last executing test programs:

6.236375605s ago: executing program 0 (id=830):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@bloom_filter={0x1e, 0x1, 0x1, 0xd697, 0x80, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2, 0xa}, 0x50)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
pwritev2(r1, &(0x7f0000001100)=[{&(0x7f0000000340)="77dea376d927864f74856d75287d06ba95192e42ead9ef1a5b1f7526a9af758ab312c204aa857a7a1a30d05d8f67af5023b1cab605da0d3ebdd06b084a6238c3554f41f2f55614131a4e001ccb4c3838f447522cd50ea7ea9dc1b46ce7488ac61d93dc73f56d96", 0x67}, {&(0x7f0000000540)="b59c0e3db2f47f0de91724e5488d18d6d28451cd77467761088e9eacc50ebcddda6a2bde2f9f2813445c4d63671db9896f7dbf3ca9ae46aec582d8871dc184d1dc99e18013c0fc3abd88051875f0d22bfbc9669675f6f3045807ad522d879f1a94409faf69d864836b00c639ebdd1abe9f84b99d9890b7da677e34b187744b722de93de841d5b0aba7bd5f912997f920bdb0d1b9222ea289ce5403d568276781c312f5a3f9bda08bb0032dfd1b3275e3ba35", 0xb2}, {&(0x7f0000000c80)="d872af9a9c1540ff6c776fac4e9c744828a2225590f5363f08424ccb8021683669ea40a8c36ce591b45e2a311228170b37fa320a454693d5ea3a4b804aa363656088b1a5c48b06318cafeb09146291f8dc24d9c764c7e1eb4c79f74e1d62ca9066eb90f65094b6a75340d9d14b6477e11e229fe1619e600901361d150696be2e256ab87326c41c0b661f12c70dd80af1dd85fecd106bb02309c0304c5ffbdf82140834c0352981fa74ea5078d6e9baf2b68d23e3a3894b3cb461de074dfe07087d9f6910f9d3cb5353204e516666635190f80c466df4fcb0bb8971de", 0xdc}, {&(0x7f0000000400)="ecb1261dc8ad45a561dc571bcba3c2909357", 0x12}, {&(0x7f0000000d80)="b6a2b9a63121689a83e62e11a063e4675547a6e530b895af6573edc672fa8a2e5ff4b18be879e17c117b178fdc30af4af8d753f4ec6cc5cbcbc7afa7ac16a0e4e45281b88f9bb8703d03c97e83159ea8e36dcce24a6fa7c0a9c8aa1efa79b6f38f9e7a218dac2411b2c3d81bacefe7de71e9415c057c4954dd85121ab418b546fb2aa2f4", 0x84}, {&(0x7f0000000e40)="e21cad9d3b366d6391d6b8b273244f363ae152cff6236cbce548356b07a828d47faf5663d10f706172c37e01bd90bc75cc5a9daed40122f14be41a710f124abdd5c9a461016a1895b1824f4e59f9923c49332c2da73190e4c55d5d3be80cdd90cb10a31012983ebe8e1ff512be348c650ac0d00cd2e8ece3a5cec6bb96340753e431393887875c14283208cf41454cb6a8393350077524cee52e8e338300ee581a69020b7e7d4d610962117c", 0xac}, {&(0x7f0000000b80)="a6cab9fabdec4088d86da98900eaee0c29759d85eadd4a35e5f5e8b9bba91f115eca66e0fc871f0fc6a1d6e188ff582d2add9427a58391aa145308cf9ee799fc5873ad270c01bdce4477d3a829499e5147c97645bb7c05f4c079", 0x5a}, {&(0x7f0000000f80)="56539055be0b34b8d4356977a9d86a8d9dad70d081dd45b82f7fd41181704f66f8b69331e8e1404e3ff6e938c639a4694d36880a932f252d15c0921841e09ac2c54fec1c083941867f230afaf74fe2594f9016a742e0f15b5212e9040b8a7a69a1081fa49ea41b95ed97960ccef9cf191b7e65d9c5069f5220da1cac18ce4fc12f8085802aceeb2cef14ab40b7b27e4584a3235303a6403bcda6de34c7b9f9e186a44e40be80cc539c778a94cffe5fc137af4838f6c3cce66f135d", 0xbb}, {&(0x7f0000001040)="4eeadc4209d7cd382d1941996cba9b98a15fecca87abe2b194f19dea04761be97dc7b9b7eddd8f5082ed187d1cd87448ba5a86607a786aefc5b6e8316d193d4f269c15b6631c139125ed6793a6d9a4cb34984bf10b0092c1d5b33cead4125b16a44dd80d543179498864b3a936c7a020eb71f3a5dba5e4acba5cfb2eddc8a9af7b016eca80dce8184240e22d75d9146c828f28e9fbcf38b5d77cbdec879cd0af02567e9ec7518995afe87ebecfce4c40f68111", 0xb3}], 0x9, 0x16a, 0x800, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x800)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000004c0)={0x64, 0x2, 0x7, 0x301, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x3}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x4}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x7c9}, @NFACCT_FILTER_VALUE={0x8}]}, @NFACCT_QUOTA={0xc}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x6}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x80000001}, @NFACCT_FLAGS={0x8}]}, 0x64}, 0x1, 0x0, 0x0, 0x440c0}, 0x4040804)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080081000000060027"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
r5 = gettid()
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r6, 0x2)
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r7, 0x2)

5.315539889s ago: executing program 0 (id=842):
r0 = epoll_create1(0x80000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="2400a17e4ac9d85f8c3f559fb6490ed3001674df270000", @ANYRES16=0x0, @ANYBLOB="00022bbd7000fbdbdf250800000008000200050000000800020000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x91511, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6dd0, 0x2}, 0x5c70, 0x7, 0x0, 0x1, 0x8, 0x6, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000))

5.193892421s ago: executing program 0 (id=844):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000002085000000700000"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x400000000000000, 0x2)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}, {@nomblk_io_submit}, {@nomblk_io_submit}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x1, 0x0, &(0x7f0000000000))
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r4, &(0x7f0000000000)='./file1\x00', 0x2001, 0x0)
linkat(r4, &(0x7f0000000100)='./file1\x00', r4, 0x0, 0x0)

4.264544635s ago: executing program 2 (id=855):
syz_emit_ethernet(0x32, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_open_dev$vcsa(&(0x7f0000000100), 0x1, 0x0)
lseek(r4, 0x0, 0x0)
close(0xffffffffffffffff)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
link(&(0x7f0000000200)='./file1\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
write$cgroup_netprio_ifpriomap(r4, &(0x7f0000000740)={'ip6_vti0', 0x32, 0x34}, 0xb)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000800)={[{@bsdgroups}, {@nodiscard}, {@oldalloc}, {@journal_async_commit}, {@nobarrier}, {@noquota}, {@abort}, {@nodiscard}, {@abort}]}, 0x64, 0x50d, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZj06Y3ueqDXvB69V5Ji3Y3aWwbfKgVRJ8Kan2vMdmEkE02ZDdtE4qm+AEEERV80hdfBD+AIAVffBShoM+KiiLa6oMP2rns7iRN091k226zafb3g8mcc2Zm/+dsmNk5M4eZAAbWOxFxLSIep2l6PiLGsvJcNsV2a2qs9+jh3bnGlESa3vhnEklWtvNZSTY/k212KiK+9uWIbybPxq1tbi3PVirl9Sxfqq+slWqbWxeWVmYXy4vl1enpqcszV2YuzUz2pJ1nI+LqF//6g+/+7EtXf/WZ23+6+fdz32pUazRbvrcdzyl/0MJW0wvN72LvBusvGOw4yjdbmBlpt8bQMyX3XnGdAABor3GO/8GI+GREnI+xGDr4dBYAAAB4DaWfH43/JRFpe8MdygEAAIDXSK45BjbJFbOxAKORyxWLrTG8H47TuUq1Vv/0QnVjdb41VnY8CrmFpUp5MhsrPB6FpJGfaqaf5C/uy09HxJsR8f2xkWa+OFetzPf74gcAAAAMiDP7+v//GWv1/wEAAIATZrzfFQAAAABeOf1/AAAAOPn0/wEAAOBE+8r1640p3Xn/9fytzY3l6q0L8+XacnFlY644V11fKy5Wq4vNZ/atHPZ5lWp17bOxunGnVC/X6qXa5tbNlerGav3m0lOvwAYAAACO0Jsfv/+HJCK2PzfSnBqGu9u0y9WA4yq/m0qyeZvd+o9vtOZ/OaJKAUdiqN8VAPom3+8KAH1T6HcFgL5LDlnecfDOb7P5J3pbHwAAoPcmPtr5/n/uwC23D14MHHt2Yhhc7v/D4Gre/+92JK+TBThRCs4AYOC99P3/Q6Xpc1UIAADoudHmlOSK2eW90cjlisWIs83XAhSShaVKeTIi3oiI348VPtDITzW3TA7tMwAAAAAAAAAAAAAAAAAAAAAAAAAALWmaRAoAAACcaBG5vyW/bj3Lf2LsvdH91weGk/+ORfaK0Ns/vvHDO7P1+vpUo/xfu+X1H2XlF/txBQMAAAAGwnO9wH+nn77TjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXnr08O7cznSUcf/xhYgYbxc/H6ea81NRiIjT/04iv2e7JCKGehB/pPHnI+3iJ41q7YZsF3+kB/G37x0YP8azb2F//OGIONOD+DDI7jeOP9fa7X+5eKc5b7//5SOeyr+ozse/2D3+DXU4/pztMsZbD35R6hj/XsRb+fbHn534SYf473YZ/xtf39rqtCz9ScRE29+f5KlYpfrKWqm2uXVhaWV2sbxYXp2enro8c2Xm0sxkaWGpUs7+to3xvY/98vFB7T/dIf74Ie1/r8v2///BnYcfaiUL7eKfe7dN/N/8NFvj2fi57LfvU1m6sXxiJ73dSu/19s9/9/ZB7Z/v0P7D/v/numz/+a9+589drgoAHIHa5tbybKVSXj+xiUYv/RhUQ+IYJr7d0w9M0zRt7FMv8TlJHIevpZno95EJAADotScn/f2uCQAAAAAAAAAAAAAAAAAAAAyuo3ic2P6Y27uppBeP0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6In3AwAA///d8Nla")
mknodat$loop(0xffffffffffffff9c, 0x0, 0x4000, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x2, 0xff6, &(0x7f0000001e00)=""/4086}, 0x94)
connect$inet6(r5, &(0x7f0000000b00)={0xa, 0xfdfe, 0x100007, @remote, 0xa}, 0x1c)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
sched_setscheduler(r0, 0x0, &(0x7f0000000000)=0x5)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)

2.428923723s ago: executing program 2 (id=869):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r3 = socket$netlink(0x10, 0x3, 0x0)
preadv(r2, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/122, 0x6}], 0x3e8, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)

2.176391497s ago: executing program 2 (id=871):
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
prctl$PR_SET_NAME(0xf, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r1, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r2, &(0x7f0000000340)='g', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)

1.458460308s ago: executing program 3 (id=883):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='kfree\x00', r0, 0x0, 0x2000000000}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0xdc}}, 0x0)
close(r1)

1.412193339s ago: executing program 3 (id=884):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, 0x0, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback, 0x7fff}, 0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x111400, 0x0)
sendto$inet6(r2, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$DEVLINK_CMD_SB_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="15e6841fdda6e01e2afd6604caf4858a665ef48a03daad9c7e023d0719adf41e006a00", @ANYRES16, @ANYBLOB="03002cbd7000fcdbdf250f000000080001007063690011000200303030303a30303a31302e300000000008000b000900000006001100c90000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b00c70000000600110001800000080001007063690011000200303030303a30303a31302e300000000008000b00ff0000000600110000000000080001007063690011000200303030303a30303a31302e300000000008000b00080000000600110006000000080001007063690011000200303030303a30303a31302e300000000008000b00ff03000006001100ff000000"], 0xf4}, 0x1, 0x0, 0x0, 0x4040020}, 0x4000004)
shutdown(r2, 0x1)

1.33508344s ago: executing program 3 (id=885):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000a40)={0x0, 0x4661, 0x800, 0x3, 0x20e}, &(0x7f0000000540)=<r3=>0x0, &(0x7f0000000680)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
io_uring_enter(r2, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
close_range(r0, r1, 0x0)

1.300222s ago: executing program 2 (id=886):
socket$kcm(0x2, 0xa, 0x2)
socket$kcm(0x2, 0xa, 0x73)
socket$packet(0x11, 0xa, 0x300)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.242461362s ago: executing program 3 (id=887):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xf}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@tail_call, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')

1.190244142s ago: executing program 3 (id=889):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={0x0}}, 0x0)

1.118764173s ago: executing program 3 (id=890):
socket$inet6(0xa, 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
socket$key(0xf, 0x3, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x1058, [{0x11}, {0x0, 0x100000000000000}]}, 0x68)
openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1.081808664s ago: executing program 2 (id=892):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x281c2, 0x120)
fcntl$setlease(r0, 0x400, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000100), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x20002, 0x0)
socket(0x10, 0x803, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000002c0)={[{@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@usrquota}, {@resgid}, {@grpquota}, {@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0xdd0}}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r2, 0x4b72, &(0x7f0000000000)={0x1, 0x5, 0xf, 0xd, 0xe4, &(0x7f0000001300)})
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffebb)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

861.725747ms ago: executing program 2 (id=896):
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
prctl$PR_SET_NAME(0xf, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r1, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r2, &(0x7f0000000340)='g', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)

780.822418ms ago: executing program 0 (id=898):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4401})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, 0x0)
syz_open_procfs(0x0, &(0x7f0000000340)='oom_score_adj\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000004c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r2 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000407d1e502d0000000000010902240001000000000904000005030006000921000033012205000905810300000c00"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000bc0)={0x2c, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000d80)={[{@grpjquota}, {@data_writeback}, {@noblock_validity}, {@sb={'sb', 0x3d, 0x5}}, {@discard}, {@data_ordered}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@fowner_lt}, {@pcr={'pcr', 0x3d, 0x32}}, {@subj_role}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='oom_adj\x00')
setresuid(0x0, 0xee00, 0x0)
write$cgroup_int(r3, &(0x7f0000000000)=0x1, 0x12)
r4 = openat(0xffffffffffffff9c, &(0x7f0000001d40)='./file1\x00', 0x0, 0x111)
ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_usb_connect$cdc_ecm(0x5, 0xfffffe4d, &(0x7f0000000100)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6c, 0x1, 0x1, 0x3, 0x40, 0x4, [{{0x9, 0x4, 0x0, 0x2, 0x3, 0x2, 0x6, 0x0, 0x83, {{0x9, 0x24, 0x6, 0x0, 0x0, "d973cbf1"}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0x100, 0x3, 0xfffd, 0x4}, [@mbim_extended={0x8, 0x24, 0x1c, 0x1000, 0x3, 0xf}, @dmm={0x7, 0x24, 0x14, 0x4, 0xe}, @country_functional={0x10, 0x24, 0x7, 0x6, 0xf9, [0x444, 0x5, 0xf665, 0xfff7, 0x6]}, @call_mgmt={0x5, 0x24, 0x1, 0x2}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x400, 0x6, 0x3, 0xdd}}], {{0x9, 0x5, 0x82, 0x2, 0x20, 0x1, 0x5, 0x4}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff, 0x42, 0x9b, 0xff}}}}}]}}]}}, &(0x7f0000000740)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x200, 0xf6, 0x1, 0x80, 0x8, 0x7}, 0x2b, &(0x7f0000000280)={0x5, 0xf, 0x2b, 0x3, [@ss_container_id={0x14, 0x10, 0x4, 0xff, "c341efe7b95c957b306656961e82e23e"}, @ext_cap={0x7, 0x10, 0x2, 0xa, 0x9, 0x1, 0x3ff}, @wireless={0xb, 0x10, 0x1, 0xd84f2dd00bd09386, 0x0, 0x8, 0x4, 0x2d5, 0x9}]}, 0x7, [{0x3b, &(0x7f0000000380)=@string={0x3b, 0x3, "5d49c65be6053c2342dee5e6fc0c2e953a76da2653835f9be553580385df4781e9fe614b3327c6ff35c3650aaeb97c38d8bc7b788fd6989cca"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x459}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x40b}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x414}}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0xc0a}}, {0x77, &(0x7f00000005c0)=@string={0x77, 0x3, "bc6330de108f5245eac465b02310a57a2f496aa9e66ad51cf1353ba6d4dcbb3517d5bfa7a3a719a2ba2c333491d16cf4d8c238c34f8c3fb3b4ceb9f5921cd8e55c7d15feeb24d2d425cc41f0f0f80f653d59c8ed1b403ee95fd4acde99b75f428797504346a910ce280cc1f77da76fc953954a0791"}}, {0xeb, &(0x7f0000000640)=@string={0xeb, 0x3, "83b5022c1b4709be0f4ee46d30b49617b9f65a67a544f5b37d1fea7817f2c930f076986212568713fea1190fa202076f812f0c789a703a9a75beef462eded28de8e87f05b8f4f9ed89dccce9c4bbe6ad8f6f60f0e5a1602b32a8fa4252c3e2cdf3c9925a74d17271ae8b9c2cc33405772733fc69018539a9ce4a206b16049174f3320fb171d5953ccc29b54628a8aeaaf43a52f05e61bc3ca7a76e235cab5082de459bd6b6152b38fd07f988755323fdbcb4206d017469b40d7a949d90c2f99edefb158c8990fc568fb44326e1674474eff0b5d889f156e00351176fc2a7cefd72843efb0e27a66701"}}]})
syz_usb_control_io$cdc_ecm(r5, &(0x7f00000009c0)={0x14, &(0x7f0000000900)={0x0, 0x31, 0x4c, {0x4c, 0x8, "2d3f3215510296d42f8457410d21f2cceaf672764f981a16bbefd7e58dbd3f67497ac5e6c4c00ced9e2e7ce4873909f0f8122ffb296da5d12ef46ee9d0ec25efe11b607ef64523b4837a"}}, &(0x7f0000000980)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000b80)={0x1c, &(0x7f0000000a00)={0x0, 0xb, 0xd2, "1581e85a4f83a85fae28e1b9c40f7d89f1a9c2c7aec9ab1e492709f270ec31811bf5a07d4333cc4c28ac002a850e1ee76b42c186713fd62d7d97615950f3af60f12cce1f5b98b22ff2696b869491f046808598d79662fa2bcdbf42fea8866424e358a0148c84312fc087ab1789076b6e9ca5d931e42c9d512c395b17bef33dc3706e8f14fa2319b9145abf70dda20a67cf98d3adb911e162a7c20892926322a84fa18857efd1aa4211c7c4faa5b7681610b55c349abfc7412146e2ed41843727a59b792f0345e5425829aa2744098dad3394"}, &(0x7f0000000b00)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000000b40)={0x0, 0x8, 0x1, 0xe}})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r6 = io_uring_setup(0x1614, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20)

576.210381ms ago: executing program 1 (id=901):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x4, 0x0, 0x0)

532.971492ms ago: executing program 1 (id=903):
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$netlink(r0, 0x10e, 0x5, &(0x7f0000000d00)=""/4096, &(0x7f00000001c0)=0x1000)
r1 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000007a03000018010000696c6c2500000000002020207b1a00fe00000000bfa100000000000007010000b8ffffffb702000008000000b70300000000000085000000ca00000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0xfe7, &(0x7f0000001e00)=""/4071}, 0x94)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000200eab556a705351e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x8b08)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newtaction={0x68, 0x30, 0xffff, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ife={0x50, 0x1, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xffffffff}}}, @TCA_IFE_METALST={0x8, 0x6, [@IFE_META_TCINDEX={0x4, 0x2, @void}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000090000000000000a20000000000a03000000000000000000030000000900010073797a30000000005c000000090a010400000000000000000300000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000023200011800e000100636f6e6e6c696d69740000000c000280080001400000000014000000c569c189190ce926945cc91000010000000000000000000000000a"], 0xa4}}, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'bond_slave_1\x00'})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000006800010000000000fbdbdf25020000000000000006000700040000000c000880050004000100000008000600f200000008000500", @ANYRES32=r8], 0x3c}, 0x1, 0x0, 0x0, 0x4402}, 0x0)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f0000000880)={0x2dc, r9, 0x130, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0xe0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10001}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "5c2165f688ef63871736e36cf63e10b6fd664f3c"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x3}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1000}, @TIPC_NLA_NODE_ID={0x9, 0x3, "df7bd4d2eb"}, @TIPC_NLA_NODE_ID={0x2f, 0x3, "25534450362f57eeaf688457f92c6715edb7d5c03a9b032a0be5e4b127e4f656f46f6f01a65ad22129348d"}, @TIPC_NLA_NODE_KEY={0x46, 0x4, {'gcm(aes)\x00', 0x1e, "1969baec54f73a101ed909687b3d6348d59ab41bd235ec73bf18111541ee"}}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x5c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffff7f}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xa}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "89eff695947e445a784547ec53dc522a0444b8a511f978860c2eb67301"}}]}, @TIPC_NLA_LINK={0x150, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5d261a80}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xf}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x12}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff7}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7f9df10e}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10a5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff16}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}]}, @TIPC_NLA_SOCK={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8001}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x71}]}]}, 0x2dc}, 0x1, 0x0, 0x0, 0x10}, 0x40004)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r10)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000002000010026bd7000010000000a000000fd0000060100010014000100fc01000063a800000400000000000001"], 0x30}, 0x1, 0x0, 0x0, 0xc0d5}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r13}, 0x10)
add_key(&(0x7f0000000040)='logon\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f00000004c0)="7d3712de7f", 0x5, 0xfffffffffffffffe)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))

512.722862ms ago: executing program 4 (id=904):
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000093acb2bccc63c2614a2895ece071239390ad0d8f45c89c16f9a53ac3b95b526ec9d8134db16d4d9bf5185cb5c4d0355b90c61c0827125da76187ae0a36d81915"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={0x0, r1}, 0x18)
getrusage(0x1, &(0x7f0000000380))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r0, 0x0, 0x7fffffffffffffff}, 0x18)
unshare(0x22020600)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r2, 0x0, 0x20000000}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r3}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@newtaction={0xb0, 0x30, 0x1, 0x0, 0x0, {}, [{0x9c, 0x1, [@m_ct={0x50, 0x2, 0x0, 0x0, {{0x7}, {0x28, 0x2, 0x0, 0x1, [@TCA_CT_ZONE={0x6, 0x4, 0xb4d}, @TCA_CT_LABELS={0x14, 0x7, "77c6236bd603e4e238015c0900"}, @TCA_CT_ZONE={0x6, 0x4, 0x9}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x9, 0x763, 0x5, 0xc, 0x9}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xb0}}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r5, 0x8004587d, &(0x7f0000000000)={0x2, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00')
pread64(r6, &(0x7f0000000100)=""/222, 0xde, 0x200000000013)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0000000a00000000000000000000000000001000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
creat(0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x658003, 0x55)
r11 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r11, 0xffffffffffffffff, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r9}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000040)=ANY=[@ANYRES16, @ANYRESHEX=r12], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

466.954063ms ago: executing program 4 (id=905):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r3, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r4, 0x5063}], 0x1, 0xffffffffffbffff8)
dup2(r3, r4)
fcntl$setown(r3, 0x8, r2)
tkill(r2, 0x13)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000500)={'\x00', 0x0, 0x200000a, 0x0, 0x8, 0x1, r2})
mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x13000, 0x4, &(0x7f0000fea000/0x13000)=nil)

450.429113ms ago: executing program 1 (id=906):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xf}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@tail_call, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')

427.377334ms ago: executing program 1 (id=907):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=<r4=>0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000400000100c2800007000300"], 0x48}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r2}, 0x8)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x52, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000400))
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x3}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a000000020000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x17, 0xc, &(0x7f0000000740)=ANY=[@ANYRES8=r4, @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095ffff571e4d5beeb91a8e059e780005acd0803eda37f14d39aa443394f750dce9530356afdea9dc60b7e18db3a2ffcf94029b9b"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r7}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r9}, 0x10)
syslog(0x4, &(0x7f0000000440)=""/223, 0xdf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x18)
r10 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r10, 0xc018937d, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r5, {0x7f}}, './bus\x00'})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs")
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)

321.624075ms ago: executing program 4 (id=908):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000580), 0x1, 0x539, &(0x7f00000005c0)="$eJzs3V9v01YfwPGfS8tT5ZHQo+d5hFBV4FA2qZVKcBIIirjBc07SA44d2Q5qr1BFW1SRwkSZtPaOG7ZJ24vgdi9id7va7d4G2kvY5D8tKW2S0pIGVd9PBOfEPjnnd1LLPzmJbQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGK5ddsuWeIZv7Os+nPrYdAasH4i72/hQDFgXBEr+SfT03IlW3Tl/x9WX07+m5NZkT9FZFamk+fTsvvvy/+5/7/Jib3XDwjoTGzv7D5f7XbXX407kDFpat9EgWk5Ta1MFKhatWrfXmpEqmE8Ha1EsW4pN9ROHIRq3l1QpVqtonRxJej4zbrj6b2F926VbbuqHhbb2gmjwL/9sBi5S8bzjN9M2ySrkzb3kg3xkYlVrJ2WUhub3fXKsCCTRqXjNCoPa1S2y+VSqVwuVe/W7t6z7clDC+yPyKEW499oMV4j2IsDJzOR53/xxIgvHVkWdeTDlbqEEkjrwNIH+7VcmvgnZOHr2w8Gjtub/2ezRbNXPqyekTT/X8ueXeuX//vEenaPbdmRXXkuq9KVrqzLq5P2dH38cznJoylafDESSSBGWuKkS1S+RElNqlIVW57IkjQkEiUNMeKJlkhWJJJYdLpFuRKKFkdiCSQUJfPiyoIoKUlNalIRJVqKsiKBdMSXptTFSXvZkM30fa8MiHG/Uek4jcoDGpH/cXqj2I0DJ/L3Xv4HAAAAAADnlpV++p4c/0/J1bTWMJ62xx0WAAAAAAD4jNJv/meTYiqpXRWL438AAAAAAM4bKz3HzhKRglzPantnQvEhAAAAAAAA50T6/f+1pCgkteticfwPAAAAAMB58+P+1Xf7XWM3av/L+u0vCcMp6017+Stry0naOVsXstdd+LjHuDFjXco7SYvqZP7M1bNWfvXL/Ytgvs+LjWFxWJ8hAPlZbmRtbqxl5dremmyUQsN4uugG3v2SOM6liVgvx9+92Pxe0un/5LcuWbKx2V0vPn3ZXUtjeZP08mYrv4DioesoDojldXq9hfSciyNnPJWeiJGPW8jGtXvnn99yYeITxnwrc1mbuUJWFg7OfzoZs1S8X5LJo2afR1E65czfys2szc35m1lxRBTl4oe/wR95nweiKPdGcaL34hhRVIr9toQ8isopowCAcdkYkoWsw4n/BHu5Q9n94iiy+1uZz9rMz6Q71smZI/bo9rA9un3K7PbroXsg9cuxybi/fJRV3yUveNd33MgrW8lbeOH11rdyeXtn99bm1uqz9WfrL8rlStW+Y9t3yzKVTiMvyD0AgCMMv8fO0BbWnSFH1f/d/0lBUZ7KS+nKmiymZxukvzg4stdCz88QFocctRZ67vCyOOSortBzo5fjt62cwV8CAICzMzckDx8n/y8OOe4+mMsHHx335vIhBt9gEAAA9KXD91Yh/sEKQ9N+UqrVSk68pFUYuI9UaOpNrYwf69BdcvymVu0wiAM38JLKY1PXkYo67XYQxqoRhKodRGY5vfO7ym/9HumW48fGjdqediKt3MCPHTdWdRO5qt35xjPRkg7TF0dt7ZqG+T3/xDvohK4uKhVp3dPQ1LUfm4ZJqr5qh6blhCvqceB1WlrVdeSGph0HWYd7Yxm/EYQtJzaBXxz3mw0AwBdie2f3+Wq3u/5qhJVxzxEAABxElgYAAAAAAAAAAAAAAAAAAAAA4Ms3stP+LuYDjPTMQiojrHzqtjHxBcRM5eSVi3JgyZh3TABG7p8AAAD//xR6Tls=")
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NET_GET(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040004)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r4, &(0x7f0000000600)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[], 0x14}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r2)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c23c000, 0x3, 0x2})
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")

290.363846ms ago: executing program 4 (id=909):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bind$packet(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = io_uring_setup(0x6ddd, &(0x7f00000002c0)={0x0, 0x62af, 0x40, 0xffffffff})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r3, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r3, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000040)=[{0x0, 0xfdfffffffffffffe}], 0x0, 0x7}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000001801000020778b250000007044192155f72dabf8ff00000000bfa100000000000007010000f8ffeb6406865fe3156b257a5975f0172deeffffb702000004000000b70300000000000085000000040000009500a7b88f2a71ed6ae4314426d9afa73b30be8bceb041b7a89569b73cb5b8a69102626cc2cb91564fc061d549c4cc243bdb06535f8e90e75dec5f31bece1cc82c2465c333fdc10775b7fe2d84ce182edc1e611e610dcacad8bf607b249f51a79cb629f458eef6b0c0209430a8d19d00002d3988bcb1f2e6420ce033abfa5722d2a71f7f080d00ec67e1a9a04088e1cedd0b25fca18583a470f3d9da4423d8cb8fa5bc3ed77212155bad2ef17ba3291c778a9681ca0f0bb94cf8ab68165f3d7b789ed626aceba6ce27291140a7eec6b647b18644af9f5bd52313ba7ebcac766026b1b9ea91c3955f46fc1caa484ebd02a4f7c606a52cf52b1fa477fca56f689602b4c5e6a912a1cadbdac79b901aa50b1440e28cf82b2f050c"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20001}, 0x94)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000000)=0x2)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x6, 0xfc, 0x1, 0x2000000}]})
write$ppp(r5, &(0x7f0000000580)="1e08c6b3a1fd17", 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x18)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mprotect(&(0x7f0000ff5000/0xb000)=nil, 0xb000, 0x300000f)
pipe(&(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
splice(r9, 0x0, r10, 0x0, 0xf3a, 0x0)
write(r7, &(0x7f0000000240)="94", 0x1)
tee(r6, r10, 0x8f5, 0x0)
write(r8, 0x0, 0x0)
faccessat2(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x3, 0x300)
r11 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYRES32=r0, @ANYBLOB="467591316cc14f977720c87834f6037e1cc197c0f91e993afdbbae00ee9860a7ac2ff50794c67a75a3fae52894379e5e7a4515ba60f0a4811e52ba12399bad3a0917923b1962b3f134b0fc7b5e3611ae688a3a73655fb00d70c0685e5ab1222e3ed6baceb4e88ce52277104b45232d222a2b7eee99929891b896fa0bafb8c3d64e1fb7420b0a049070bcf5d82ce33d3b0f07a04ff5004808e4c51a8cfe4c113e"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff28}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r11, 0x5, 0x0, 0x0, &(0x7f0000000080), 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

95.620139ms ago: executing program 0 (id=910):
r0 = socket(0x2, 0x3, 0xff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0xffffffffffffff4b, 0x240000}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmmsg$unix(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000001080)="18fcae977278aeffab01b11015896d", 0xf}], 0x1}}], 0x1, 0x0)

85.261019ms ago: executing program 1 (id=911):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = dup(r0)
eventfd2(0x2, 0x1)
ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0603d0f, &(0x7f0000000040))
ioctl$sock_qrtr_SIOCGIFADDR(r1, 0x8915, &(0x7f0000000040)={'vlan1\x00'})
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="000200000000000007"], 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000300)='fsi_master_acf_copro_command\x00', r4}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="d80000001800eb054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f00060004010c00080008000c4004000300035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece8b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0)

67.743489ms ago: executing program 4 (id=912):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b7030000070000008500000011000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xffff}, 0x18)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x218, 0x218, 0x0, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {@empty, {[0x0, 0x0, 0xff]}}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'pimreg1\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

1.28052ms ago: executing program 4 (id=913):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
lsm_set_self_attr(0x64, 0x0, 0x20, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})

711.491µs ago: executing program 1 (id=914):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x1000000, 0x800, 0x3, 0x1}, 0x20)

0s ago: executing program 0 (id=915):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="840100001900010000000000000000001d0109005000118049002100c9a7befe6f6d645a1a11b81b2c4b101c7510e19feecb90ee6bb49f6cc7a2c50fd57c06db1a75df432aa833928a0772ff8f5e9ed32d3b477d35b296674f1fe35663c0d236fd00000020010680d3"], 0x184}, 0x1, 0x0, 0x0, 0x5}, 0x0)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5}, 0x94)
write$qrtrtun(r1, &(0x7f0000000180)="88e47fb64c743ac4", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000740), r5)
sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000780)={0x1c, r7, 0x4, 0x70bd2a, 0x25dfdbfc, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0xc081}, 0x4)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000240)={0x0, 0x7ff, 0x8}, 0xc)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r9, 0x5453, 0x0)
ioctl$TIOCMBIC(r9, 0x5417, &(0x7f0000000000)=0x97b3)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x37e2f4aba9289b81, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_ext={0x1c, 0x21, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000006000000000000000100000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000d325000001000000181b0000", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000040000b7020000010000008500000085000000b7000000000000009500000000000000231cae0d08887dc22272e21f6145524b39494c3d623ea7486c84e33d10a826a1b19e0bf2b100eef1a45c718de86c59f1f8119b3830a0096c14c98cf9377dcb8772ea64aedd29bb8a681e54aebce73d22161c3a0d745a947e861c393c9c28384b8575c16c67a5aecd9ec7c727a42e2643bd67e7e8ba2269c22c254c169ffe7ae28f22cf43d64bd67553604ae290838a2d78f988a310a3eb4dd969305895720d5cf87530bc19f891fcec1d773d474c00770d82c1a2b88bc196812dda5473"], &(0x7f0000000040)='syzkaller\x00', 0x81, 0xcd, &(0x7f0000000580)=""/205, 0x40f00, 0x64, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0)={0x4, 0xb, 0x7, 0x40}, 0x10, 0x22754, 0xffffffffffffffff, 0x4, &(0x7f0000000280)=[0xffffffffffffffff, r8, 0xffffffffffffffff, r10, r4, 0xffffffffffffffff], &(0x7f00000002c0)=[{0x2, 0x5, 0x5, 0x8}, {0x3, 0x4, 0x6, 0x2}, {0x5, 0x4}, {0x2, 0x1, 0x7, 0x4}], 0x10, 0x7}, 0x94)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r11, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r13=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r12, @ANYBLOB="050300000000000000000700000008000300", @ANYRES32=r13], 0x7c}}, 0x4000048)

kernel console output (not intermixed with test programs):

rom 0 to 512
[   58.111636][ T4174] EXT4-fs: Ignoring removed i_version option
[   58.119560][ T4174] ext4: Unknown parameter 'uid'
[   58.299244][ T4195] netlink: 64 bytes leftover after parsing attributes in process `syz.1.219'.
[   58.367168][ T4196] loop0: detected capacity change from 0 to 8192
[   58.376253][ T4204] netlink: 'syz.4.224': attribute type 8 has an invalid length.
[   58.427240][ T4204] loop4: detected capacity change from 0 to 512
[   58.477540][ T4204] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   58.508308][ T4216] loop3: detected capacity change from 0 to 512
[   58.517358][ T4217] netlink: 'syz.2.229': attribute type 8 has an invalid length.
[   58.535478][ T4216] EXT4-fs: Ignoring removed i_version option
[   58.543933][ T4204] EXT4-fs (loop4): mount failed
[   58.549854][ T4216] ext4: Unknown parameter 'uid'
[   58.573055][ T4217] loop2: detected capacity change from 0 to 512
[   58.618333][ T4217] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   58.678843][ T4217] EXT4-fs (loop2): mount failed
[   58.893665][ T4232] loop3: detected capacity change from 0 to 128
[   58.935021][ T4241] loop1: detected capacity change from 0 to 512
[   58.941724][ T4241] EXT4-fs: Ignoring removed oldalloc option
[   58.948225][ T4241] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   58.958084][ T4241] EXT4-fs (loop1): orphan cleanup on readonly fs
[   58.965375][ T4241] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.236: Failed to acquire dquot type 1
[   58.978853][ T4241] EXT4-fs (loop1): 1 truncate cleaned up
[   58.994754][ T4238] loop0: detected capacity change from 0 to 8192
[   59.051791][ T4248] loop0: detected capacity change from 0 to 512
[   59.060133][ T4248] EXT4-fs: Ignoring removed i_version option
[   59.066497][ T4248] ext4: Unknown parameter 'uid'
[   59.292781][ T4263] vcan0: entered allmulticast mode
[   59.299927][ T4263] vcan0: left allmulticast mode
[   59.306335][ T4263] netlink: 8 bytes leftover after parsing attributes in process `syz.2.247'.
[   59.318342][ T4263] loop2: detected capacity change from 0 to 512
[   59.325279][ T4263] EXT4-fs: Ignoring removed bh option
[   59.331008][ T4263] EXT4-fs: Ignoring removed bh option
[   59.341062][ T4263] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   59.354734][ T4263] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   59.375528][ T4263] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   59.383691][ T4263] EXT4-fs (loop2): orphan cleanup on readonly fs
[   59.399072][ T4263] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   59.419415][ T4263] EXT4-fs (loop2): Cannot turn on quotas: error -22
[   59.426566][ T4263] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.247: Invalid block bitmap block 0 in block_group 0
[   59.440316][ T4263] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   59.457494][ T4263] EXT4-fs (loop2): 1 orphan inode deleted
[   59.630648][ T4272] loop4: detected capacity change from 0 to 8192
[   59.703223][ T4280] loop4: detected capacity change from 0 to 512
[   59.710364][ T4280] EXT4-fs: Ignoring removed i_version option
[   59.717968][ T4280] ext4: Unknown parameter 'uid'
[   59.726534][   T29] kauditd_printk_skb: 1270 callbacks suppressed
[   59.726551][   T29] audit: type=1326 audit(1751181136.974:2600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4279 comm="syz.4.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   59.756339][   T29] audit: type=1326 audit(1751181136.974:2601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4279 comm="syz.4.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   59.779827][   T29] audit: type=1326 audit(1751181136.974:2602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4279 comm="syz.4.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   59.803495][   T29] audit: type=1326 audit(1751181136.974:2603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4279 comm="syz.4.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   59.826892][   T29] audit: type=1326 audit(1751181136.974:2604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4279 comm="syz.4.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   59.840578][ T4285] netlink: 'syz.4.258': attribute type 3 has an invalid length.
[   59.850668][   T29] audit: type=1326 audit(1751181136.974:2605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4279 comm="syz.4.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   59.881576][   T29] audit: type=1326 audit(1751181136.974:2606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4279 comm="syz.4.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   59.895006][ T4285] loop4: detected capacity change from 0 to 512
[   59.904969][   T29] audit: type=1326 audit(1751181136.974:2607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4279 comm="syz.4.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   59.918550][ T4285] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   59.934637][   T29] audit: type=1326 audit(1751181136.984:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4279 comm="syz.4.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   59.967896][   T29] audit: type=1326 audit(1751181136.984:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4279 comm="syz.4.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   59.971111][ T4285] EXT4-fs (loop4): 1 truncate cleaned up
[   60.000616][ T4287] usb usb8: usbfs: process 4287 (syz.3.257) did not claim interface 0 before use
[   60.147956][ T4305] netlink: 'syz.3.266': attribute type 4 has an invalid length.
[   60.176259][ T4305] netlink: 'syz.3.266': attribute type 4 has an invalid length.
[   60.200738][ T4301] loop2: detected capacity change from 0 to 8192
[   60.245336][ T4305] usb usb8: usbfs: process 4305 (syz.3.266) did not claim interface 0 before use
[   60.335099][ T4321] netlink: 'syz.2.273': attribute type 3 has an invalid length.
[   60.392634][ T4321] loop2: detected capacity change from 0 to 512
[   60.403321][ T4321] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   60.425101][ T4321] EXT4-fs (loop2): 1 truncate cleaned up
[   60.477608][ T4304] loop1: detected capacity change from 0 to 128
[   60.487635][ T4331] netlink: 'syz.3.278': attribute type 8 has an invalid length.
[   60.540040][ T4331] loop3: detected capacity change from 0 to 512
[   60.570011][ T4331] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   60.601450][ T4341] loop4: detected capacity change from 0 to 512
[   60.627090][ T4331] EXT4-fs (loop3): mount failed
[   60.639967][ T4341] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   60.675062][ T4341] EXT4-fs (loop4): mount failed
[   60.785803][ T4349] usb usb8: usbfs: process 4349 (syz.0.284) did not claim interface 0 before use
[   60.842120][ T4356] netlink: 8 bytes leftover after parsing attributes in process `syz.4.287'.
[   60.852396][ T4356] netlink: 4 bytes leftover after parsing attributes in process `syz.4.287'.
[   60.878049][ T4360] loop0: detected capacity change from 0 to 512
[   60.886446][ T4360] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   60.897475][ T4360] EXT4-fs (loop0): 1 truncate cleaned up
[   60.984978][   T37] team0: Port device team_slave_0 removed
[   61.081985][ T4374] loop0: detected capacity change from 0 to 512
[   61.106360][ T4374] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   61.126659][ T4380] loop4: detected capacity change from 0 to 512
[   61.130729][ T4374] EXT4-fs (loop0): mount failed
[   61.142500][ T4387] validate_nla: 5 callbacks suppressed
[   61.142518][ T4387] netlink: 'syz.1.300': attribute type 4 has an invalid length.
[   61.148783][ T4380] EXT4-fs: Ignoring removed i_version option
[   61.169658][ T4387] netlink: 'syz.1.300': attribute type 4 has an invalid length.
[   61.192439][ T4380] ext4: Unknown parameter 'uid'
[   61.250363][ T4393] netlink: 'syz.3.303': attribute type 3 has an invalid length.
[   61.265229][ T4387] usb usb8: usbfs: process 4387 (syz.1.300) did not claim interface 0 before use
[   61.286291][ T4393] loop3: detected capacity change from 0 to 512
[   61.293568][ T4393] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   61.329428][ T4393] EXT4-fs (loop3): 1 truncate cleaned up
[   61.556311][ T4420] netlink: 'syz.2.315': attribute type 4 has an invalid length.
[   61.596325][ T4420] netlink: 'syz.2.315': attribute type 4 has an invalid length.
[   61.610677][ T4425] netlink: 'syz.3.317': attribute type 8 has an invalid length.
[   61.665254][ T4425] loop3: detected capacity change from 0 to 512
[   61.675245][ T4420] usb usb8: usbfs: process 4420 (syz.2.315) did not claim interface 0 before use
[   61.700056][ T4430] loop0: detected capacity change from 0 to 128
[   61.716468][ T4429] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   61.725692][ T4430] EXT4-fs: test_dummy_encryption option not supported
[   61.739984][ T4425] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   61.742882][ T4433] netlink: 'syz.2.319': attribute type 3 has an invalid length.
[   61.767892][ T4425] EXT4-fs (loop3): mount failed
[   61.851772][ T4433] loop2: detected capacity change from 0 to 512
[   61.862393][ T4433] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   61.873693][ T4437] FAULT_INJECTION: forcing a failure.
[   61.873693][ T4437] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   61.886872][ T4437] CPU: 1 UID: 0 PID: 4437 Comm: syz.1.320 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   61.886911][ T4437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   61.886927][ T4437] Call Trace:
[   61.886935][ T4437]  <TASK>
[   61.886944][ T4437]  __dump_stack+0x1d/0x30
[   61.886979][ T4437]  dump_stack_lvl+0xe8/0x140
[   61.887069][ T4437]  dump_stack+0x15/0x1b
[   61.887091][ T4437]  should_fail_ex+0x265/0x280
[   61.887129][ T4437]  should_fail+0xb/0x20
[   61.887195][ T4437]  should_fail_usercopy+0x1a/0x20
[   61.887238][ T4437]  strncpy_from_user+0x25/0x230
[   61.887269][ T4437]  ? cmp_ex_search+0x25/0x40
[   61.887298][ T4437]  strncpy_from_user_nofault+0x68/0xf0
[   61.887381][ T4437]  bpf_probe_read_user_str+0x2a/0x70
[   61.887417][ T4437]  bpf_prog_b1bc9f7c1f89903c+0x41/0x47
[   61.887465][ T4437]  bpf_trace_run3+0x10c/0x1d0
[   61.887491][ T4437]  ? __kfree_skb+0x109/0x150
[   61.887523][ T4437]  ? xa_load+0xb1/0xe0
[   61.887540][ T4437]  ? __kfree_skb+0x109/0x150
[   61.887643][ T4437]  kmem_cache_free+0x257/0x300
[   61.887673][ T4437]  __kfree_skb+0x109/0x150
[   61.887703][ T4437]  ? nlmon_xmit+0x4f/0x60
[   61.887725][ T4437]  consume_skb+0x49/0x150
[   61.887793][ T4437]  nlmon_xmit+0x4f/0x60
[   61.887814][ T4437]  dev_hard_start_xmit+0x125/0x3e0
[   61.887879][ T4437]  __dev_queue_xmit+0x10b9/0x1fb0
[   61.887912][ T4437]  ? __dev_queue_xmit+0x182/0x1fb0
[   61.887947][ T4437]  ? __rcu_read_unlock+0x4f/0x70
[   61.887978][ T4437]  __netlink_deliver_tap+0x3c3/0x500
[   61.888100][ T4437]  netlink_unicast+0x64c/0x670
[   61.888164][ T4437]  netlink_sendmsg+0x58b/0x6b0
[   61.888186][ T4437]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.888282][ T4437]  __sock_sendmsg+0x145/0x180
[   61.888308][ T4437]  ____sys_sendmsg+0x31e/0x4e0
[   61.888346][ T4437]  ___sys_sendmsg+0x17b/0x1d0
[   61.888422][ T4437]  __x64_sys_sendmsg+0xd4/0x160
[   61.888485][ T4437]  x64_sys_call+0x2999/0x2fb0
[   61.888507][ T4437]  do_syscall_64+0xd2/0x200
[   61.888524][ T4437]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   61.888564][ T4437]  ? clear_bhb_loop+0x40/0x90
[   61.888585][ T4437]  ? clear_bhb_loop+0x40/0x90
[   61.888608][ T4437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.888631][ T4437] RIP: 0033:0x7f42fc1ae929
[   61.888716][ T4437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.888734][ T4437] RSP: 002b:00007f42fa817038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.888757][ T4437] RAX: ffffffffffffffda RBX: 00007f42fc3d5fa0 RCX: 00007f42fc1ae929
[   61.888770][ T4437] RDX: 000000000400c8b4 RSI: 0000200000000040 RDI: 0000000000000003
[   61.888802][ T4437] RBP: 00007f42fa817090 R08: 0000000000000000 R09: 0000000000000000
[   61.888814][ T4437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.888877][ T4437] R13: 0000000000000000 R14: 00007f42fc3d5fa0 R15: 00007ffd097176d8
[   61.888897][ T4437]  </TASK>
[   61.914558][ T4440] loop3: detected capacity change from 0 to 512
[   61.923727][ T4411] loop4: detected capacity change from 0 to 128
[   62.007991][ T4433] EXT4-fs (loop2): 1 truncate cleaned up
[   62.213916][ T4440] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   62.224126][ T4440] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[   62.301705][ T4448] loop3: detected capacity change from 0 to 1024
[   62.371990][ T4448] ext4 filesystem being mounted at /68/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.420300][ T4457] loop1: detected capacity change from 0 to 512
[   62.473389][ T4457] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   62.485055][ T4457] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   62.495287][ T4457] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.326: Corrupt directory, running e2fsck is recommended
[   62.527594][ T4457] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   62.539506][ T4470] netlink: 'syz.2.329': attribute type 4 has an invalid length.
[   62.557718][ T4457] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.326: corrupted in-inode xattr: invalid ea_ino
[   62.577486][ T4470] netlink: 'syz.2.329': attribute type 4 has an invalid length.
[   62.605004][ T4457] EXT4-fs (loop1): Remounting filesystem read-only
[   62.618583][ T4476] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   62.645202][ T4470] usb usb8: usbfs: process 4470 (syz.2.329) did not claim interface 0 before use
[   62.705547][ T4457] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[   62.718728][ T4484] loop2: detected capacity change from 0 to 1024
[   62.734197][ T4486] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.761242][ T4484] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   62.800987][ T4484] EXT4-fs (loop2): can't mount with commit=, fs mounted w/o journal
[   62.818667][ T4486] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.857163][ T4494] netlink: 'syz.3.334': attribute type 3 has an invalid length.
[   62.897810][ T4494] loop3: detected capacity change from 0 to 512
[   62.907629][ T4486] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.933363][ T4494] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   62.967382][ T4486] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.983520][ T4494] EXT4-fs (loop3): 1 truncate cleaned up
[   63.035582][ T4486] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.061065][ T4509] loop3: detected capacity change from 0 to 1024
[   63.087202][ T4486] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.120359][ T4486] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.152902][ T4486] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.178694][ T4488] syz.4.332 (4488) used greatest stack depth: 10200 bytes left
[   63.188079][ T4509] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.209541][ T4509] EXT4-fs error (device loop3): ext4_map_blocks:816: inode #15: block 8: comm syz.3.341: lblock 8 mapped to illegal pblock 8 (length 1)
[   63.218783][ T4516] loop4: detected capacity change from 0 to 512
[   63.225284][ T4509] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 117
[   63.242188][ T4509] EXT4-fs (loop3): This should not happen!! Data will be lost
[   63.242188][ T4509] 
[   63.249825][ T4516] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   63.262336][ T4516] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[   63.342584][ T4509] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   63.565049][ T4521] loop4: detected capacity change from 0 to 1024
[   63.580748][ T4509] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 475 with error 28
[   63.593319][ T4509] EXT4-fs (loop3): This should not happen!! Data will be lost
[   63.593319][ T4509] 
[   63.603030][ T4509] EXT4-fs (loop3): Total free blocks count 0
[   63.609150][ T4509] EXT4-fs (loop3): Free/Dirty block details
[   63.615120][ T4509] EXT4-fs (loop3): free_blocks=4293918720
[   63.620903][ T4509] EXT4-fs (loop3): dirty_blocks=480
[   63.626149][ T4509] EXT4-fs (loop3): Block reservation details
[   63.632195][ T4509] EXT4-fs (loop3): i_reserved_data_blocks=30
[   63.691113][ T4521] ext4 filesystem being mounted at /70/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.741804][ T4528] loop2: detected capacity change from 0 to 512
[   63.760598][ T4528] EXT4-fs: Ignoring removed i_version option
[   63.769973][ T4528] ext4: Unknown parameter 'uid'
[   63.812263][ T4509] syz.3.341 (4509) used greatest stack depth: 9640 bytes left
[   63.821515][   T57] EXT4-fs error (device loop3): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 7)
[   64.073681][ T4546] loop2: detected capacity change from 0 to 1024
[   64.113165][ T4553] loop4: detected capacity change from 0 to 512
[   64.117683][ T4546] FAULT_INJECTION: forcing a failure.
[   64.117683][ T4546] name failslab, interval 1, probability 0, space 0, times 0
[   64.132438][ T4546] CPU: 0 UID: 0 PID: 4546 Comm: syz.2.349 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   64.132471][ T4546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   64.132487][ T4546] Call Trace:
[   64.132502][ T4546]  <TASK>
[   64.132511][ T4546]  __dump_stack+0x1d/0x30
[   64.132537][ T4546]  dump_stack_lvl+0xe8/0x140
[   64.132568][ T4546]  dump_stack+0x15/0x1b
[   64.132584][ T4546]  should_fail_ex+0x265/0x280
[   64.132623][ T4546]  should_failslab+0x8c/0xb0
[   64.132654][ T4546]  kmem_cache_alloc_noprof+0x50/0x310
[   64.132767][ T4546]  ? ext4_init_io_end+0x31/0xb0
[   64.132862][ T4546]  ext4_init_io_end+0x31/0xb0
[   64.133057][ T4546]  ext4_do_writepages+0x787/0x21c0
[   64.133103][ T4546]  ? should_failslab+0x8c/0xb0
[   64.133130][ T4546]  ? kmem_cache_alloc_noprof+0x186/0x310
[   64.133186][ T4546]  ? rb_insert_color+0x71/0x2b0
[   64.133217][ T4546]  ? __es_insert_extent+0xc27/0xee0
[   64.133238][ T4546]  ? count_rsvd+0x74/0x370
[   64.133261][ T4546]  ? should_fail_ex+0x30/0x280
[   64.133304][ T4546]  ext4_writepages+0x176/0x300
[   64.133378][ T4546]  ? __pfx_ext4_writepages+0x10/0x10
[   64.133409][ T4546]  do_writepages+0x1c6/0x310
[   64.133439][ T4546]  ? rb_next+0x5c/0x80
[   64.133516][ T4546]  ? _raw_write_unlock+0xd/0x30
[   64.133540][ T4546]  ? xas_load+0x413/0x430
[   64.133569][ T4546]  ? _raw_spin_unlock+0x26/0x50
[   64.133598][ T4546]  ? wbc_attach_and_unlock_inode+0x91/0x2b0
[   64.133645][ T4546]  filemap_write_and_wait_range+0x144/0x340
[   64.133832][ T4546]  kiocb_write_and_wait+0x7a/0x110
[   64.133887][ T4546]  __iomap_dio_rw+0x52f/0x1250
[   64.134013][ T4546]  ? avc_has_perm_noaudit+0x1b1/0x200
[   64.134061][ T4546]  iomap_dio_rw+0x40/0x90
[   64.134171][ T4546]  ext4_file_read_iter+0x20f/0x290
[   64.134202][ T4546]  copy_splice_read+0x3c4/0x5f0
[   64.134258][ T4546]  ? __pfx_ext4_file_splice_read+0x10/0x10
[   64.134288][ T4546]  splice_direct_to_actor+0x290/0x680
[   64.134326][ T4546]  ? __pfx_direct_splice_actor+0x10/0x10
[   64.134360][ T4546]  do_splice_direct+0xda/0x150
[   64.134431][ T4546]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   64.134515][ T4546]  do_sendfile+0x380/0x650
[   64.134548][ T4546]  __x64_sys_sendfile64+0x105/0x150
[   64.134638][ T4546]  x64_sys_call+0xb39/0x2fb0
[   64.134681][ T4546]  do_syscall_64+0xd2/0x200
[   64.134700][ T4546]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   64.134733][ T4546]  ? clear_bhb_loop+0x40/0x90
[   64.134760][ T4546]  ? clear_bhb_loop+0x40/0x90
[   64.134788][ T4546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.134874][ T4546] RIP: 0033:0x7f5d3e0fe929
[   64.134893][ T4546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.134915][ T4546] RSP: 002b:00007f5d3c767038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   64.134938][ T4546] RAX: ffffffffffffffda RBX: 00007f5d3e325fa0 RCX: 00007f5d3e0fe929
[   64.134952][ T4546] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[   64.134967][ T4546] RBP: 00007f5d3c767090 R08: 0000000000000000 R09: 0000000000000000
[   64.134982][ T4546] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[   64.134996][ T4546] R13: 0000000000000000 R14: 00007f5d3e325fa0 R15: 00007ffd4415ad68
[   64.135069][ T4546]  </TASK>
[   64.464820][ T4553] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   64.496394][ T4553] EXT4-fs (loop4): 1 truncate cleaned up
[   64.558575][ T4546] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.349: Allocating blocks 497-513 which overlap fs metadata
[   64.633154][ T4545] EXT4-fs (loop2): pa ffff888106a6f0e0: logic 128, phys. 273, len 15
[   64.641385][ T4545] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   64.770216][ T4575] loop1: detected capacity change from 0 to 512
[   64.804181][ T4575] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   64.831079][ T4575] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[   64.844740][ T4572] usb usb8: usbfs: process 4572 (syz.4.360) did not claim interface 0 before use
[   64.855958][   T29] kauditd_printk_skb: 1024 callbacks suppressed
[   64.855976][   T29] audit: type=1326 audit(1751181142.114:3630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4580 comm="syz.0.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   64.897749][ T4581] loop0: detected capacity change from 0 to 512
[   64.914463][ T4587] loop1: detected capacity change from 0 to 1024
[   64.930920][   T29] audit: type=1326 audit(1751181142.144:3631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4580 comm="syz.0.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   64.954448][   T29] audit: type=1326 audit(1751181142.144:3632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4580 comm="syz.0.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   64.977851][   T29] audit: type=1326 audit(1751181142.144:3633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4580 comm="syz.0.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   65.001425][   T29] audit: type=1326 audit(1751181142.144:3634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4580 comm="syz.0.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   65.024995][   T29] audit: type=1326 audit(1751181142.144:3635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4580 comm="syz.0.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   65.048479][   T29] audit: type=1326 audit(1751181142.144:3636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4580 comm="syz.0.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   65.072050][   T29] audit: type=1326 audit(1751181142.144:3637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4580 comm="syz.0.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   65.095586][   T29] audit: type=1326 audit(1751181142.144:3638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4580 comm="syz.0.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   65.119540][   T29] audit: type=1326 audit(1751181142.144:3639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4580 comm="syz.0.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   65.147348][ T4587] ext4 filesystem being mounted at /65/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.159474][ T4581] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   65.176374][ T4581] EXT4-fs (loop0): mount failed
[   65.181566][ T4588] loop3: detected capacity change from 0 to 512
[   65.191004][ T4588] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   65.204033][ T4588] EXT4-fs (loop3): 1 truncate cleaned up
[   65.625472][ T4627] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.648548][ T4627] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   65.671153][ T4655] netlink: 8 bytes leftover after parsing attributes in process `syz.4.375'.
[   65.739036][ T4628] @: renamed from vlan0 (while UP)
[   65.771081][ T4662] loop1: detected capacity change from 0 to 512
[   65.780875][ T4662] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   65.799281][ T4662] EXT4-fs (loop1): 1 truncate cleaned up
[   65.887708][ T4670] loop0: detected capacity change from 0 to 128
[   65.919926][ T4670] EXT4-fs: test_dummy_encryption option not supported
[   66.180921][ T4683] validate_nla: 6 callbacks suppressed
[   66.180939][ T4683] netlink: 'syz.2.386': attribute type 10 has an invalid length.
[   66.219536][ T4683] team0: Device veth1_macvtap is up. Set it down before adding it as a team port
[   66.427900][ T4694] netlink: 'syz.3.392': attribute type 4 has an invalid length.
[   66.435799][ T4690] netlink: 8 bytes leftover after parsing attributes in process `syz.2.389'.
[   66.449751][ T4690] netlink: 4 bytes leftover after parsing attributes in process `syz.2.389'.
[   66.451197][ T4694] netlink: 'syz.3.392': attribute type 4 has an invalid length.
[   66.515297][ T4694] usb usb8: usbfs: process 4694 (syz.3.392) did not claim interface 0 before use
[   66.565384][ T4702] netlink: 'syz.3.396': attribute type 8 has an invalid length.
[   66.590527][ T4702] loop3: detected capacity change from 0 to 512
[   66.616437][ T4702] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   66.616596][ T4704] netlink: 'syz.2.397': attribute type 8 has an invalid length.
[   66.640176][ T4702] EXT4-fs (loop3): mount failed
[   66.688974][ T4704] loop2: detected capacity change from 0 to 512
[   66.699529][ T4709] IPv4: Oversized IP packet from 127.202.26.0
[   66.737314][ T4704] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   66.753322][ T4704] EXT4-fs (loop2): mount failed
[   66.769489][ T4714] netlink: 'syz.3.399': attribute type 8 has an invalid length.
[   66.808468][ T4714] loop3: detected capacity change from 0 to 512
[   66.837083][ T4714] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   66.874151][ T4714] EXT4-fs (loop3): mount failed
[   67.021871][ T4718] netlink: 64 bytes leftover after parsing attributes in process `syz.1.400'.
[   67.082909][ T4720] mmap: syz.1.401 (4720) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   67.465224][ T4728] netlink: 4 bytes leftover after parsing attributes in process `syz.1.404'.
[   67.646550][ T4732] netlink: 'syz.1.406': attribute type 4 has an invalid length.
[   67.727171][ T4738] netlink: 'syz.1.406': attribute type 4 has an invalid length.
[   67.815299][ T4732] usb usb8: usbfs: process 4732 (syz.1.406) did not claim interface 0 before use
[   67.946706][ T4749] netlink: 'syz.2.412': attribute type 4 has an invalid length.
[   67.964733][ T4749] netlink: 'syz.2.412': attribute type 4 has an invalid length.
[   68.025352][ T4749] usb usb8: usbfs: process 4749 (syz.2.412) did not claim interface 0 before use
[   68.090583][ T4753] loop2: detected capacity change from 0 to 1024
[   68.135400][ T4753] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.158118][ T4753] SELinux: security policydb version 18 (MLS) not backwards compatible
[   68.184948][ T4753] SELinux: failed to load policy
[   68.208094][ T4758] netlink: 4 bytes leftover after parsing attributes in process `syz.0.416'.
[   68.266536][ T4759] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.415: bg 0: block 393: padding at end of block bitmap is not set
[   68.313504][ T4759] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1264 with error 117
[   68.326317][ T4759] EXT4-fs (loop2): This should not happen!! Data will be lost
[   68.326317][ T4759] 
[   68.377979][ T4759] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28
[   68.390569][ T4759] EXT4-fs (loop2): This should not happen!! Data will be lost
[   68.390569][ T4759] 
[   68.400306][ T4759] EXT4-fs (loop2): Total free blocks count 0
[   68.406527][ T4759] EXT4-fs (loop2): Free/Dirty block details
[   68.412497][ T4759] EXT4-fs (loop2): free_blocks=0
[   68.417513][ T4759] EXT4-fs (loop2): dirty_blocks=32
[   68.422667][ T4759] EXT4-fs (loop2): Block reservation details
[   68.428732][ T4759] EXT4-fs (loop2): i_reserved_data_blocks=2
[   68.615321][ T4770] usb usb8: usbfs: process 4770 (syz.2.420) did not claim interface 0 before use
[   68.616539][ T4774] loop4: detected capacity change from 0 to 512
[   68.665716][ T4774] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   68.747581][ T4774] EXT4-fs (loop4): mount failed
[   68.777826][ T4780] loop2: detected capacity change from 0 to 2048
[   68.830310][ T4780] EXT4-fs mount: 42 callbacks suppressed
[   68.830325][ T4780] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.882034][ T4780] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.424: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   68.900055][ T4794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.427'.
[   68.936706][ T4780] EXT4-fs (loop2): Remounting filesystem read-only
[   69.068422][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.091207][ T4811] FAULT_INJECTION: forcing a failure.
[   69.091207][ T4811] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.104462][ T4811] CPU: 1 UID: 0 PID: 4811 Comm: syz.0.435 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   69.104497][ T4811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   69.104513][ T4811] Call Trace:
[   69.104521][ T4811]  <TASK>
[   69.104531][ T4811]  __dump_stack+0x1d/0x30
[   69.104577][ T4811]  dump_stack_lvl+0xe8/0x140
[   69.104679][ T4811]  dump_stack+0x15/0x1b
[   69.104700][ T4811]  should_fail_ex+0x265/0x280
[   69.104752][ T4811]  should_fail+0xb/0x20
[   69.104832][ T4811]  should_fail_usercopy+0x1a/0x20
[   69.104870][ T4811]  _copy_from_user+0x1c/0xb0
[   69.104890][ T4811]  ucma_resolve_addr+0x52/0x2d0
[   69.104954][ T4811]  ucma_write+0x1b3/0x250
[   69.104979][ T4811]  ? __pfx_ucma_write+0x10/0x10
[   69.105003][ T4811]  vfs_write+0x266/0x8e0
[   69.105113][ T4811]  ? __rcu_read_unlock+0x4f/0x70
[   69.105142][ T4811]  ? __fget_files+0x184/0x1c0
[   69.105171][ T4811]  ksys_write+0xda/0x1a0
[   69.105241][ T4811]  __x64_sys_write+0x40/0x50
[   69.105296][ T4811]  x64_sys_call+0x2cdd/0x2fb0
[   69.105336][ T4811]  do_syscall_64+0xd2/0x200
[   69.105356][ T4811]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   69.105381][ T4811]  ? clear_bhb_loop+0x40/0x90
[   69.105453][ T4811]  ? clear_bhb_loop+0x40/0x90
[   69.105551][ T4811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.105579][ T4811] RIP: 0033:0x7fd1259de929
[   69.105598][ T4811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.105621][ T4811] RSP: 002b:00007fd124047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   69.105675][ T4811] RAX: ffffffffffffffda RBX: 00007fd125c05fa0 RCX: 00007fd1259de929
[   69.105740][ T4811] RDX: 0000000000000118 RSI: 00002000000005c0 RDI: 0000000000000003
[   69.105751][ T4811] RBP: 00007fd124047090 R08: 0000000000000000 R09: 0000000000000000
[   69.105772][ T4811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.105786][ T4811] R13: 0000000000000000 R14: 00007fd125c05fa0 R15: 00007ffeedfea1c8
[   69.105872][ T4811]  </TASK>
[   69.389777][ T4815] usb usb8: usbfs: process 4815 (syz.2.434) did not claim interface 0 before use
[   69.814662][ T4830] rdma_op ffff88811c78bd80 conn xmit_rdma 0000000000000000
[   69.941144][ T4832] netlink: 4 bytes leftover after parsing attributes in process `syz.4.441'.
[   70.207325][ T4835] loop0: detected capacity change from 0 to 512
[   70.251515][ T4835] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   70.274775][ T4835] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[   70.293812][   T29] kauditd_printk_skb: 1142 callbacks suppressed
[   70.293829][   T29] audit: type=1326 audit(1751181147.544:4777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.4.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   70.374627][   T29] audit: type=1326 audit(1751181147.574:4778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.4.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   70.398111][   T29] audit: type=1326 audit(1751181147.574:4779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.4.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   70.421626][   T29] audit: type=1326 audit(1751181147.574:4780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.4.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   70.445293][   T29] audit: type=1326 audit(1751181147.574:4781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.4.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   70.468843][   T29] audit: type=1326 audit(1751181147.574:4782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.4.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   70.492182][   T29] audit: type=1326 audit(1751181147.604:4783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.4.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   70.515609][   T29] audit: type=1326 audit(1751181147.604:4784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.4.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   70.539050][   T29] audit: type=1326 audit(1751181147.604:4785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.4.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   70.562627][   T29] audit: type=1326 audit(1751181147.604:4786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4837 comm="syz.4.444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   70.610437][ T4835] loop0: detected capacity change from 0 to 1024
[   70.660930][ T4835] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.710099][ T4835] ext4 filesystem being mounted at /85/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.755249][ T4850] usb usb8: usbfs: process 4850 (syz.1.448) did not claim interface 0 before use
[   70.767941][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.842467][ T4859] loop1: detected capacity change from 0 to 1024
[   70.927627][ T4861] loop0: detected capacity change from 0 to 512
[   70.966097][ T4867] batman_adv: batadv0: Adding interface: team0
[   70.972330][ T4867] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.997866][ T4867] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   71.010072][ T4881] netlink: 2 bytes leftover after parsing attributes in process `syz.2.455'.
[   71.033107][ T4859] 9pnet_fd: Insufficient options for proto=fd
[   71.044947][ T4861] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   71.050238][ T4887] FAULT_INJECTION: forcing a failure.
[   71.050238][ T4887] name failslab, interval 1, probability 0, space 0, times 0
[   71.069888][ T4861] EXT4-fs (loop0): mount failed
[   71.072378][ T4887] CPU: 1 UID: 0 PID: 4887 Comm: syz.3.457 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   71.072418][ T4887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   71.072436][ T4887] Call Trace:
[   71.072447][ T4887]  <TASK>
[   71.072458][ T4887]  __dump_stack+0x1d/0x30
[   71.072594][ T4887]  dump_stack_lvl+0xe8/0x140
[   71.072622][ T4887]  dump_stack+0x15/0x1b
[   71.072645][ T4887]  should_fail_ex+0x265/0x280
[   71.072687][ T4887]  should_failslab+0x8c/0xb0
[   71.072719][ T4887]  kmem_cache_alloc_node_noprof+0x57/0x320
[   71.072821][ T4887]  ? __alloc_skb+0x101/0x320
[   71.072864][ T4887]  __alloc_skb+0x101/0x320
[   71.072937][ T4887]  netlink_alloc_large_skb+0xba/0xf0
[   71.072982][ T4887]  netlink_sendmsg+0x3cf/0x6b0
[   71.073011][ T4887]  ? __pfx_netlink_sendmsg+0x10/0x10
[   71.073115][ T4887]  __sock_sendmsg+0x145/0x180
[   71.073151][ T4887]  ____sys_sendmsg+0x31e/0x4e0
[   71.073243][ T4887]  ___sys_sendmsg+0x17b/0x1d0
[   71.073309][ T4887]  __x64_sys_sendmsg+0xd4/0x160
[   71.073385][ T4887]  x64_sys_call+0x2999/0x2fb0
[   71.073416][ T4887]  do_syscall_64+0xd2/0x200
[   71.073442][ T4887]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.073515][ T4887]  ? clear_bhb_loop+0x40/0x90
[   71.073544][ T4887]  ? clear_bhb_loop+0x40/0x90
[   71.073644][ T4887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.073673][ T4887] RIP: 0033:0x7f19396be929
[   71.073696][ T4887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.073721][ T4887] RSP: 002b:00007f1937d27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   71.073747][ T4887] RAX: ffffffffffffffda RBX: 00007f19398e5fa0 RCX: 00007f19396be929
[   71.073799][ T4887] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000003
[   71.073814][ T4887] RBP: 00007f1937d27090 R08: 0000000000000000 R09: 0000000000000000
[   71.073831][ T4887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.073850][ T4887] R13: 0000000000000000 R14: 00007f19398e5fa0 R15: 00007ffcbe4e4178
[   71.073876][ T4887]  </TASK>
[   71.087226][ T4881] team0: entered promiscuous mode
[   71.291175][ T4881] team_slave_1: entered promiscuous mode
[   71.298061][ T4881] 8021q: adding VLAN 0 to HW filter on device team0
[   71.306689][ T4881] batman_adv: batadv0: Interface activated: team0
[   71.313279][ T4881] batman_adv: batadv0: Interface deactivated: team0
[   71.320115][ T4881] batman_adv: batadv0: Removing interface: team0
[   71.328494][ T4881] bridge0: port 3(team0) entered blocking state
[   71.334855][ T4881] bridge0: port 3(team0) entered disabled state
[   71.341319][ T4881] team0: entered allmulticast mode
[   71.348337][ T4881] team_slave_1: entered allmulticast mode
[   71.356056][ T4881] bridge0: port 3(team0) entered blocking state
[   71.362384][ T4881] bridge0: port 3(team0) entered forwarding state
[   71.503942][ T4902] netlink: 12 bytes leftover after parsing attributes in process `syz.4.461'.
[   71.517865][ T4899] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   71.540979][ T4905] loop4: detected capacity change from 0 to 512
[   71.549640][ T4905] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   71.566187][ T4905] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[   71.602557][ T4905] loop4: detected capacity change from 0 to 1024
[   71.617639][ T4905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.630468][ T4905] ext4 filesystem being mounted at /99/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.650473][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.774498][ T4926] netlink: 64 bytes leftover after parsing attributes in process `syz.2.469'.
[   71.884127][ T4929] netlink: 132 bytes leftover after parsing attributes in process `syz.0.470'.
[   71.946291][ T4938] netlink: 12 bytes leftover after parsing attributes in process `syz.4.472'.
[   71.985926][ T4929] FAULT_INJECTION: forcing a failure.
[   71.985926][ T4929] name failslab, interval 1, probability 0, space 0, times 0
[   72.000462][ T4929] CPU: 1 UID: 0 PID: 4929 Comm: syz.0.470 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   72.000498][ T4929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   72.000514][ T4929] Call Trace:
[   72.000522][ T4929]  <TASK>
[   72.000531][ T4929]  __dump_stack+0x1d/0x30
[   72.000559][ T4929]  dump_stack_lvl+0xe8/0x140
[   72.000578][ T4929]  dump_stack+0x15/0x1b
[   72.000644][ T4929]  should_fail_ex+0x265/0x280
[   72.000680][ T4929]  should_failslab+0x8c/0xb0
[   72.000706][ T4929]  kmem_cache_alloc_node_noprof+0x57/0x320
[   72.000797][ T4929]  ? __alloc_skb+0x101/0x320
[   72.000827][ T4929]  __alloc_skb+0x101/0x320
[   72.000918][ T4929]  netlink_alloc_large_skb+0xba/0xf0
[   72.000950][ T4929]  netlink_sendmsg+0x3cf/0x6b0
[   72.001034][ T4929]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.001058][ T4929]  __sock_sendmsg+0x145/0x180
[   72.001082][ T4929]  ____sys_sendmsg+0x31e/0x4e0
[   72.001199][ T4929]  ___sys_sendmsg+0x17b/0x1d0
[   72.001257][ T4929]  __x64_sys_sendmsg+0xd4/0x160
[   72.001301][ T4929]  x64_sys_call+0x2999/0x2fb0
[   72.001329][ T4929]  do_syscall_64+0xd2/0x200
[   72.001425][ T4929]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   72.001464][ T4929]  ? clear_bhb_loop+0x40/0x90
[   72.001492][ T4929]  ? clear_bhb_loop+0x40/0x90
[   72.001518][ T4929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.001537][ T4929] RIP: 0033:0x7fd1259de929
[   72.001584][ T4929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.001601][ T4929] RSP: 002b:00007fd124047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.001620][ T4929] RAX: ffffffffffffffda RBX: 00007fd125c05fa0 RCX: 00007fd1259de929
[   72.001636][ T4929] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000a
[   72.001650][ T4929] RBP: 00007fd124047090 R08: 0000000000000000 R09: 0000000000000000
[   72.001665][ T4929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.001679][ T4929] R13: 0000000000000000 R14: 00007fd125c05fa0 R15: 00007ffeedfea1c8
[   72.001738][ T4929]  </TASK>
[   72.376585][ T4950] validate_nla: 9 callbacks suppressed
[   72.376601][ T4950] netlink: 'syz.1.478': attribute type 8 has an invalid length.
[   72.546558][ T4956] loop1: detected capacity change from 0 to 512
[   72.641243][ T4956] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   72.691516][ T4956] EXT4-fs (loop1): mount failed
[   72.892092][ T4968] netlink: 64 bytes leftover after parsing attributes in process `syz.2.483'.
[   73.021422][ T4980] loop0: detected capacity change from 0 to 512
[   73.028881][ T4980] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   73.048484][ T4980] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[   73.077022][ T4980] loop0: detected capacity change from 0 to 1024
[   73.096228][ T4980] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.109066][ T4980] ext4 filesystem being mounted at /95/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.177286][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.195615][ T4984] loop4: detected capacity change from 0 to 764
[   73.243619][ T4984] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   73.666656][ T5005] loop0: detected capacity change from 0 to 764
[   73.696978][ T5005] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   73.788771][ T5011] loop2: detected capacity change from 0 to 512
[   73.817317][ T5011] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   73.852111][ T5014] netlink: 'syz.0.501': attribute type 8 has an invalid length.
[   73.853596][ T5011] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[   73.869234][ T5014] loop0: detected capacity change from 0 to 512
[   73.897134][ T5014] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   73.920614][ T5011] loop2: detected capacity change from 0 to 1024
[   73.940753][ T5014] EXT4-fs (loop0): mount failed
[   73.944173][ T5011] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.973423][ T5011] ext4 filesystem being mounted at /107/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.008054][ T5022] loop1: detected capacity change from 0 to 764
[   74.073541][ T5022] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   74.103491][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.253643][ T5030] netlink: 'syz.2.507': attribute type 3 has an invalid length.
[   74.333726][ T5030] loop2: detected capacity change from 0 to 512
[   74.345736][ T5030] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   74.390450][ T5030] EXT4-fs (loop2): 1 truncate cleaned up
[   74.399002][ T5030] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.442201][ T5030] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.484625][ T4994] syz.4.493 (4994) used greatest stack depth: 7160 bytes left
[   74.526722][ T5038] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   74.581485][ T5050] loop3: detected capacity change from 0 to 512
[   74.590718][ T5050] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   74.592724][ T5049] SELinux: syz.1.513 (5049) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   74.601906][ T5050] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[   74.659299][ T5054] Driver unsupported XDP return value 0 on prog  (id 305) dev N/A, expect packet loss!
[   74.683498][ T3387] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   74.694247][ T3387] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   74.704581][ T5049] loop1: detected capacity change from 0 to 1024
[   74.711830][ T5057] random: crng reseeded on system resumption
[   74.749932][ T5049] EXT4-fs: Ignoring removed bh option
[   74.761011][ T5059] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.773221][ T5049] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   74.798762][ T5049] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.802415][ T5059] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   74.822175][ T5057] loop3: detected capacity change from 0 to 764
[   74.842506][ T5057] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   74.859048][ T5060] fido_id[5060]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   74.891428][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.969607][ T5075] xt_hashlimit: size too large, truncated to 1048576
[   75.008292][ T5080] loop1: detected capacity change from 0 to 128
[   75.232839][ T5100] loop3: detected capacity change from 0 to 512
[   75.534014][ T5113] netlink: 64 bytes leftover after parsing attributes in process `syz.2.539'.
[   75.548722][ T5115] loop0: detected capacity change from 0 to 1024
[   75.573654][ T5115] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   75.611185][ T5115] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.653130][   T29] kauditd_printk_skb: 730 callbacks suppressed
[   75.653144][   T29] audit: type=1400 audit(1751181152.904:5514): avc:  denied  { append } for  pid=5114 comm="syz.0.540" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   75.655831][ T5115] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.540: missing EA_INODE flag
[   75.693835][ T5116] loop1: detected capacity change from 0 to 128
[   75.718790][ T5115] EXT4-fs (loop0): Remounting filesystem read-only
[   75.725482][ T5115] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   75.825750][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.908516][ T5128] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   76.001450][ T5136] FAULT_INJECTION: forcing a failure.
[   76.001450][ T5136] name failslab, interval 1, probability 0, space 0, times 0
[   76.014155][ T5136] CPU: 0 UID: 0 PID: 5136 Comm: syz.0.548 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   76.014199][ T5136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   76.014216][ T5136] Call Trace:
[   76.014225][ T5136]  <TASK>
[   76.014235][ T5136]  __dump_stack+0x1d/0x30
[   76.014295][ T5136]  dump_stack_lvl+0xe8/0x140
[   76.014317][ T5136]  dump_stack+0x15/0x1b
[   76.014339][ T5136]  should_fail_ex+0x265/0x280
[   76.014379][ T5136]  ? sctp_association_new+0x71/0x1200
[   76.014417][ T5136]  should_failslab+0x8c/0xb0
[   76.014441][ T5136]  __kmalloc_cache_noprof+0x4c/0x320
[   76.014518][ T5136]  sctp_association_new+0x71/0x1200
[   76.014556][ T5136]  ? sctp_has_association+0x7a/0xa0
[   76.014671][ T5136]  ? sctp_v4_scope+0x140/0x150
[   76.014781][ T5136]  sctp_connect_new_asoc+0x1a8/0x3a0
[   76.014820][ T5136]  ? __rcu_read_unlock+0x4f/0x70
[   76.014850][ T5136]  __sctp_connect+0x424/0x7a0
[   76.014911][ T5136]  ? release_sock+0x116/0x150
[   76.014950][ T5136]  sctp_inet_connect+0xe8/0x110
[   76.014982][ T5136]  ? __pfx_sctp_inet_connect+0x10/0x10
[   76.015014][ T5136]  __sys_connect+0x1ef/0x2b0
[   76.015061][ T5136]  __x64_sys_connect+0x3f/0x50
[   76.015127][ T5136]  x64_sys_call+0x1daa/0x2fb0
[   76.015159][ T5136]  do_syscall_64+0xd2/0x200
[   76.015183][ T5136]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.015245][ T5136]  ? clear_bhb_loop+0x40/0x90
[   76.015351][ T5136]  ? clear_bhb_loop+0x40/0x90
[   76.015375][ T5136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.015396][ T5136] RIP: 0033:0x7fd1259de929
[   76.015410][ T5136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.015431][ T5136] RSP: 002b:00007fd124047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   76.015455][ T5136] RAX: ffffffffffffffda RBX: 00007fd125c05fa0 RCX: 00007fd1259de929
[   76.015517][ T5136] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[   76.015530][ T5136] RBP: 00007fd124047090 R08: 0000000000000000 R09: 0000000000000000
[   76.015541][ T5136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.015555][ T5136] R13: 0000000000000000 R14: 00007fd125c05fa0 R15: 00007ffeedfea1c8
[   76.015579][ T5136]  </TASK>
[   76.352800][ T5141] netlink: 64 bytes leftover after parsing attributes in process `syz.3.551'.
[   76.393837][   T29] audit: type=1400 audit(1751181153.644:5515): avc:  denied  { create } for  pid=5144 comm="syz.3.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   76.433208][   T29] audit: type=1400 audit(1751181153.644:5516): avc:  denied  { write } for  pid=5144 comm="syz.3.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   76.466661][ T5148] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[   76.474434][ T5148] audit: out of memory in audit_log_start
[   76.501577][ T5152] netlink: 4 bytes leftover after parsing attributes in process `syz.2.553'.
[   76.590200][ T5156] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   76.605760][ T5158] netlink: 'syz.0.558': attribute type 4 has an invalid length.
[   76.686827][ T5158] usb usb8: usbfs: process 5158 (syz.0.558) did not claim interface 0 before use
[   76.847978][   T29] audit: type=1326 audit(1751181154.094:5517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5167 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   76.871573][   T29] audit: type=1326 audit(1751181154.094:5518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5167 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   76.895045][   T29] audit: type=1326 audit(1751181154.094:5519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5167 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   76.918479][   T29] audit: type=1326 audit(1751181154.094:5520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5167 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   76.941967][   T29] audit: type=1326 audit(1751181154.094:5521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5167 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1259de929 code=0x7ffc0000
[   77.598861][ T5178] netlink: 64 bytes leftover after parsing attributes in process `syz.0.564'.
[   77.786112][ T5186] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   77.868088][ T5191] netlink: 4 bytes leftover after parsing attributes in process `syz.1.571'.
[   77.945330][ T5180] loop2: detected capacity change from 0 to 256
[   78.223951][ T5202] loop1: detected capacity change from 0 to 1024
[   78.333710][ T5202] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   78.430659][ T5204] netlink: 'syz.3.575': attribute type 8 has an invalid length.
[   78.464982][ T5202] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.489067][ T5204] loop3: detected capacity change from 0 to 512
[   78.521031][ T5204] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   78.537453][ T5202] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.574: missing EA_INODE flag
[   78.557568][ T5202] EXT4-fs (loop1): Remounting filesystem read-only
[   78.564293][ T5204] EXT4-fs (loop3): mount failed
[   78.593101][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.721124][ T5218] netlink: 'syz.1.578': attribute type 8 has an invalid length.
[   78.784081][ T5218] loop1: detected capacity change from 0 to 512
[   78.821952][ T5218] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   78.826371][ T5224] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   78.857168][ T5218] EXT4-fs (loop1): mount failed
[   79.042191][ T5241] random: crng reseeded on system resumption
[   79.079346][ T5241] loop3: detected capacity change from 0 to 764
[   79.103466][ T5241] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   79.220888][ T5248] loop2: detected capacity change from 0 to 512
[   79.296918][ T5248] EXT4-fs (loop2): 1 orphan inode deleted
[   79.314935][   T12] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[   79.328045][ T5253] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   79.336822][ T5253] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   79.351857][ T5248] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.435500][ T5248] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.449789][ T5258] FAULT_INJECTION: forcing a failure.
[   79.449789][ T5258] name failslab, interval 1, probability 0, space 0, times 0
[   79.462505][ T5258] CPU: 1 UID: 0 PID: 5258 Comm: syz.3.594 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   79.462549][ T5258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   79.462561][ T5258] Call Trace:
[   79.462567][ T5258]  <TASK>
[   79.462575][ T5258]  __dump_stack+0x1d/0x30
[   79.462596][ T5258]  dump_stack_lvl+0xe8/0x140
[   79.462617][ T5258]  dump_stack+0x15/0x1b
[   79.462655][ T5258]  should_fail_ex+0x265/0x280
[   79.462746][ T5258]  ? kobject_uevent_env+0x1c0/0x570
[   79.462774][ T5258]  should_failslab+0x8c/0xb0
[   79.462797][ T5258]  __kmalloc_cache_noprof+0x4c/0x320
[   79.462880][ T5258]  kobject_uevent_env+0x1c0/0x570
[   79.462915][ T5258]  ? __fget_files+0x184/0x1c0
[   79.462973][ T5258]  kobject_uevent+0x1d/0x30
[   79.462998][ T5258]  lo_ioctl+0x151d/0x15d0
[   79.463035][ T5258]  ? avc_has_extended_perms+0x73d/0x940
[   79.463073][ T5258]  ? ioctl_has_perm+0x257/0x2a0
[   79.463161][ T5258]  ? blkdev_common_ioctl+0xad6/0x1ac0
[   79.463202][ T5258]  ? do_vfs_ioctl+0x9df/0x11d0
[   79.463232][ T5258]  ? selinux_file_ioctl+0x2e3/0x370
[   79.463323][ T5258]  ? __pfx_lo_ioctl+0x10/0x10
[   79.463364][ T5258]  ? __pfx_blkdev_ioctl+0x10/0x10
[   79.463436][ T5258]  blkdev_ioctl+0x352/0x440
[   79.463477][ T5258]  __se_sys_ioctl+0xcb/0x140
[   79.463536][ T5258]  __x64_sys_ioctl+0x43/0x50
[   79.463617][ T5258]  x64_sys_call+0x19a8/0x2fb0
[   79.463711][ T5258]  do_syscall_64+0xd2/0x200
[   79.463789][ T5258]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   79.463819][ T5258]  ? clear_bhb_loop+0x40/0x90
[   79.463846][ T5258]  ? clear_bhb_loop+0x40/0x90
[   79.463939][ T5258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.463986][ T5258] RIP: 0033:0x7f19396be929
[   79.464015][ T5258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.464032][ T5258] RSP: 002b:00007f1937ce5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   79.464056][ T5258] RAX: ffffffffffffffda RBX: 00007f19398e6160 RCX: 00007f19396be929
[   79.464072][ T5258] RDX: 0000000000000003 RSI: 0000000000004c06 RDI: 0000000000000004
[   79.464086][ T5258] RBP: 00007f1937ce5090 R08: 0000000000000000 R09: 0000000000000000
[   79.464108][ T5258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.464123][ T5258] R13: 0000000000000000 R14: 00007f19398e6160 R15: 00007ffcbe4e4178
[   79.464147][ T5258]  </TASK>
[   79.714064][ T5248] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.809559][ T5266] netdevsim netdevsim3: Direct firmware load for ..€ failed with error -2
[   79.876933][ T5273] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   79.884653][ T5276] netlink: 8 bytes leftover after parsing attributes in process `syz.1.598'.
[   79.886178][ T5273] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   79.919665][ T5273] loop3: detected capacity change from 0 to 2048
[   79.930423][ T5273] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[   79.933161][ T5276] loop1: detected capacity change from 0 to 512
[   79.946619][ T5276] EXT4-fs: Ignoring removed bh option
[   79.954197][ T5276] EXT4-fs: Ignoring removed bh option
[   79.969791][ T5276] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   79.981783][ T5276] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   79.999306][ T5276] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   80.010832][ T5276] EXT4-fs (loop1): orphan cleanup on readonly fs
[   80.018178][ T5276] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   80.034036][ T5276] EXT4-fs (loop1): Cannot turn on quotas: error -22
[   80.058857][ T5276] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.598: Invalid block bitmap block 0 in block_group 0
[   80.073549][ T5276] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   80.082601][ T5276] EXT4-fs (loop1): 1 orphan inode deleted
[   80.089630][ T5276] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   80.102758][ T5276] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.427114][ T5301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.611'.
[   80.473900][ T5309] netlink: 'syz.0.614': attribute type 4 has an invalid length.
[   80.520894][ T5313] netlink: 64 bytes leftover after parsing attributes in process `syz.2.616'.
[   80.545905][ T5309] usb usb8: usbfs: process 5309 (syz.0.614) did not claim interface 0 before use
[   80.646242][ T5322] xt_CT: You must specify a L4 protocol and not use inversions on it
[   80.826819][ T5332] netlink: 4 bytes leftover after parsing attributes in process `syz.4.623'.
[   80.998560][ T5349] netlink: 'syz.2.629': attribute type 4 has an invalid length.
[   81.007599][ T5346] loop0: detected capacity change from 0 to 1024
[   81.026966][ T5346] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.046592][ T5346] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 28 with max blocks 1 with error 28
[   81.059039][ T5346] EXT4-fs (loop0): This should not happen!! Data will be lost
[   81.059039][ T5346] 
[   81.069024][ T5346] EXT4-fs (loop0): Total free blocks count 0
[   81.075082][ T5346] EXT4-fs (loop0): Free/Dirty block details
[   81.081092][ T5346] EXT4-fs (loop0): free_blocks=0
[   81.086346][ T5346] EXT4-fs (loop0): dirty_blocks=0
[   81.091409][ T5346] EXT4-fs (loop0): Block reservation details
[   81.097463][ T5346] EXT4-fs (loop0): i_reserved_data_blocks=0
[   81.136407][ T5356] netlink: 8 bytes leftover after parsing attributes in process `syz.0.628'.
[   81.146488][ T5346] netlink: 'syz.0.628': attribute type 21 has an invalid length.
[   81.154391][ T5346] netlink: 132 bytes leftover after parsing attributes in process `syz.0.628'.
[   81.169993][ T5351] loop4: detected capacity change from 0 to 128
[   81.182475][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.200013][ T5359] loop2: detected capacity change from 0 to 512
[   81.208081][ T5359] EXT4-fs: Ignoring removed bh option
[   81.218363][ T5359] EXT4-fs: Ignoring removed bh option
[   81.254772][ T5359] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   81.273688][ T5359] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   81.286106][ T5359] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   81.294190][ T5359] EXT4-fs (loop2): orphan cleanup on readonly fs
[   81.303175][ T5359] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   81.335053][ T5359] EXT4-fs (loop2): Cannot turn on quotas: error -22
[   81.342016][ T5359] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.631: Invalid block bitmap block 0 in block_group 0
[   81.355665][ T5359] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   81.365634][ T5359] EXT4-fs (loop2): 1 orphan inode deleted
[   81.371852][ T5359] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   81.384850][ T5359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.451680][ T5370] __nla_validate_parse: 1 callbacks suppressed
[   81.451698][ T5370] netlink: 4 bytes leftover after parsing attributes in process `syz.0.636'.
[   81.516566][ T5377] loop0: detected capacity change from 0 to 512
[   81.536755][ T5377] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   81.554858][ T5378] netlink: 'syz.3.641': attribute type 4 has an invalid length.
[   81.568385][ T5377] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[   81.577467][ T5382] netlink: 64 bytes leftover after parsing attributes in process `syz.1.642'.
[   81.608485][ T5377] loop0: detected capacity change from 0 to 1024
[   81.615528][ T5378] usb usb8: usbfs: process 5378 (syz.3.641) did not claim interface 0 before use
[   81.660878][ T5377] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.669284][ T5388] loop3: detected capacity change from 0 to 2048
[   81.680140][ T5377] ext4 filesystem being mounted at /133/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.693698][ T5391] vcan0: entered allmulticast mode
[   81.699124][ T5391] vcan0: left allmulticast mode
[   81.712851][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.722019][ T5391] netlink: 'syz.1.644': attribute type 1 has an invalid length.
[   81.733854][ T4933] Alternate GPT is invalid, using primary GPT.
[   81.740481][ T4933]  loop3: p2 p3 p7
[   81.751787][ T5391] loop1: detected capacity change from 0 to 512
[   81.767414][ T5391] EXT4-fs: Ignoring removed bh option
[   81.786842][ T5388] Alternate GPT is invalid, using primary GPT.
[   81.793303][ T5388]  loop3: p2 p3 p7
[   81.797416][ T5391] EXT4-fs: Ignoring removed bh option
[   81.814568][ T5391] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   81.831559][ T5391] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   81.848758][ T5391] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   81.856834][ T5391] EXT4-fs (loop1): orphan cleanup on readonly fs
[   81.870964][ T5391] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   81.894163][ T5391] EXT4-fs (loop1): Cannot turn on quotas: error -22
[   81.903925][   T29] kauditd_printk_skb: 279 callbacks suppressed
[   81.904008][   T29] audit: type=1400 audit(1751181159.144:5798): avc:  denied  { read write } for  pid=5387 comm="syz.3.645" name="loop3p3" dev="devtmpfs" ino=1049 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   81.904384][ T5391] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.644: Invalid block bitmap block 0 in block_group 0
[   81.910285][   T29] audit: type=1400 audit(1751181159.144:5799): avc:  denied  { open } for  pid=5387 comm="syz.3.645" path="/dev/loop3p3" dev="devtmpfs" ino=1049 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   81.982256][ T5391] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   81.996537][ T5391] EXT4-fs (loop1): 1 orphan inode deleted
[   82.014467][ T5391] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   82.030678][ T5391] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.096897][ T5411] netlink: 'syz.4.655': attribute type 4 has an invalid length.
[   82.106079][   T29] audit: type=1400 audit(1751181159.344:5800): avc:  denied  { create } for  pid=5408 comm="syz.0.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   82.125604][   T29] audit: type=1400 audit(1751181159.364:5801): avc:  denied  { bind } for  pid=5408 comm="syz.0.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   82.147334][ T5413] netlink: 'syz.2.654': attribute type 8 has an invalid length.
[   82.157552][   T29] audit: type=1326 audit(1751181159.394:5802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   82.180977][   T29] audit: type=1326 audit(1751181159.394:5803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   82.201012][ T5413] loop2: detected capacity change from 0 to 512
[   82.204374][   T29] audit: type=1326 audit(1751181159.394:5804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   82.233951][   T29] audit: type=1326 audit(1751181159.394:5805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   82.257342][   T29] audit: type=1326 audit(1751181159.394:5806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   82.265723][ T5411] usb usb8: usbfs: process 5411 (syz.4.655) did not claim interface 0 before use
[   82.280832][   T29] audit: type=1326 audit(1751181159.394:5807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   82.293177][ T5413] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   82.334467][ T5417] loop0: detected capacity change from 0 to 512
[   82.341716][ T5417] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   82.352931][ T5413] EXT4-fs (loop2): mount failed
[   82.358200][ T5417] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[   82.379378][ T5417] loop0: detected capacity change from 0 to 1024
[   82.398655][ T5417] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.417512][ T5417] ext4 filesystem being mounted at /138/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.450161][ T5423] binfmt_misc: register: failed to install interpreter file ./file0
[   82.468501][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.526344][ T3298] udevd[3298]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   82.601538][ T5439] netlink: 'syz.4.667': attribute type 4 has an invalid length.
[   82.613599][ T5444] random: crng reseeded on system resumption
[   82.621870][ T5443] FAULT_INJECTION: forcing a failure.
[   82.621870][ T5443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.635214][ T5443] CPU: 0 UID: 0 PID: 5443 Comm: syz.1.666 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   82.635303][ T5443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   82.635382][ T5443] Call Trace:
[   82.635391][ T5443]  <TASK>
[   82.635454][ T5443]  __dump_stack+0x1d/0x30
[   82.635556][ T5443]  dump_stack_lvl+0xe8/0x140
[   82.635579][ T5443]  dump_stack+0x15/0x1b
[   82.635599][ T5443]  should_fail_ex+0x265/0x280
[   82.635638][ T5443]  should_fail+0xb/0x20
[   82.635704][ T5443]  should_fail_usercopy+0x1a/0x20
[   82.635741][ T5443]  _copy_from_user+0x1c/0xb0
[   82.635773][ T5443]  ___sys_sendmsg+0xc1/0x1d0
[   82.635836][ T5443]  __x64_sys_sendmsg+0xd4/0x160
[   82.635960][ T5443]  x64_sys_call+0x2999/0x2fb0
[   82.636021][ T5443]  do_syscall_64+0xd2/0x200
[   82.636043][ T5443]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.636165][ T5443]  ? clear_bhb_loop+0x40/0x90
[   82.636190][ T5443]  ? clear_bhb_loop+0x40/0x90
[   82.636216][ T5443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.636242][ T5443] RIP: 0033:0x7f42fc1ae929
[   82.636265][ T5443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.636287][ T5443] RSP: 002b:00007f42fa817038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.636309][ T5443] RAX: ffffffffffffffda RBX: 00007f42fc3d5fa0 RCX: 00007f42fc1ae929
[   82.636351][ T5443] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000006
[   82.636366][ T5443] RBP: 00007f42fa817090 R08: 0000000000000000 R09: 0000000000000000
[   82.636380][ T5443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.636395][ T5443] R13: 0000000000000000 R14: 00007f42fc3d5fa0 R15: 00007ffd097176d8
[   82.636417][ T5443]  </TASK>
[   82.639023][ T5444] loop2: detected capacity change from 0 to 764
[   82.665478][ T5439] usb usb8: usbfs: process 5439 (syz.4.667) did not claim interface 0 before use
[   82.726853][ T5445] netlink: 8 bytes leftover after parsing attributes in process `syz.0.660'.
[   82.766285][ T5444] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   82.813530][ T5445] loop0: detected capacity change from 0 to 512
[   82.843163][ T5449] loop1: detected capacity change from 0 to 512
[   82.862293][ T5445] EXT4-fs: Ignoring removed bh option
[   82.872508][ T5448] loop4: detected capacity change from 0 to 512
[   82.872953][ T5445] EXT4-fs: Ignoring removed bh option
[   82.881540][ T5448] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   82.902250][ T5448] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[   82.926996][ T5449] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   82.944412][ T5445] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   82.988423][ T5445] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   83.020939][ T5448] loop4: detected capacity change from 0 to 1024
[   83.028412][ T5449] EXT4-fs (loop1): mount failed
[   83.038872][ T5445] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   83.091845][ T5448] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.094041][ T5445] EXT4-fs (loop0): orphan cleanup on readonly fs
[   83.121316][ T5445] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   83.147100][ T5448] ext4 filesystem being mounted at /126/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.160558][ T5453] loop2: detected capacity change from 0 to 128
[   83.168169][ T5445] EXT4-fs (loop0): Cannot turn on quotas: error -22
[   83.181015][ T5445] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.660: Invalid block bitmap block 0 in block_group 0
[   83.198640][ T5459] FAULT_INJECTION: forcing a failure.
[   83.198640][ T5459] name failslab, interval 1, probability 0, space 0, times 0
[   83.211315][ T5459] CPU: 0 UID: 0 PID: 5459 Comm: syz.1.673 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   83.211344][ T5459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   83.211357][ T5459] Call Trace:
[   83.211365][ T5459]  <TASK>
[   83.211373][ T5459]  __dump_stack+0x1d/0x30
[   83.211401][ T5459]  dump_stack_lvl+0xe8/0x140
[   83.211421][ T5459]  dump_stack+0x15/0x1b
[   83.211438][ T5459]  should_fail_ex+0x265/0x280
[   83.211529][ T5459]  should_failslab+0x8c/0xb0
[   83.211554][ T5459]  kmem_cache_alloc_node_noprof+0x57/0x320
[   83.211720][ T5459]  ? __alloc_skb+0x101/0x320
[   83.211776][ T5459]  __alloc_skb+0x101/0x320
[   83.211807][ T5459]  qrtr_endpoint_unregister+0x189/0x390
[   83.211924][ T5459]  ? __pfx_qrtr_tun_release+0x10/0x10
[   83.212058][ T5459]  qrtr_tun_release+0x22/0x50
[   83.212078][ T5459]  __fput+0x29b/0x650
[   83.212114][ T5459]  ____fput+0x1c/0x30
[   83.212139][ T5459]  task_work_run+0x12e/0x1a0
[   83.212165][ T5459]  exit_to_user_mode_loop+0xe4/0x100
[   83.212231][ T5459]  do_syscall_64+0x1d6/0x200
[   83.212249][ T5459]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.212305][ T5459]  ? clear_bhb_loop+0x40/0x90
[   83.212327][ T5459]  ? clear_bhb_loop+0x40/0x90
[   83.212349][ T5459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.212371][ T5459] RIP: 0033:0x7f42fc1ae929
[   83.212454][ T5459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.212472][ T5459] RSP: 002b:00007f42fa817038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   83.212491][ T5459] RAX: 0000000000000000 RBX: 00007f42fc3d5fa0 RCX: 00007f42fc1ae929
[   83.212544][ T5459] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000
[   83.212557][ T5459] RBP: 00007f42fa817090 R08: 0000000000000000 R09: 0000000000000000
[   83.212569][ T5459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.212580][ T5459] R13: 0000000000000000 R14: 00007f42fc3d5fa0 R15: 00007ffd097176d8
[   83.212599][ T5459]  </TASK>
[   83.225891][ T5445] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   83.423970][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.471419][ T5445] EXT4-fs (loop0): 1 orphan inode deleted
[   83.482024][ T5465] loop1: detected capacity change from 0 to 512
[   83.497669][ T5445] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   83.520031][ T5445] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.556035][ T5475] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   83.597450][ T5475] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.616629][ T5480] loop4: detected capacity change from 0 to 1024
[   83.623705][ T5480] EXT4-fs: Ignoring removed nobh option
[   83.629569][ T5480] EXT4-fs: Ignoring removed bh option
[   83.636573][ T5482] netlink: 12 bytes leftover after parsing attributes in process `syz.2.680'.
[   83.658303][ T5475] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.678328][ T5480] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.712096][ T5473] FAULT_INJECTION: forcing a failure.
[   83.712096][ T5473] name failslab, interval 1, probability 0, space 0, times 0
[   83.724918][ T5473] CPU: 0 UID: 0 PID: 5473 Comm: syz.3.679 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   83.724949][ T5473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   83.724963][ T5473] Call Trace:
[   83.724971][ T5473]  <TASK>
[   83.724980][ T5473]  __dump_stack+0x1d/0x30
[   83.725068][ T5473]  dump_stack_lvl+0xe8/0x140
[   83.725093][ T5473]  dump_stack+0x15/0x1b
[   83.725112][ T5473]  should_fail_ex+0x265/0x280
[   83.725166][ T5473]  should_failslab+0x8c/0xb0
[   83.725189][ T5473]  kmem_cache_alloc_noprof+0x50/0x310
[   83.725266][ T5473]  ? audit_log_start+0x365/0x6c0
[   83.725367][ T5473]  audit_log_start+0x365/0x6c0
[   83.725404][ T5473]  audit_seccomp+0x48/0x100
[   83.725430][ T5473]  ? __seccomp_filter+0x68c/0x10d0
[   83.725452][ T5473]  __seccomp_filter+0x69d/0x10d0
[   83.725494][ T5473]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   83.725530][ T5473]  ? vfs_write+0x75e/0x8e0
[   83.725604][ T5473]  ? __rcu_read_unlock+0x4f/0x70
[   83.725632][ T5473]  ? __fget_files+0x184/0x1c0
[   83.725655][ T5473]  __secure_computing+0x82/0x150
[   83.725677][ T5473]  syscall_trace_enter+0xcf/0x1e0
[   83.725701][ T5473]  do_syscall_64+0xac/0x200
[   83.725827][ T5473]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.725878][ T5473]  ? clear_bhb_loop+0x40/0x90
[   83.725898][ T5473]  ? clear_bhb_loop+0x40/0x90
[   83.725919][ T5473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.725941][ T5473] RIP: 0033:0x7f19396be929
[   83.726008][ T5473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.726091][ T5473] RSP: 002b:00007f1937d27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   83.726109][ T5473] RAX: ffffffffffffffda RBX: 00007f19398e5fa0 RCX: 00007f19396be929
[   83.726122][ T5473] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000009
[   83.726137][ T5473] RBP: 00007f1937d27090 R08: 0000000000000004 R09: 0000000000000000
[   83.726152][ T5473] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[   83.726165][ T5473] R13: 0000000000000000 R14: 00007f19398e5fa0 R15: 00007ffcbe4e4178
[   83.726185][ T5473]  </TASK>
[   83.733213][ T5473] netlink: 8 bytes leftover after parsing attributes in process `syz.3.679'.
[   83.762423][ T5480] FAULT_INJECTION: forcing a failure.
[   83.762423][ T5480] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.967991][ T5480] CPU: 1 UID: 0 PID: 5480 Comm: syz.4.682 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   83.968100][ T5480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   83.968114][ T5480] Call Trace:
[   83.968122][ T5480]  <TASK>
[   83.968132][ T5480]  __dump_stack+0x1d/0x30
[   83.968172][ T5480]  dump_stack_lvl+0xe8/0x140
[   83.968196][ T5480]  dump_stack+0x15/0x1b
[   83.968212][ T5480]  should_fail_ex+0x265/0x280
[   83.968290][ T5480]  should_fail+0xb/0x20
[   83.968326][ T5480]  should_fail_usercopy+0x1a/0x20
[   83.968400][ T5480]  strncpy_from_user+0x25/0x230
[   83.968486][ T5480]  path_setxattrat+0xeb/0x310
[   83.968528][ T5480]  __x64_sys_lsetxattr+0x71/0x90
[   83.968556][ T5480]  x64_sys_call+0x1e36/0x2fb0
[   83.968585][ T5480]  do_syscall_64+0xd2/0x200
[   83.968675][ T5480]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.968709][ T5480]  ? clear_bhb_loop+0x40/0x90
[   83.968737][ T5480]  ? clear_bhb_loop+0x40/0x90
[   83.968766][ T5480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.968867][ T5480] RIP: 0033:0x7f42b937e929
[   83.968887][ T5480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.968909][ T5480] RSP: 002b:00007f42b79e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   83.968930][ T5480] RAX: ffffffffffffffda RBX: 00007f42b95a5fa0 RCX: 00007f42b937e929
[   83.968942][ T5480] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000000
[   83.968953][ T5480] RBP: 00007f42b79e7090 R08: 0000000000000002 R09: 0000000000000000
[   83.968965][ T5480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.968994][ T5480] R13: 0000000000000000 R14: 00007f42b95a5fa0 R15: 00007ffd57cb8d88
[   83.969018][ T5480]  </TASK>
[   83.977602][ T5475] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.181994][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.262083][ T5475] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.312071][ T5475] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.337570][ T5475] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.352051][ T5507] netlink: 24 bytes leftover after parsing attributes in process `syz.3.691'.
[   84.407684][ T5511] netlink: 24 bytes leftover after parsing attributes in process `syz.3.691'.
[   84.430035][ T5475] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.464141][   T12] team0: Port device team_slave_0 removed
[   84.477424][ T5475] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.666072][ T5536] validate_nla: 1 callbacks suppressed
[   84.666092][ T5536] netlink: 'syz.2.702': attribute type 4 has an invalid length.
[   84.775279][ T5536] usb usb8: usbfs: process 5536 (syz.2.702) did not claim interface 0 before use
[   84.854415][ T5546] random: crng reseeded on system resumption
[   84.871044][ T5548] netlink: 64 bytes leftover after parsing attributes in process `syz.2.708'.
[   84.871438][ T5546] loop3: detected capacity change from 0 to 764
[   84.910519][ T5546] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   84.942888][ T5554] loop0: detected capacity change from 0 to 1024
[   84.964780][ T5554] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   85.020846][ T5554] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.042957][ T5564] netlink: 'syz.1.716': attribute type 8 has an invalid length.
[   85.081675][ T5564] loop1: detected capacity change from 0 to 512
[   85.089476][ T5558] netlink: 4 bytes leftover after parsing attributes in process `syz.4.713'.
[   85.104948][ T5554] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.711: missing EA_INODE flag
[   85.118307][ T5554] EXT4-fs (loop0): Remounting filesystem read-only
[   85.128127][ T5571] vcan0: entered allmulticast mode
[   85.133586][ T5571] vcan0: left allmulticast mode
[   85.141338][ T5571] netlink: 'syz.3.715': attribute type 1 has an invalid length.
[   85.152144][ T5571] loop3: detected capacity change from 0 to 512
[   85.176041][ T5571] EXT4-fs: Ignoring removed bh option
[   85.194453][ T5564] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   85.219545][ T5571] EXT4-fs: Ignoring removed bh option
[   85.232740][ T5564] EXT4-fs (loop1): mount failed
[   85.244192][ T5571] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   85.256193][ T5571] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   85.271702][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.282948][ T5571] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   85.300320][ T5571] EXT4-fs (loop3): orphan cleanup on readonly fs
[   85.313095][ T5571] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   85.336721][ T5580] loop1: detected capacity change from 0 to 512
[   85.346159][ T5580] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   85.356439][ T5571] EXT4-fs (loop3): Cannot turn on quotas: error -22
[   85.370227][ T5571] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.715: Invalid block bitmap block 0 in block_group 0
[   85.371061][ T5580] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[   85.412509][ T5571] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   85.423154][ T5584] netlink: 'syz.0.718': attribute type 4 has an invalid length.
[   85.442022][ T5571] EXT4-fs (loop3): 1 orphan inode deleted
[   85.458716][ T5571] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   85.478450][ T5580] loop1: detected capacity change from 0 to 1024
[   85.479085][ T5571] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.529431][ T5580] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.541852][ T5580] ext4 filesystem being mounted at /140/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.553152][ T5584] usb usb8: usbfs: process 5584 (syz.0.718) did not claim interface 0 before use
[   85.583791][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.677362][ T5599] random: crng reseeded on system resumption
[   85.692880][ T5599] loop2: detected capacity change from 0 to 764
[   85.700858][ T5599] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   85.805910][ T5604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.727'.
[   85.850333][ T5609] loop0: detected capacity change from 0 to 128
[   85.866146][ T5609] EXT4-fs: test_dummy_encryption option not supported
[   86.037395][ T5619] netlink: 'syz.2.733': attribute type 4 has an invalid length.
[   86.062082][ T5621] loop4: detected capacity change from 0 to 512
[   86.086950][ T5619] usb usb8: usbfs: process 5619 (syz.2.733) did not claim interface 0 before use
[   86.101467][ T5621] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   86.136033][ T5621] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[   86.148767][ T5623] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   86.229844][ T5621] loop4: detected capacity change from 0 to 1024
[   86.262598][ T5621] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.284999][ T5621] ext4 filesystem being mounted at /141/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.353137][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.412448][ T5632] loop2: detected capacity change from 0 to 2048
[   86.510004][ T5632] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.534436][ T5642] netlink: 4 bytes leftover after parsing attributes in process `syz.4.739'.
[   86.558130][ T5632] FAULT_INJECTION: forcing a failure.
[   86.558130][ T5632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.571366][ T5632] CPU: 1 UID: 0 PID: 5632 Comm: syz.2.738 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   86.571401][ T5632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   86.571432][ T5632] Call Trace:
[   86.571438][ T5632]  <TASK>
[   86.571446][ T5632]  __dump_stack+0x1d/0x30
[   86.571467][ T5632]  dump_stack_lvl+0xe8/0x140
[   86.571515][ T5632]  dump_stack+0x15/0x1b
[   86.571582][ T5632]  should_fail_ex+0x265/0x280
[   86.571615][ T5632]  should_fail+0xb/0x20
[   86.571642][ T5632]  should_fail_usercopy+0x1a/0x20
[   86.571750][ T5632]  strncpy_from_user+0x25/0x230
[   86.571774][ T5632]  ? kmem_cache_alloc_noprof+0x186/0x310
[   86.571803][ T5632]  ? getname_flags+0x80/0x3b0
[   86.571834][ T5632]  getname_flags+0xae/0x3b0
[   86.571914][ T5632]  do_sys_openat2+0x60/0x110
[   86.571947][ T5632]  __x64_sys_openat+0xf2/0x120
[   86.571983][ T5632]  x64_sys_call+0x1af/0x2fb0
[   86.572010][ T5632]  do_syscall_64+0xd2/0x200
[   86.572113][ T5632]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   86.572144][ T5632]  ? clear_bhb_loop+0x40/0x90
[   86.572176][ T5632]  ? clear_bhb_loop+0x40/0x90
[   86.572199][ T5632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.572291][ T5632] RIP: 0033:0x7f5d3e0fe929
[   86.572309][ T5632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.572332][ T5632] RSP: 002b:00007f5d3c767038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   86.572355][ T5632] RAX: ffffffffffffffda RBX: 00007f5d3e325fa0 RCX: 00007f5d3e0fe929
[   86.572409][ T5632] RDX: 0000000000000042 RSI: 0000200000000040 RDI: ffffffffffffff9c
[   86.572420][ T5632] RBP: 00007f5d3c767090 R08: 0000000000000000 R09: 0000000000000000
[   86.572448][ T5632] R10: 0000000000000088 R11: 0000000000000246 R12: 0000000000000001
[   86.572460][ T5632] R13: 0000000000000000 R14: 00007f5d3e325fa0 R15: 00007ffd4415ad68
[   86.572479][ T5632]  </TASK>
[   86.780990][ T5644] netlink: 8 bytes leftover after parsing attributes in process `syz.1.740'.
[   86.799878][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.890031][ T5655] netlink: 64 bytes leftover after parsing attributes in process `syz.2.745'.
[   86.937295][ T5657] netlink: 'syz.3.746': attribute type 4 has an invalid length.
[   87.015975][ T5657] usb usb8: usbfs: process 5657 (syz.3.746) did not claim interface 0 before use
[   87.068236][   T29] kauditd_printk_skb: 368 callbacks suppressed
[   87.068254][   T29] audit: type=1400 audit(1751181164.324:6171): avc:  denied  { read } for  pid=5669 comm="syz.3.752" name="ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   87.072141][ T5668] loop1: detected capacity change from 0 to 1024
[   87.074729][   T29] audit: type=1400 audit(1751181164.324:6172): avc:  denied  { open } for  pid=5669 comm="syz.3.752" path="/dev/ptp0" dev="devtmpfs" ino=247 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   87.128024][   T29] audit: type=1400 audit(1751181164.374:6173): avc:  denied  { ioctl } for  pid=5669 comm="syz.3.752" path="/dev/ptp0" dev="devtmpfs" ino=247 ioctlcmd=0x3d0f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   87.160491][ T5668] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   87.167895][ T5670] netlink: 'syz.3.752': attribute type 21 has an invalid length.
[   87.179378][ T5670] netlink: 156 bytes leftover after parsing attributes in process `syz.3.752'.
[   87.192364][ T5668] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.244241][ T5663] loop4: detected capacity change from 0 to 2048
[   87.249496][ T5678] loop3: detected capacity change from 0 to 1024
[   87.251263][ T5668] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.751: missing EA_INODE flag
[   87.259072][ T5678] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   87.281228][ T5668] EXT4-fs (loop1): Remounting filesystem read-only
[   87.317603][ T5663] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.331824][ T5678] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.347149][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.356995][ T5663] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.749: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   87.385813][ T5678] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: inode #11: comm syz.3.753: missing EA_INODE flag
[   87.400104][ T5678] EXT4-fs (loop3): Remounting filesystem read-only
[   87.428358][ T5663] EXT4-fs (loop4): Remounting filesystem read-only
[   87.445602][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.471561][ T5686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.485027][ T5686] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.514383][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.566008][ T5690] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.594873][ T5690] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.604367][ T5690] FAULT_INJECTION: forcing a failure.
[   87.604367][ T5690] name failslab, interval 1, probability 0, space 0, times 0
[   87.617090][ T5690] CPU: 0 UID: 0 PID: 5690 Comm: syz.4.757 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   87.617171][ T5690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   87.617188][ T5690] Call Trace:
[   87.617257][ T5690]  <TASK>
[   87.617265][ T5690]  __dump_stack+0x1d/0x30
[   87.617289][ T5690]  dump_stack_lvl+0xe8/0x140
[   87.617373][ T5690]  dump_stack+0x15/0x1b
[   87.617396][ T5690]  should_fail_ex+0x265/0x280
[   87.617443][ T5690]  should_failslab+0x8c/0xb0
[   87.617473][ T5690]  __kmalloc_noprof+0xa5/0x3e0
[   87.617501][ T5690]  ? io_cache_alloc_new+0x2a/0xb0
[   87.617532][ T5690]  io_cache_alloc_new+0x2a/0xb0
[   87.617559][ T5690]  io_sqe_buffer_register+0xf2/0x1430
[   87.617592][ T5690]  ? __memcg_slab_post_alloc_hook+0x44c/0x580
[   87.617692][ T5690]  ? __kvmalloc_node_noprof+0x398/0x4e0
[   87.617729][ T5690]  ? io_sqe_buffers_register+0xc2/0x530
[   87.617755][ T5690]  io_sqe_buffers_register+0x2ac/0x530
[   87.617789][ T5690]  __se_sys_io_uring_register+0xa9f/0xeb0
[   87.617892][ T5690]  ? fput+0x8f/0xc0
[   87.617923][ T5690]  ? ksys_write+0x192/0x1a0
[   87.617966][ T5690]  __x64_sys_io_uring_register+0x55/0x70
[   87.618085][ T5690]  x64_sys_call+0xc91/0x2fb0
[   87.618113][ T5690]  do_syscall_64+0xd2/0x200
[   87.618136][ T5690]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   87.618184][ T5690]  ? clear_bhb_loop+0x40/0x90
[   87.618207][ T5690]  ? clear_bhb_loop+0x40/0x90
[   87.618228][ T5690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.618249][ T5690] RIP: 0033:0x7f42b937e929
[   87.618345][ T5690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.618427][ T5690] RSP: 002b:00007f42b79e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[   87.618449][ T5690] RAX: ffffffffffffffda RBX: 00007f42b95a5fa0 RCX: 00007f42b937e929
[   87.618464][ T5690] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000000000000007
[   87.618476][ T5690] RBP: 00007f42b79e7090 R08: 0000000000000000 R09: 0000000000000000
[   87.618516][ T5690] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000001
[   87.618532][ T5690] R13: 0000000000000000 R14: 00007f42b95a5fa0 R15: 00007ffd57cb8d88
[   87.618556][ T5690]  </TASK>
[   87.870305][ T5692] loop1: detected capacity change from 0 to 128
[   88.012302][   T29] audit: type=1326 audit(1751181165.264:6174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5697 comm="syz.2.760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   88.036074][   T29] audit: type=1326 audit(1751181165.264:6175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5697 comm="syz.2.760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   88.059431][   T29] audit: type=1326 audit(1751181165.264:6176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5697 comm="syz.2.760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   88.083129][   T29] audit: type=1326 audit(1751181165.264:6177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5697 comm="syz.2.760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   88.106513][   T29] audit: type=1326 audit(1751181165.264:6178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5697 comm="syz.2.760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5d3e0fd290 code=0x7ffc0000
[   88.130198][   T29] audit: type=1326 audit(1751181165.264:6179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5697 comm="syz.2.760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5d3e100157 code=0x7ffc0000
[   88.153698][   T29] audit: type=1326 audit(1751181165.264:6180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5697 comm="syz.2.760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5d3e0fe929 code=0x7ffc0000
[   88.298950][ T5702] netlink: 'syz.1.761': attribute type 3 has an invalid length.
[   88.348977][ T5702] loop1: detected capacity change from 0 to 512
[   88.377479][ T5702] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   88.407008][ T5702] EXT4-fs (loop1): 1 truncate cleaned up
[   88.445172][ T5702] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.585644][ T5702] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.676053][ T5724] random: crng reseeded on system resumption
[   89.157998][ T5735] netlink: 'syz.4.771': attribute type 21 has an invalid length.
[   89.166695][ T5735] netlink: 156 bytes leftover after parsing attributes in process `syz.4.771'.
[   89.476839][ T5763] netlink: 'syz.0.783': attribute type 3 has an invalid length.
[   89.540714][ T5766] netlink: 156 bytes leftover after parsing attributes in process `syz.1.785'.
[   89.554079][ T5763] loop0: detected capacity change from 0 to 512
[   89.622381][ T5767] loop2: detected capacity change from 0 to 128
[   89.666924][ T5767] EXT4-fs: test_dummy_encryption option not supported
[   89.732546][ T5763] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   89.785042][ T5763] EXT4-fs (loop0): 1 truncate cleaned up
[   89.822458][ T5763] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.885753][ T5763] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.498929][ T5808] validate_nla: 1 callbacks suppressed
[   90.498948][ T5808] netlink: 'syz.1.799': attribute type 3 has an invalid length.
[   90.566496][ T5810] loop4: detected capacity change from 0 to 1024
[   90.586382][ T5811] loop1: detected capacity change from 0 to 512
[   90.613981][ T5811] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   90.642348][ T5810] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.659473][ T5810] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.679387][ T5811] EXT4-fs (loop1): 1 truncate cleaned up
[   90.686687][ T5810] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 16: comm syz.4.801: path /159/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[   90.709184][ T5811] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.722362][ T5811] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.738973][   T57] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 393: padding at end of block bitmap is not set
[   90.772700][   T57] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28
[   90.785342][   T57] EXT4-fs (loop4): This should not happen!! Data will be lost
[   90.785342][   T57] 
[   90.795053][   T57] EXT4-fs (loop4): Total free blocks count 0
[   90.801068][   T57] EXT4-fs (loop4): Free/Dirty block details
[   90.807136][   T57] EXT4-fs (loop4): free_blocks=0
[   90.812151][   T57] EXT4-fs (loop4): dirty_blocks=16
[   90.817431][   T57] EXT4-fs (loop4): Block reservation details
[   90.823621][   T57] EXT4-fs (loop4): i_reserved_data_blocks=1
[   90.838919][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.928045][ T5826] netlink: 'syz.3.805': attribute type 3 has an invalid length.
[   90.952019][ T5824] usb usb8: usbfs: process 5824 (syz.4.804) did not claim interface 0 before use
[   90.995479][ T5826] loop3: detected capacity change from 0 to 512
[   91.015843][ T5826] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   91.033523][ T5826] EXT4-fs (loop3): 1 truncate cleaned up
[   91.039908][ T5826] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.057415][ T5828] netlink: 'syz.4.806': attribute type 8 has an invalid length.
[   91.057714][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.093978][ T5828] loop4: detected capacity change from 0 to 512
[   91.165856][ T5828] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   91.212313][ T5836] netlink: 'syz.0.809': attribute type 8 has an invalid length.
[   91.262238][ T5828] EXT4-fs (loop4): mount failed
[   91.288705][ T5836] loop0: detected capacity change from 0 to 512
[   91.318241][ T5836] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   91.355840][ T5836] EXT4-fs (loop0): mount failed
[   91.459291][ T5849] FAULT_INJECTION: forcing a failure.
[   91.459291][ T5849] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.472466][ T5849] CPU: 1 UID: 0 PID: 5849 Comm: syz.0.813 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   91.472573][ T5849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.472585][ T5849] Call Trace:
[   91.472626][ T5849]  <TASK>
[   91.472636][ T5849]  __dump_stack+0x1d/0x30
[   91.472660][ T5849]  dump_stack_lvl+0xe8/0x140
[   91.472679][ T5849]  dump_stack+0x15/0x1b
[   91.472735][ T5849]  should_fail_ex+0x265/0x280
[   91.472772][ T5849]  should_fail+0xb/0x20
[   91.472850][ T5849]  should_fail_usercopy+0x1a/0x20
[   91.472888][ T5849]  _copy_from_user+0x1c/0xb0
[   91.472908][ T5849]  memdup_user+0x5e/0xd0
[   91.472934][ T5849]  strndup_user+0x68/0xb0
[   91.472960][ T5849]  __se_sys_mount+0x4d/0x2e0
[   91.472983][ T5849]  ? fput+0x8f/0xc0
[   91.473087][ T5849]  ? ksys_write+0x192/0x1a0
[   91.473125][ T5849]  __x64_sys_mount+0x67/0x80
[   91.473144][ T5849]  x64_sys_call+0xd36/0x2fb0
[   91.473171][ T5849]  do_syscall_64+0xd2/0x200
[   91.473192][ T5849]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.473289][ T5849]  ? clear_bhb_loop+0x40/0x90
[   91.473314][ T5849]  ? clear_bhb_loop+0x40/0x90
[   91.473394][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.473415][ T5849] RIP: 0033:0x7fd1259de929
[   91.473436][ T5849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.473454][ T5849] RSP: 002b:00007fd124047038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   91.473476][ T5849] RAX: ffffffffffffffda RBX: 00007fd125c05fa0 RCX: 00007fd1259de929
[   91.473489][ T5849] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[   91.473576][ T5849] RBP: 00007fd124047090 R08: 0000200000000140 R09: 0000000000000000
[   91.473587][ T5849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.473599][ T5849] R13: 0000000000000000 R14: 00007fd125c05fa0 R15: 00007ffeedfea1c8
[   91.473618][ T5849]  </TASK>
[   91.807378][ T5857] loop1: detected capacity change from 0 to 1024
[   91.815912][ T5857] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   91.932017][ T5857] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.817: missing EA_INODE flag
[   91.943931][ T5857] EXT4-fs (loop1): Remounting filesystem read-only
[   92.073711][ T5870] netlink: 'syz.3.822': attribute type 4 has an invalid length.
[   92.114790][   T29] kauditd_printk_skb: 469 callbacks suppressed
[   92.114806][   T29] audit: type=1400 audit(1751181169.344:6648): avc:  denied  { mount } for  pid=5865 comm="syz.1.819" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   92.149228][ T5873] lo speed is unknown, defaulting to 1000
[   92.186689][ T5873] lo speed is unknown, defaulting to 1000
[   92.232986][ T5873] lo speed is unknown, defaulting to 1000
[   92.256622][ T5870] usb usb8: usbfs: process 5870 (syz.3.822) did not claim interface 0 before use
[   92.293133][ T5873] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   92.318127][   T29] audit: type=1400 audit(1751181169.404:6649): avc:  denied  { write } for  pid=5865 comm="syz.1.819" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   92.338932][   T29] audit: type=1400 audit(1751181169.404:6650): avc:  denied  { open } for  pid=5865 comm="syz.1.819" path="/164/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   92.361080][   T29] audit: type=1400 audit(1751181169.534:6651): avc:  denied  { setattr } for  pid=5865 comm="syz.1.819" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   92.402670][ T5873] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   92.442875][ T5873] lo speed is unknown, defaulting to 1000
[   92.449925][   T29] audit: type=1326 audit(1751181169.694:6652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5877 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19396be929 code=0x7ffc0000
[   92.456551][ T5873] lo speed is unknown, defaulting to 1000
[   92.473341][   T29] audit: type=1326 audit(1751181169.694:6653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5877 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19396be929 code=0x7ffc0000
[   92.502878][   T29] audit: type=1326 audit(1751181169.714:6654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5877 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f19396be929 code=0x7ffc0000
[   92.508067][ T5879] netlink: 'syz.3.824': attribute type 8 has an invalid length.
[   92.526233][   T29] audit: type=1326 audit(1751181169.714:6655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5877 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19396be929 code=0x7ffc0000
[   92.557318][   T29] audit: type=1326 audit(1751181169.714:6656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5877 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19396be929 code=0x7ffc0000
[   92.559688][ T5873] lo speed is unknown, defaulting to 1000
[   92.580979][   T29] audit: type=1326 audit(1751181169.714:6657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5877 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19396be929 code=0x7ffc0000
[   92.612351][ T5873] lo speed is unknown, defaulting to 1000
[   92.619058][ T5873] lo speed is unknown, defaulting to 1000
[   92.638098][ T5878] loop3: detected capacity change from 0 to 512
[   92.715912][ T5878] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   92.735241][ T5878] EXT4-fs (loop3): mount failed
[   92.846397][ T5894] netlink: 'syz.0.830': attribute type 8 has an invalid length.
[   92.862725][ T5896] loop4: detected capacity change from 0 to 1024
[   92.877598][ T5894] loop0: detected capacity change from 0 to 512
[   92.909531][ T5896] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.926891][ T5894] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   92.945926][ T5896] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 16: comm syz.4.831: path /165/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[   92.949451][ T5894] EXT4-fs (loop0): mount failed
[   93.133117][ T5907] siw: device registration error -23
[   93.442743][ T5917] FAULT_INJECTION: forcing a failure.
[   93.442743][ T5917] name failslab, interval 1, probability 0, space 0, times 0
[   93.455499][ T5917] CPU: 0 UID: 0 PID: 5917 Comm: syz.4.839 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   93.455528][ T5917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.455540][ T5917] Call Trace:
[   93.455548][ T5917]  <TASK>
[   93.455557][ T5917]  __dump_stack+0x1d/0x30
[   93.455584][ T5917]  dump_stack_lvl+0xe8/0x140
[   93.455616][ T5917]  dump_stack+0x15/0x1b
[   93.455690][ T5917]  should_fail_ex+0x265/0x280
[   93.455792][ T5917]  should_failslab+0x8c/0xb0
[   93.455815][ T5917]  __kmalloc_noprof+0xa5/0x3e0
[   93.455840][ T5917]  ? alloc_pipe_info+0x1c9/0x350
[   93.455860][ T5917]  alloc_pipe_info+0x1c9/0x350
[   93.455899][ T5917]  splice_direct_to_actor+0x592/0x680
[   93.456063][ T5917]  ? kstrtouint_from_user+0x9f/0xf0
[   93.456163][ T5917]  ? __pfx_direct_splice_actor+0x10/0x10
[   93.456201][ T5917]  ? __rcu_read_unlock+0x4f/0x70
[   93.456247][ T5917]  ? get_pid_task+0x96/0xd0
[   93.456301][ T5917]  ? avc_policy_seqno+0x15/0x30
[   93.456335][ T5917]  ? selinux_file_permission+0x1e4/0x320
[   93.456416][ T5917]  do_splice_direct+0xda/0x150
[   93.456533][ T5917]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   93.456579][ T5917]  do_sendfile+0x380/0x650
[   93.456698][ T5917]  __x64_sys_sendfile64+0x105/0x150
[   93.456731][ T5917]  x64_sys_call+0xb39/0x2fb0
[   93.456758][ T5917]  do_syscall_64+0xd2/0x200
[   93.456783][ T5917]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.456825][ T5917]  ? clear_bhb_loop+0x40/0x90
[   93.456850][ T5917]  ? clear_bhb_loop+0x40/0x90
[   93.456922][ T5917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.456950][ T5917] RIP: 0033:0x7f42b937e929
[   93.456969][ T5917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.457059][ T5917] RSP: 002b:00007f42b79e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   93.457078][ T5917] RAX: ffffffffffffffda RBX: 00007f42b95a5fa0 RCX: 00007f42b937e929
[   93.457093][ T5917] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[   93.457108][ T5917] RBP: 00007f42b79e7090 R08: 0000000000000000 R09: 0000000000000000
[   93.457123][ T5917] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001
[   93.457185][ T5917] R13: 0000000000000000 R14: 00007f42b95a5fa0 R15: 00007ffd57cb8d88
[   93.457209][ T5917]  </TASK>
[   93.996134][ T5939] loop4: detected capacity change from 0 to 1024
[   94.026188][ T5939] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   94.059482][ T5939] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.847: missing EA_INODE flag
[   94.072363][ T5939] EXT4-fs (loop4): Remounting filesystem read-only
[   94.272349][ T5950] loop0: detected capacity change from 0 to 128
[   94.279024][ T5950] EXT4-fs: test_dummy_encryption option not supported
[   94.540828][ T5956] netlink: 'syz.4.852': attribute type 8 has an invalid length.
[   94.618437][ T5956] loop4: detected capacity change from 0 to 512
[   94.743039][ T5962] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   94.777751][ T5956] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   94.828623][ T5956] EXT4-fs (loop4): mount failed
[   94.930839][ T5970] loop2: detected capacity change from 0 to 512
[   94.937946][ T5970] EXT4-fs: Ignoring removed oldalloc option
[   94.945341][ T5970] EXT4-fs (loop2): can't mount with journal_async_commit, fs mounted w/o journal
[   95.306750][ T5975] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   96.219868][ T5990] netlink: 'syz.4.865': attribute type 4 has an invalid length.
[   96.295258][ T5990] usb usb8: usbfs: process 5990 (syz.4.865) did not claim interface 0 before use
[   96.348282][ T5993] vcan0: entered allmulticast mode
[   96.359786][ T5993] vcan0: left allmulticast mode
[   96.381519][ T5993] netlink: 'syz.3.866': attribute type 1 has an invalid length.
[   96.415558][ T5995] netlink: 'syz.4.867': attribute type 21 has an invalid length.
[   96.424209][ T5995] netlink: 156 bytes leftover after parsing attributes in process `syz.4.867'.
[   96.437286][ T5993] loop3: detected capacity change from 0 to 512
[   96.443805][ T5993] EXT4-fs: Ignoring removed bh option
[   96.494899][ T5993] EXT4-fs: Ignoring removed bh option
[   96.586709][ T5993] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   96.621043][ T5993] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   96.660066][ T5993] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   96.688801][ T5993] EXT4-fs (loop3): orphan cleanup on readonly fs
[   96.725463][ T5993] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   96.751868][ T5993] EXT4-fs (loop3): Cannot turn on quotas: error -22
[   96.776118][ T5993] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.866: Invalid block bitmap block 0 in block_group 0
[   96.809411][ T5993] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   96.835176][ T5993] EXT4-fs (loop3): 1 orphan inode deleted
[   96.912410][ T6004] loop4: detected capacity change from 0 to 1024
[   96.937018][ T6004] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   96.976748][ T6004] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.870: missing EA_INODE flag
[   97.001017][ T6004] EXT4-fs (loop4): Remounting filesystem read-only
[   97.088494][ T6017] loop1: detected capacity change from 0 to 1024
[   97.097329][ T6019] netlink: 'syz.4.875': attribute type 3 has an invalid length.
[   97.128020][ T6017] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.167951][   T29] kauditd_printk_skb: 355 callbacks suppressed
[   97.167972][   T29] audit: type=1326 audit(1751181174.424:7010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6018 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   97.170537][ T6017] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 16: comm syz.1.874: path /167/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[   97.174231][   T29] audit: type=1326 audit(1751181174.424:7011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6018 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   97.202114][ T6019] loop4: detected capacity change from 0 to 512
[   97.217916][   T29] audit: type=1326 audit(1751181174.424:7012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6018 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   97.270842][   T29] audit: type=1326 audit(1751181174.424:7013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6018 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   97.294238][   T29] audit: type=1326 audit(1751181174.424:7014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6018 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   97.305827][ T6019] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   97.327692][   T29] audit: type=1326 audit(1751181174.464:7015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6018 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   97.351163][   T29] audit: type=1326 audit(1751181174.464:7016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6018 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   97.366297][ T6019] EXT4-fs (loop4): 1 truncate cleaned up
[   97.374525][   T29] audit: type=1326 audit(1751181174.464:7017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6018 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   97.403603][   T29] audit: type=1326 audit(1751181174.464:7018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6018 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f42b937e929 code=0x7ffc0000
[   97.427080][   T29] audit: type=1326 audit(1751181174.464:7019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6018 comm="syz.4.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f42b937e963 code=0x7ffc0000
[   98.000655][ T6063] loop2: detected capacity change from 0 to 1024
[   98.013970][ T6063] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   98.100240][ T6070] loop2: detected capacity change from 0 to 512
[   98.112228][ T6070] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.892: corrupted in-inode xattr: invalid ea_ino
[   98.135415][ T6070] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.892: couldn't read orphan inode 15 (err -117)
[   98.308648][ T6084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.326626][ T6084] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.344699][ T6084] loop0: detected capacity change from 0 to 2048
[   98.352978][ T6084] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[   98.579491][ T6101] netlink: 'syz.4.904': attribute type 3 has an invalid length.
[   98.657226][ T6107] netlink: 'syz.1.907': attribute type 3 has an invalid length.
[   98.679852][ T6107] loop1: detected capacity change from 0 to 512
[   98.699493][ T6107] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   98.726250][ T6110] loop4: detected capacity change from 0 to 164
[   98.733414][ T6110] ISOFS: unable to read i-node block
[   98.738809][ T6110] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   98.749865][ T6107] EXT4-fs (loop1): 1 truncate cleaned up
[   99.034069][ T6122] netlink: 'syz.1.911': attribute type 21 has an invalid length.
[   99.041980][ T6122] netlink: 156 bytes leftover after parsing attributes in process `syz.1.911'.
[   99.089413][ T2994] ==================================================================
[   99.097578][ T2994] BUG: KCSAN: data-race in dentry_unlink_inode / step_into
[   99.104818][ T2994] 
[   99.107161][ T2994] write to 0xffff888106aea030 of 8 bytes by task 4933 on cpu 1:
[   99.114814][ T2994]  dentry_unlink_inode+0x65/0x260
[   99.119872][ T2994]  d_delete+0x164/0x180
[   99.124059][ T2994]  d_delete_notify+0x32/0x100
[   99.128770][ T2994]  vfs_unlink+0x30b/0x420
[   99.133133][ T2994]  do_unlinkat+0x28e/0x4c0
[   99.137585][ T2994]  __x64_sys_unlink+0x2e/0x40
[   99.142302][ T2994]  x64_sys_call+0x22a6/0x2fb0
[   99.147000][ T2994]  do_syscall_64+0xd2/0x200
[   99.151528][ T2994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.157445][ T2994] 
[   99.159786][ T2994] read to 0xffff888106aea030 of 8 bytes by task 2994 on cpu 0:
[   99.167364][ T2994]  step_into+0x122/0x820
[   99.171680][ T2994]  walk_component+0x162/0x220
[   99.176470][ T2994]  path_lookupat+0xfe/0x2a0
[   99.181006][ T2994]  filename_lookup+0x147/0x340
[   99.185797][ T2994]  do_readlinkat+0x7d/0x320
[   99.190327][ T2994]  __x64_sys_readlink+0x47/0x60
[   99.195222][ T2994]  x64_sys_call+0x2cf3/0x2fb0
[   99.199921][ T2994]  do_syscall_64+0xd2/0x200
[   99.204441][ T2994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.210374][ T2994] 
[   99.212710][ T2994] value changed: 0xffff88811a8ce360 -> 0x0000000000000000
[   99.219832][ T2994] 
[   99.222167][ T2994] Reported by Kernel Concurrency Sanitizer on:
[   99.228331][ T2994] CPU: 0 UID: 0 PID: 2994 Comm: udevd Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   99.240350][ T2994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.250429][ T2994] ==================================================================
[   99.263373][ T6129] tipc: Enabling of bearer <udp:£> rejected, already enabled