650][ T4975] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   76.144174][ T4979] loop2: detected capacity change from 0 to 512
[   76.182373][ T4979] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.198853][ T4990] loop1: detected capacity change from 0 to 512
[   76.205725][ T4990] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   76.219216][ T4979] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.251168][ T4992] netlink: 'syz.0.474': attribute type 12 has an invalid length.
[   76.287825][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.313659][ T4990] 9pnet_fd: Insufficient options for proto=fd
[   76.330387][ T5006] loop0: detected capacity change from 0 to 512
[   76.337173][ T5006] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   76.367459][ T5007] bridge0: port 1(ipvlan2) entered blocking state
[   76.374519][ T5007] bridge0: port 1(ipvlan2) entered disabled state
[   76.381810][ T5007] ipvlan2: entered allmulticast mode
[   76.387178][ T5007] bridge0: entered allmulticast mode
[   76.392978][ T5007] ipvlan2: left allmulticast mode
[   76.398101][ T5007] bridge0: left allmulticast mode
[   76.458495][ T5020] loop3: detected capacity change from 0 to 512
[   76.466032][ T5020] EXT4-fs: inline encryption not supported
[   76.471964][ T5020] EXT4-fs: inline encryption not supported
[   76.478490][ T5013] 9pnet_fd: Insufficient options for proto=fd
[   76.480016][ T5020] EXT4-fs (loop3): Number of reserved GDT blocks insanely large: 935
[   76.560931][ T5028] loop1: detected capacity change from 0 to 512
[   76.578356][ T5032] netlink: 'syz.4.491': attribute type 12 has an invalid length.
[   76.589267][ T5028] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.605223][ T5028] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.620372][ T5037] loop3: detected capacity change from 0 to 512
[   76.627278][ T5037] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   76.685494][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.743638][ T5050] netlink: 'syz.1.497': attribute type 12 has an invalid length.
[   76.811754][ T5054] 9pnet_fd: Insufficient options for proto=fd
[   77.257466][ T5069] tmpfs: Bad value for 'mpol'
[   77.548228][ T5075] loop0: detected capacity change from 0 to 2048
[   78.006839][ T5075] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   78.439009][ T5085] __nla_validate_parse: 6 callbacks suppressed
[   78.439029][ T5085] netlink: 4 bytes leftover after parsing attributes in process `syz.1.508'.
[   78.505905][ T5087] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   78.607244][ T5099] hub 1-0:1.0: USB hub found
[   78.624460][ T5099] hub 1-0:1.0: 8 ports detected
[   78.630910][ T5075] xt_CT: No such helper "netbios-ns"
[   78.647906][ T5099] netdevsim netdevsim3: Direct firmware load for þ failed with error -2
[   78.673007][ T5106] tmpfs: Bad value for 'mpol'
[   78.709657][ T5110] FAULT_INJECTION: forcing a failure.
[   78.709657][ T5110] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.717211][ T5112] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   78.723007][ T5110] CPU: 1 UID: 0 PID: 5110 Comm: syz.1.519 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.723044][ T5110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   78.723071][ T5110] Call Trace:
[   78.723080][ T5110]  <TASK>
[   78.723089][ T5110]  __dump_stack+0x1d/0x30
[   78.723122][ T5110]  dump_stack_lvl+0xe8/0x140
[   78.723151][ T5110]  dump_stack+0x15/0x1b
[   78.723175][ T5110]  should_fail_ex+0x265/0x280
[   78.723267][ T5110]  should_fail+0xb/0x20
[   78.723288][ T5110]  should_fail_usercopy+0x1a/0x20
[   78.723374][ T5110]  _copy_from_iter+0xd2/0xe80
[   78.723404][ T5110]  ? percpu_counter_add_batch+0x124/0x130
[   78.723460][ T5110]  ? __rcu_read_unlock+0x4f/0x70
[   78.723496][ T5110]  ? avc_has_perm_noaudit+0x1b1/0x200
[   78.723590][ T5110]  copy_page_from_iter+0x178/0x2a0
[   78.723623][ T5110]  ? __pfx_anon_pipe_write+0x1/0x10
[   78.723663][ T5110]  anon_pipe_write+0x541/0xb30
[   78.723703][ T5110]  ? __pfx_anon_pipe_write+0x1/0x10
[   78.723779][ T5110]  ? __pfx_anon_pipe_write+0x10/0x10
[   78.723814][ T5110]  vfs_write+0x52a/0x960
[   78.723856][ T5110]  ksys_write+0xda/0x1a0
[   78.723891][ T5110]  __x64_sys_write+0x40/0x50
[   78.724032][ T5110]  x64_sys_call+0x2802/0x3000
[   78.724062][ T5110]  do_syscall_64+0xd2/0x200
[   78.724088][ T5110]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   78.724147][ T5110]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   78.724189][ T5110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.724218][ T5110] RIP: 0033:0x7f273955da7f
[   78.724239][ T5110] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   78.724274][ T5110] RSP: 002b:00007f2737fbcd30 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   78.724300][ T5110] RAX: ffffffffffffffda RBX: 0000000000000029 RCX: 00007f273955da7f
[   78.724315][ T5110] RDX: 0000000000000029 RSI: 00007f2737fbcf30 RDI: 0000000000000002
[   78.724332][ T5110] RBP: 00007f2737fbcf30 R08: 0000000000000000 R09: 0000000000000000
[   78.724414][ T5110] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000029
[   78.724432][ T5110] R13: 00007f2739787640 R14: 0000000000000029 R15: 00007f2739788ca0
[   78.724465][ T5110]  </TASK>
[   78.732006][ T5108] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   78.969302][ T3409] hid_parser_main: 33 callbacks suppressed
[   78.969323][ T3409] hid-generic 0000:0000:10001.0009: unknown main item tag 0x0
[   78.982774][ T3409] hid-generic 0000:0000:10001.0009: unknown main item tag 0x0
[   78.990388][ T3409] hid-generic 0000:0000:10001.0009: unknown main item tag 0x0
[   78.998070][ T3409] hid-generic 0000:0000:10001.0009: unknown main item tag 0x0
[   79.005386][ T5117] netlink: 'syz.4.521': attribute type 12 has an invalid length.
[   79.005629][ T3409] hid-generic 0000:0000:10001.0009: unknown main item tag 0x0
[   79.020836][ T3409] hid-generic 0000:0000:10001.0009: unknown main item tag 0x0
[   79.028404][ T3409] hid-generic 0000:0000:10001.0009: unknown main item tag 0x0
[   79.035927][ T3409] hid-generic 0000:0000:10001.0009: unknown main item tag 0x0
[   79.043423][ T3409] hid-generic 0000:0000:10001.0009: unknown main item tag 0x0
[   79.050961][ T3409] hid-generic 0000:0000:10001.0009: unknown main item tag 0x0
[   79.060089][ T3409] hid-generic 0000:0000:10001.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   79.071500][ T5108] sch_fq: defrate 4294967295 ignored.
[   79.095251][ T5127] netlink: 4 bytes leftover after parsing attributes in process `syz.1.523'.
[   79.155970][ T5133] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   79.298408][ T5137] loop4: detected capacity change from 0 to 512
[   79.440000][ T5137] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   79.448589][ T5137] EXT4-fs (loop4): orphan cleanup on readonly fs
[   79.514513][ T5155] FAULT_INJECTION: forcing a failure.
[   79.514513][ T5155] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.527726][ T5155] CPU: 0 UID: 0 PID: 5155 Comm: syz.1.530 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.527758][ T5155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   79.527786][ T5155] Call Trace:
[   79.527792][ T5155]  <TASK>
[   79.527799][ T5155]  __dump_stack+0x1d/0x30
[   79.527822][ T5155]  dump_stack_lvl+0xe8/0x140
[   79.527845][ T5155]  dump_stack+0x15/0x1b
[   79.527930][ T5155]  should_fail_ex+0x265/0x280
[   79.527948][ T5155]  should_fail+0xb/0x20
[   79.527966][ T5155]  should_fail_usercopy+0x1a/0x20
[   79.527990][ T5155]  strncpy_from_user+0x25/0x230
[   79.528020][ T5155]  __se_sys_memfd_create+0x1ff/0x590
[   79.528126][ T5155]  __x64_sys_memfd_create+0x31/0x40
[   79.528156][ T5155]  x64_sys_call+0x2ac2/0x3000
[   79.528179][ T5155]  do_syscall_64+0xd2/0x200
[   79.528201][ T5155]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   79.528279][ T5155]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   79.528360][ T5155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.528382][ T5155] RIP: 0033:0x7f273955efc9
[   79.528398][ T5155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.528415][ T5155] RSP: 002b:00007f2737fbee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   79.528476][ T5155] RAX: ffffffffffffffda RBX: 0000000000000514 RCX: 00007f273955efc9
[   79.528491][ T5155] RDX: 00007f2737fbeef0 RSI: 0000000000000000 RDI: 00007f27395e2960
[   79.528506][ T5155] RBP: 0000200000000300 R08: 00007f2737fbebb7 R09: 00007f2737fbee40
[   79.528547][ T5155] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[   79.528558][ T5155] R13: 00007f2737fbeef0 R14: 00007f2737fbeeb0 R15: 0000200000000040
[   79.528578][ T5155]  </TASK>
[   79.532034][ T5137] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.527: corrupted inode contents
[   79.767692][ T5137] EXT4-fs (loop4): Remounting filesystem read-only
[   79.774413][ T5137] EXT4-fs (loop4): 1 truncate cleaned up
[   79.791070][ T3484] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   79.801836][ T3484] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   79.815846][ T3484] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   79.827253][ T5137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   79.958915][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.044642][ T5176] netlink: 'syz.2.538': attribute type 4 has an invalid length.
[   80.082103][ T5180] hub 1-0:1.0: USB hub found
[   80.088550][ T5184] netlink: 'syz.4.534': attribute type 12 has an invalid length.
[   80.089333][ T5180] hub 1-0:1.0: 8 ports detected
[   80.152380][ T5188] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.543' sets config #1
[   80.194610][ T5190] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   80.211880][ T5180] netdevsim netdevsim0: Direct firmware load for þ failed with error -2
[   80.275367][    T9] hid-generic 0000:0000:10001.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   80.620226][ T5205] pimreg: entered allmulticast mode
[   80.670690][ T5207] pimreg: left allmulticast mode
[   80.826062][ T5211] netlink: 'syz.2.550': attribute type 4 has an invalid length.
[   80.865225][ T5209] netem: change failed
[   80.897585][ T5212] netlink: 'syz.2.550': attribute type 4 has an invalid length.
[   80.934105][   T29] kauditd_printk_skb: 312 callbacks suppressed
[   80.934122][   T29] audit: type=1400 audit(1761576815.492:4315): avc:  denied  { mount } for  pid=5208 comm="syz.3.549" name="/" dev="hugetlbfs" ino=10686 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[   81.026197][ T5221] netlink: 'syz.2.554': attribute type 10 has an invalid length.
[   81.034209][ T5221] netlink: 40 bytes leftover after parsing attributes in process `syz.2.554'.
[   81.056139][ T5221] sch_fq: defrate 4294967295 ignored.
[   81.064857][ T5225] FAULT_INJECTION: forcing a failure.
[   81.064857][ T5225] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.078115][ T5225] CPU: 0 UID: 0 PID: 5225 Comm: syz.0.556 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   81.078167][ T5225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   81.078183][ T5225] Call Trace:
[   81.078191][ T5225]  <TASK>
[   81.078252][ T5225]  __dump_stack+0x1d/0x30
[   81.078276][ T5225]  dump_stack_lvl+0xe8/0x140
[   81.078296][ T5225]  dump_stack+0x15/0x1b
[   81.078384][ T5225]  should_fail_ex+0x265/0x280
[   81.078440][ T5225]  should_fail+0xb/0x20
[   81.078459][ T5225]  should_fail_usercopy+0x1a/0x20
[   81.078481][ T5225]  _copy_from_user+0x1c/0xb0
[   81.078523][ T5225]  ___sys_sendmsg+0xc1/0x1d0
[   81.078572][ T5225]  __sys_sendmmsg+0x178/0x300
[   81.078609][ T5225]  __x64_sys_sendmmsg+0x57/0x70
[   81.078629][ T5225]  x64_sys_call+0x1c4a/0x3000
[   81.078694][ T5225]  do_syscall_64+0xd2/0x200
[   81.078718][ T5225]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   81.078753][ T5225]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   81.078793][ T5225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.078856][ T5225] RIP: 0033:0x7f0280f3efc9
[   81.078871][ T5225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.078962][ T5225] RSP: 002b:00007f027f9a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   81.078985][ T5225] RAX: ffffffffffffffda RBX: 00007f0281195fa0 RCX: 00007f0280f3efc9
[   81.079053][ T5225] RDX: 0000000000000f00 RSI: 00002000000007c0 RDI: 0000000000000005
[   81.079074][ T5225] RBP: 00007f027f9a7090 R08: 0000000000000000 R09: 0000000000000000
[   81.079089][ T5225] R10: 000000002c000011 R11: 0000000000000246 R12: 0000000000000001
[   81.079104][ T5225] R13: 00007f0281196038 R14: 00007f0281195fa0 R15: 00007fffcb9faed8
[   81.079123][ T5225]  </TASK>
[   81.291766][ T5228] loop4: detected capacity change from 0 to 512
[   81.325104][   T29] audit: type=1326 audit(1761576815.882:4316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5229 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   81.331825][ T5231] hub 1-0:1.0: USB hub found
[   81.348696][   T29] audit: type=1326 audit(1761576815.882:4317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5229 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   81.348726][   T29] audit: type=1326 audit(1761576815.882:4318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5229 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   81.348750][   T29] audit: type=1326 audit(1761576815.882:4319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5229 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   81.348829][   T29] audit: type=1326 audit(1761576815.882:4320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5229 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   81.417358][ T5231] hub 1-0:1.0: 8 ports detected
[   81.423920][   T29] audit: type=1326 audit(1761576815.882:4321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5229 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   81.461374][ T5228] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.557: iget: bad i_size value: 38620345925642
[   81.475465][   T29] audit: type=1326 audit(1761576815.882:4322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5229 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   81.475501][   T29] audit: type=1326 audit(1761576815.882:4323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5229 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   81.533769][ T5235] netdevsim netdevsim1: Direct firmware load for þ failed with error -2
[   81.534972][   T29] audit: type=1326 audit(1761576815.882:4324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5229 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52bbcdefc9 code=0x7ffc0000
[   81.588772][ T5240] bridge0: port 1(ipvlan2) entered blocking state
[   81.592865][ T5228] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.557: couldn't read orphan inode 15 (err -117)
[   81.595425][ T5240] bridge0: port 1(ipvlan2) entered disabled state
[   81.641112][ T5240] ipvlan2: entered allmulticast mode
[   81.646546][ T5240] bridge0: entered allmulticast mode
[   81.647527][ T5228] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.654392][ T5240] ipvlan2: left allmulticast mode
[   81.669602][ T5240] bridge0: left allmulticast mode
[   81.729105][ T5249] netlink: 'syz.0.565': attribute type 4 has an invalid length.
[   81.749697][ T5253] netlink: 4 bytes leftover after parsing attributes in process `syz.4.557'.
[   81.768694][ T5249] netlink: 'syz.0.565': attribute type 4 has an invalid length.
[   81.775387][ T3409] hid-generic 0000:0000:10001.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   81.974205][ T5266] netlink: 'syz.1.569': attribute type 10 has an invalid length.
[   81.982035][ T5266] netlink: 40 bytes leftover after parsing attributes in process `syz.1.569'.
[   82.246968][ T3325] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.271068][ T5271] sch_fq: defrate 4294967295 ignored.
[   82.551563][ T5285] hub 1-0:1.0: USB hub found
[   82.565266][ T5285] hub 1-0:1.0: 8 ports detected
[   82.587112][ T5285] netdevsim netdevsim4: Direct firmware load for þ failed with error -2
[   82.645235][ T3409] hid-generic 0000:0000:10001.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   82.669432][ T5292] netlink: 'syz.3.581': attribute type 4 has an invalid length.
[   82.691465][ T5287] loop0: detected capacity change from 0 to 512
[   82.706200][ T5287] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002]
[   82.718259][ T5292] netlink: 'syz.3.581': attribute type 4 has an invalid length.
[   82.737576][ T5287] System zones: 0-2, 18-18, 34-35
[   82.905737][ T5287] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.927511][ T5297] program syz.2.583 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   82.940957][ T5297] wireguard0: entered promiscuous mode
[   82.946500][ T5297] wireguard0: entered allmulticast mode
[   83.015021][ T5287] ext4 filesystem being mounted at /118/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   83.194450][ T5293] xt_CT: No such helper "pptp"
[   84.385587][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.455468][ T5341] bridge0: port 1(ipvlan2) entered blocking state
[   84.462006][ T5341] bridge0: port 1(ipvlan2) entered disabled state
[   84.495036][ T5341] ipvlan2: entered allmulticast mode
[   84.500600][ T5341] bridge0: entered allmulticast mode
[   84.508312][ T5341] ipvlan2: left allmulticast mode
[   84.513810][ T5341] bridge0: left allmulticast mode
[   84.528734][ T5344] netlink: 'syz.4.599': attribute type 12 has an invalid length.
[   84.540643][ T5348] bridge0: port 1(ipvlan2) entered blocking state
[   84.547268][ T5348] bridge0: port 1(ipvlan2) entered disabled state
[   84.557182][ T5348] ipvlan2: entered allmulticast mode
[   84.562520][ T5348] bridge0: entered allmulticast mode
[   84.575501][ T5348] ipvlan2: left allmulticast mode
[   84.580677][ T5348] bridge0: left allmulticast mode
[   85.178145][ T3319] ==================================================================
[   85.186307][ T3319] BUG: KCSAN: data-race in shmem_getattr / shmem_recalc_inode
[   85.193818][ T3319] 
[   85.196285][ T3319] read-write to 0xffff88811a482008 of 8 bytes by task 5366 on cpu 0:
[   85.204451][ T3319]  shmem_recalc_inode+0x3b/0x200
[   85.209441][ T3319]  shmem_get_folio_gfp+0x7a3/0xd60
[   85.214683][ T3319]  shmem_write_begin+0xa8/0x190
[   85.219560][ T3319]  generic_perform_write+0x184/0x490
[   85.224893][ T3319]  shmem_file_write_iter+0xc5/0xf0
[   85.232414][ T3319]  __kernel_write_iter+0x2d6/0x540
[   85.237571][ T3319]  dump_user_range+0x61e/0x8f0
[   85.242466][ T3319]  elf_core_dump+0x1de7/0x1f80
[   85.247275][ T3319]  coredump_write+0xb12/0xe30
[   85.251985][ T3319]  vfs_coredump+0x143a/0x20d0
[   85.256699][ T3319]  get_signal+0xd84/0xf70
[   85.261061][ T3319]  arch_do_signal_or_restart+0x96/0x440
[   85.266640][ T3319]  irqentry_exit_to_user_mode+0x5b/0xa0
[   85.272217][ T3319]  irqentry_exit+0x12/0x50
[   85.276677][ T3319]  asm_exc_page_fault+0x26/0x30
[   85.281547][ T3319] 
[   85.283889][ T3319] read to 0xffff88811a482008 of 8 bytes by task 3319 on cpu 1:
[   85.291449][ T3319]  shmem_getattr+0x41/0x200
[   85.295994][ T3319]  vfs_getattr_nosec+0x146/0x1e0
[   85.300976][ T3319]  vfs_statx+0x113/0x390
[   85.305260][ T3319]  vfs_fstatat+0x115/0x170
[   85.309707][ T3319]  __se_sys_newfstatat+0x55/0x260
[   85.314822][ T3319]  __x64_sys_newfstatat+0x55/0x70
[   85.319897][ T3319]  x64_sys_call+0x135a/0x3000
[   85.324630][ T3319]  do_syscall_64+0xd2/0x200
[   85.329155][ T3319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.335071][ T3319] 
[   85.337407][ T3319] value changed: 0x0000000000002002 -> 0x0000000000002005
[   85.344525][ T3319] 
[   85.346866][ T3319] Reported by Kernel Concurrency Sanitizer on:
[   85.353037][ T3319] CPU: 1 UID: 0 PID: 3319 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[   85.364118][ T3319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   85.374461][ T3319] ==================================================================
[   85.439159][ T5374] loop4: detected capacity change from 0 to 128
[   85.455434][ T5374] vfat: Unknown parameter '“Ëu9ž3r¿Q5Mø'