last executing test programs:

3.22341804s ago: executing program 4 (id=4303):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r1, 0x0, 0x0)

3.149467777s ago: executing program 4 (id=4304):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
modify_ldt$write(0x1, &(0x7f0000000040)={0x401, 0x1000, 0x4000, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@getrule={0x14, 0x22, 0x400, 0x70bd27, 0x25dfdbfe, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)
r5 = eventfd(0x5)
r6 = eventfd2(0x1bba0000, 0x1)
r7 = open_tree(0xffffffffffffffff, &(0x7f00000009c0)='./file0\x00', 0x1)
io_submit(0x0, 0x8, &(0x7f0000000b80)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x7, 0x401, 0xffffffffffffffff, &(0x7f00000002c0)="7d4f9e53129921a4e847302d3e4370ca6a", 0x11, 0xb}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x5, 0x7ff, r3, &(0x7f0000000380)="61ce99145e00ca55de1f8231c02f46fdc68fa75b191da7c56dbf6c1610bf5699aa1d60db439dd9e69b51dc34fbe7dab562cae4f7334432e1edf2da1b82a0d51b865d6a45b58cfd3a84e0ac5157cb47b743aa77ee37042d9f", 0x58, 0x7, 0x0, 0x1}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x3, 0x7, r4, &(0x7f00000005c0)="f78570569f2a68f1755877e0052089124ddad9d77ad86cbba6850d7846d52a447d5a81862f8ad5c9be85d701f8bfc8004d24e2366cc71c2f663d92da5b0b704d92d2ba0ce84d7a5eb211541a94043ec8c20e9504f162e250aee0b751d00495a87a2541e9072a4513e91984df52fe", 0x6e, 0x1, 0x0, 0x3, r5}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x9, r3, &(0x7f0000000c00)="4162a9fc4eb4969bdfe0515f58967ff26c8e8358f7a834d10a8d2733117602e86a6da2c9a19cf7167d1425b2e4b8b5cdea459c3f58d2f2ddfdfe5da14af4dadcd101dc125a7c3407fe4949e7cc51fb6e10de4457407ac9ee2eb1888d1c634faa7241c7bb961aeb0874914fbaa7aa9946100fdc1a744ad9094efa1bf1457ac192a49922b37d6dc21172ffabc1f540e5ad60d04763438fe408edd45c42aa93be2396f848006ffcb4e8a3f48896ace634998f6d6192a59527c720234e803c574c61e4d5f390655195310e8c8feaf3607fc67c408770aaf1204f5bfdf6df0428e92a2f6dbad525270bac718381a4cd3aa3b40f5b4aa17972ce804d715180c9e92d20231b9bcbe6e5b1ca2e17813c68c8ae438c553dbf7f41a8bad458a72c9e9a339e7a0417341ab5d22db6c632fb6f34b5255f10a8b3f2fafec6af9272267d3a96d44f1b05cc855599828558187a490f619a48e7119c69f4275268da8ce7c0b2ed4d4a45da2b31f6dd93d325e4ccc0fd5041858dc36791b2a14972b946dbb7e22e7af26167a7612c8d83813c311f1ee4bb34cec12e577db73fe8022ac1af9ebf89bb738a349a4f278efb1ab59df506ca1e6efcc99e687de80387579b79f9ec4b119c8a04c6d973abb6b0da6efd2757b72fb81d8a5b0109ac26c0758ce6107023eb548f3bc65e72a2b0e950a821d81571ef065a95ab4caf81327cf904553cb1b6881d13c26d9fbb0d770c490f7fe684bb4c1071d1fc521cb7e94672a93cc32670f3f357766fc19ed23fd046d9c34086909854382e18c1f027d3431539ef8457f316d22c8fbfaf9eb6c90869116469a5b022cc0a253007e5f2724cd032d39b4495a9a3fcf1e46050ff8f0632ba3ae57d3fa45adccd9dd1d365c7e821fb59f643c3e6baae2757640489c81f5d986b2b936cb019bf8fa0bf7a54098a82dede7b14f9c08d35aad389d4b2bf3e314b118d009a2d999ab7e274141816bcaca243ba58557490afc384358369f17718a65521a3859121ac671f3b234db404aaf55f42a11949d3513f3ed86fcbbe99bf214edc5156d14b25d79e0aed56ab9ebeacebcc6cd49586fea3961a49646ad670829a0222e64f178a75551335e3d5972f978fbc3ed11c30e6646262a3b2e8f8d202933024a5367034dfe719b2bf219bcd3cb8c7696fbbc8c1f2043de8fbd345c696debcbefaa8262e773039216c37167aba912d53d3d145e7a5f016ec96bda163526e3c64f3d835f83ab163a1f9ba645ed9e6d87fb1de1f5ef402b887a6927dae53f6c82af8e945ca57da4a5e024f78b1d0bee8662941ff34c45b261413d68ee29b59278a7693097547473d7dfb042719be32d13feee778df74e2136af2ace9e1916f03b8a897f91e722b16e724b363305f820c04d2ff8482130f8067b1d13641dc157d265d4d17947f96bc90afb4c0c380d0ec9bda1244d65972ee317c52c6535ca2f1968a4291509d0c13034cecc171ea7b864d3383da1c504fc9beeb94b0062cbee7736d8a3abb41656b0eca725e85b81304530ffac6abfa3d59bc63a87144ef15ce395975165e6d3fb4bf1a77cd491bd290734718bce89c16ec4798788026faa116e89fe44217e4f70dcdd6dc2f4a9f1694ac57e630ac67fb4f36e1c9003d221a6c691805164e76b5f2df5ae9a8b79ed74ebc40cb16d58a067800270bb88a153a649988f64b2464cb4119875fa7c1b6369ebc341990fb59a7973d0c0136e253a3b011e448c3467d46b67832dacde43b87b3c79e63452075d62f9fb04411fc9c8a1579b4ebbf1423d289d4713c54141f582977e7eb82c268086a6e50ede60cd40ed186c974acfbb8ce86064838ff699616fa470b1bf155d5d38f7df4c40468c70c1f0cdf542f423b8b721672f03ea5656e6000bd41db79f91ad437cd64327fd394645b245b1f9e4a052bb06701661e2fbc81a2cee074baf488881929f0e850e41ef476c25ea2323daf4bcf1d30a817b6b6dfe805cfcaa77a469bbfb5ceaf31decf3b3ae3c81b109381ae0f577c973df6e983dc25e1c70852b49dedb3a0af3e955b96486567fa8d06c428e5373e85731b438d376bceddf1157bb8d7d628c2fa30f29a91956a12caacbd4990f7705f10c82c2361ef04a6b74835cd5c0bb08921db04b1acb0e42d9cfbbf3531ef29f5e2ba85f03fbab31f83704ae79cab001fef6e47e39f0af060c909a68665727807a53fa64dbf6e415321ddcc3978b3321a90d89acfa3de04396380ebbbb43058f563ead310f10c64d74351bbf324e8a8311bbae395be4dd5d65b10b5aa83ec8d27b350c0303e6d683279103836a7022e55c2c021530be55f3012c6088bd505eb62d2cc6b6b28fa9d7af381076d3763cd36d5d69d2a4c723f8b0b0de555663213536845e3234a34aa73164eec3d11b7c9c08652c422dd523b3f34480773b86580eacb1026cedd61224f96a4f20bc15eb8657f14322c2d1bade6c2e822488eb405736211c49ff278c6167ac6fcf32a5af8ae822b35953c6605521c6c3a142846b46727f829c1f278c6b9b8a374c05d3da8b30b1c1e1e793505d8844fb1636efc52c1d5260c0417b99bebba70a1e39267a95a5a48efb732073187d06894456b53801755188c616d072325af3aaf8b6bf8415491ee004dc4dccb78fb15da9064603cbd5173e45a7daad0983f647b23fb71d29afcc12147f9b21a63eb47973f7fe00297ebd9bb685e27d6b505e555857f99095329dfeb774b7d2adfb57ff41de027a2739c44379ee78e4eb98426e11d22ca649327fda93e47a65449bd1b7a9ca5131ee8f043d467f0bdc7f534bcd1209da94dd0cee9059c913c04548d45f0c229f206cf1b36f31b32fce654600884e1fe5d633752324cff83ba93d6a9fb740b4ba7f136a56baf12bb1d2e0ea4d00a28c8c8f5f2fd828f7226597253c07ccc59f89cc21bcf4faa56894713f7edff07883997bf4df1c8c19e9981cb659877b932db03c6ba23876c51a636aee9cf0536f0511bdca2f25ac938125234c0216f6fe17a94ee230f16de400778fc4fe845fd773c64802c2c995684656d0a99a2e5ebe096737978d9a20ee1b53a063c41b78010f2b1fa927085a85f4663613a36f0a009b6d88e6d3efdefdd84af546d30717218068959be2e80d9f6ebbc64aac93ad06509b0f217e3e72de7abb0d9ce59f652219fd368e1a91196e04c50edd9bb3c48a625880b209c39552d972eb6f7d594b32725f729dca6b960408d7188f162455deb1312b1cb7c355597342e2eaa24963886c315687888698e8c64f65d6257ac44c28e49b3c10323516dd448a909f8b2888eb8b001422f027cd772372dd5df0f48963c3f0b225eb668b4165f98452b946be48dd3b248e5581da8b7ac88ca560a1a5e370582039b1c1bbcb1d80ced649530cd1e2248fa402e3557760d51809f9aa86c748e255653389d6e3d0059c50a43c97e4840cdd3c1c95941e9e7c2d6a4d5fcec6373c84fabfce716666a881174e57c0c02f72c1f5b3f4ab4b9502850830b02d7794247aa3112db56a0bc55a30e445eccd7dc4aeed8052e279ac614c415f135d102a26a54ba6479f5072206f3bf11c1c83f2fdc35ff88b1a1aac10e6c77c9b2934ec86ac620dd5748cedb2b0c1743637fb578a6d8c825749d3d8977ecc59e33dd9ae1fd58bb5dd17f492bec911f28cce16cdc1a81ab08c0e2a9d89c374fe875b280bf801d78231daed4588c8ede64f146f3a0765d54aab5eb6eaa364240a09fb68b7e0957b4946bd8c6e6ba2d9b6033e2272cf780862a8f4116232ccc6930ef2869e13d1749ea84bf9f89043e7fa722e10333db171f14d736f00966f13dc476a4810efaf05b2d1a007897d092dcdac64d073f15bbaa7435f9689b2ba980e4c7f6a1f01b3b363a7f512db5a0119580823e3bfa6f7343889741c4ab56f789f925f53f50542490e7e7e462a002567b96012782fc35dada63c4c058685d3ce45f1a77a0ce9d1a32ef653651ff2e3fddeae2b81da7869847f9d343043385f447e8a96d30a78f8ac0f60d204e1757d0e217c0d3b002c2a76a523d1dd03705a8cd68cef16978fdb7bb003657105fd072cc020f9ba9aa9b26d6d963aa1f5c4aeed33c4f0559a46cf393aa41ea1a9c545bd9792662ccf4f792c14320cfcf234911d9df23c12bdaeefaa3d798638ac02d247ff1bfa7d86b246d19c5c2f7f6cd5fe44ec83d5f210f563acd87c8ee96884e9186a8a903783457e04978d6d2ad0161269df639fd528a43b0d8c531e6d175888f3fb1b2e619e9eb5c6a6c92f55f7e363fab3eecf6cd6150c2ace1f7d4421e70603b52786d350c2416eeea28d0cb2476a72b7883649b4b4ce0d6c1792a2be179d122606c1d6fcdeef9597ca31f86794fb14ae0c15cfb6452b8ab225074ff5ad79439a5b481497a966790ef1da8e662db6cc217e9c2751a577d0ce4474540d62ac4b98e300e2146adfc3f6ca2e0181fcc473c7e965e631470bb042e2132864a69623237bc057dff7d351908487f7391881afa0c56c044ca4cb3f093c36afbbbb4683aa6c1909e455c990263b9413b27f77c0cf4a3406658889d903673974f835b3e48400e30ff976daae483733798cdcb8f31255f3582828c0c74b4509db8682ffd87d0d9602a4a0ac9db6707480afe42f2c02ed91bc857003447ee2b317f63bdb5e6ce20f02aa8786fd78317e7dea810ad25b1f6fa7c30fd7f4409eba1679bb75281f2c68aa4b006f6550cbae2c6568bfab6e9570d0e8b082433d9ced0d4268be532cd1efc566ad796414264151f5551608e5f9af4d19e9f274e77d38048e8b85703c33f6cbfaaf531e0d0a49fae9d130e24d406d0dcbe61e0eca4a3f3e0475eaa311f37b306eaacb8b5d87126660b3fb04bdca4ecac0c8a3d2b26289697ca626b32bae007c30771b7052db093a1016382d108982b089bfd189a39bbcaa10b99c37f1c8f4dea017f5f76f4e193f39a712f7a984568d56b8b0055266d8dd4ed28a40958882b2979154e5095841fc0017a09ddab92053b1944aea073cb91083723c1e47fd6b287ecc51afa09e622ffde470b7d242e41ff80e345f6a071ae702c399655ceb46f2ed41046f71adb98a3c9c25449bbf01915e761dfbb86f28c584ee5caac68d070f6f9e77390c6ce2d4f0a6637231ec4eb5ea72d83773817a6338fb68cb206cdd000f6b48d1177489ea4bf90e4d08628dbb70b8bcbf25afbd081276f356e90f1759dcbb8bb5c8fc4296d30f8a88af37b321858a258db054c71803da07956005dee6643741a2c49ce0ff8723724831b7d56221a847d9b4c73f16accc61d110116b971b5973c853c19d3e96d53d642157af3615bbc838d982767de5dfca466369dc36852a0a4099ea6e01f5d0822b06019ccf5762c05e113ff80db756ab4af9e3b304b98b247125ab407b8ffb32fb687c03c0b0f8955506ea035a55a1d904b8c552dd96c2bc7c86ad8097b3bbc6bbbb40337f1bbe185fb48b79400d2c74a25221b1b6320b13c46c2cefd8b9a40a6f9858498c8f72e2e62bcf74d910cc04d06430eef94d61604068f20f54e433cdb3ea9004a00fd76f896fd19b03a5b1211d79611cc8cbe01e0d8ad3dc1260c22251fc69d0000a6f0eb942b609850f9152a76a9f0d29df0eee49a3f1a6bc6d29e2ed8f1f42f8c066ac39100c917f8b1ca3ae8c2873c01174c654d40ec218f7ddaeaf217d2f378d29584e12830fa1a481785f579c980dd0e13715bffbe8d731d0e47800a224ad0f28fcccb32343daa81c83add9168dcd3672d323391a7a1813ff73bbc47c944cb48b04d80cd25561352c333", 0x1000, 0x4a9, 0x0, 0x1}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x5, 0x7, r0, &(0x7f0000000840)="54d734ae5c2426cf380b858d11293748def7", 0x12, 0x2, 0x0, 0x3, r6}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x3, 0x7ff, r1, &(0x7f0000000900)="b1e54dfb7d5e5035a6c1f4254194", 0xe, 0x93, 0x0, 0x3}, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x8, 0xc6, r7, &(0x7f0000000a00)="e0f1ccbcf0cec6545e7d3a09761f9416160affc69026dc11d6a3dd0bea451b0043ed012f8a4232e873efe6f0e1ac64190cd7e8de12ace60b431b0ee36197d87e84524a6963cbc6625e7a9b3fe5787d81b9ccdff49547ae2a0aea00973fb6cb07978e4047d57ee8e31347652ae48036c8c63051b2d1541288ff8b28167c3da9b0eabc6404367c5829292490cf7af53da6349137589cfa35f1c2", 0x99, 0x7, 0x0, 0x2}, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x8, 0xb, r2, &(0x7f0000001c00)="1e743ea2963f3e674b68434ad2c764012d92133711694270563b0d8590f7079fbc0e2d94996c4e9bdce192f4c1f1fcc2e71d2d1b6f29795daba5b8d928dbda10f332b2be1e439e126ae53d8ca64017bc16b7daf6d40dfc748c76d8a18d1d0d8d9c514ec41ca1ddc3d3a3756b016599", 0x6f, 0x80000000, 0x0, 0x2}])
rt_sigtimedwait(&(0x7f0000000100)={[0x3ff]}, &(0x7f0000005c80), 0x0, 0x8)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000001c80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

2.708199042s ago: executing program 1 (id=4314):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r2, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bridge0\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYRESHEX=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r4, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='kfree\x00', r5, 0x0, 0x3}, 0x18)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newsa={0x154, 0x10, 0x1, 0x0, 0x0, {{@in6=@private1, @in=@private}, {@in=@broadcast, 0x0, 0x32}, @in6=@private1, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xcd}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @replay_esn_val={0x1c}]}, 0x154}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x20, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xffffffff}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f00000007c0)={'vcan0\x00'})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x7, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone3(&(0x7f0000000280)={0x2004800, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080), {0x6}, &(0x7f0000000100)=""/228, 0xe4, &(0x7f0000000200)=""/6, &(0x7f0000000240)=[0x0], 0x1}, 0x58)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
fcntl$dupfd(r7, 0x0, r7)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r8}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008680)=[{{&(0x7f0000001b00)={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x8001}, 0x1c, 0x0, 0x0, &(0x7f0000003d40)=[@pktinfo={{0x24, 0x29, 0x32, {@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}], 0x28}}], 0x1, 0x24008000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r10}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)

2.374092429s ago: executing program 2 (id=4316):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = socket$inet(0xa, 0x801, 0x84)
listen(r1, 0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000180)={0x0, 0x1c, &(0x7f0000000140)=[@in6={0xa, 0x4e20, 0x207, @mcast2, 0x3}]}, &(0x7f00000001c0)=0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="9115463ecc790180c200000308060001080006040002aaaaaaaaaabbd012dfdc5d29ac1414bbaa"], 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r5=>0x0})
sendto$packet(r4, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @link_local}, 0x14)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r3)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="bbfb2bbd7000fddbdf21670000000800c400020000000800c3"], 0x24}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r7, &(0x7f0000000280)={0x2, 0x0, @loopback}, 0x10)
close(r7)

2.373744139s ago: executing program 2 (id=4317):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5)
getsockname$packet(r5, &(0x7f0000000680)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c0001006272696467"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=@newtfilter={0x3c, 0x28, 0x575ac7824d421509, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, r6, {}, {0x1}, {0x4, 0x3d}}, [@TCA_RATE={0x6, 0x5, {0x0, 0x5}}, @filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x3c}}, 0x40)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0x1}}}, 0x24}}, 0x10)

2.329865902s ago: executing program 2 (id=4318):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0xf)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
recvfrom(r1, &(0x7f0000004000)=""/4112, 0xfffffffffffffedc, 0x2080, 0x0, 0x0)

2.312306744s ago: executing program 2 (id=4319):
fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)=@ipv4_newnexthop={0x48, 0x68, 0x400, 0x70bd28, 0x25dfdbff, {0x2, 0x0, 0x1, 0x0, 0x1}, [@NHA_FDB={0x4}, @NHA_GROUP_TYPE={0x6}, @NHA_ID={0x8, 0x1, 0x2}, @NHA_FDB={0x4}, @NHA_ENCAP_TYPE={0x6, 0x7, 0xb}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x3}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x4010)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x9, 0x40000)
ioctl$USBDEVFS_SETCONFIGURATION(r4, 0x80045505, &(0x7f0000000040)=0xfffffc01)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
r6 = syz_io_uring_setup(0x110, &(0x7f00000004c0)={0x0, 0x14, 0x0, 0x3, 0x80}, &(0x7f0000000180)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f0000000300)=[r5], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000005c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x6000, @fd_index, 0x80000001, 0x0})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESDEC=0x0, @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='rxrpc_receive\x00', r9, 0x0, 0xff}, 0x35)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = syz_open_dev$mouse(&(0x7f0000000080), 0xb8, 0xb493c9a95524a93)
setsockopt$CAN_RAW_ERR_FILTER(r10, 0x65, 0x2, &(0x7f0000000280)=0x4, 0x4)
r11 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34, 0x0, 0x0, 0xfffffffc}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x4, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r11, 0x0, 0x1}, 0x48)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r12, 0x8946, &(0x7f0000000400)='{\x05T\x82\x89\x98Yi:')
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

2.095397711s ago: executing program 4 (id=4321):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x1e09aa98}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x40000000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f00000001c0), r3)
sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="364f019de0689117349dfb0865dcccc94f764ff53b56627a5949b743441d6910c42481c29b5f29b6d4e82f3711235af114faf886f7d06b455cea3fd4f27a9e78f8734e4460a5fcc2f7f5116197a733e938812a151af0e97b7a5d9c001c3e7e404eea8f0255aa18c17a7e494c324ff08a350748b177c86fb695f280c706a4435e243eae6225aee2f0c982675ab3eb6165d8e0f8661935588aed0fc90daa560403d342ce7de6a11c0e4653", @ANYRES16=r4, @ANYBLOB="01002dbd7000ffdbdf25030000"], 0x14}, 0x1, 0x0, 0x0, 0x30000040}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x9, 0x0, 0x0, &(0x7f0000000b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x82000, 0xc, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff4f}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000c80)='./cgroup.net/syz0\x00', 0x200002, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x6000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0}, 0x18)

1.832399662s ago: executing program 1 (id=4326):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, 0x0, 0x0)
recvmsg$unix(r1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)

1.432084475s ago: executing program 2 (id=4331):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
modify_ldt$write(0x1, &(0x7f0000000040)={0x401, 0x1000, 0x4000, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@getrule={0x14, 0x22, 0x400, 0x70bd27, 0x25dfdbfe, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b7000000000000"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)
r5 = eventfd(0x5)
r6 = eventfd2(0x1bba0000, 0x1)
r7 = open_tree(0xffffffffffffffff, &(0x7f00000009c0)='./file0\x00', 0x1)
io_submit(0x0, 0x8, &(0x7f0000000b80)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x7, 0x401, 0xffffffffffffffff, &(0x7f00000002c0)="7d4f9e53129921a4e847302d3e4370ca6a", 0x11, 0xb}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x5, 0x7ff, r3, &(0x7f0000000380)="61ce99145e00ca55de1f8231c02f46fdc68fa75b191da7c56dbf6c1610bf5699aa1d60db439dd9e69b51dc34fbe7dab562cae4f7334432e1edf2da1b82a0d51b865d6a45b58cfd3a84e0ac5157cb47b743aa77ee37042d9f", 0x58, 0x7, 0x0, 0x1}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x3, 0x7, r4, &(0x7f00000005c0)="f78570569f2a68f1755877e0052089124ddad9d77ad86cbba6850d7846d52a447d5a81862f8ad5c9be85d701f8bfc8004d24e2366cc71c2f663d92da5b0b704d92d2ba0ce84d7a5eb211541a94043ec8c20e9504f162e250aee0b751d00495a87a2541e9072a4513e91984df52fe", 0x6e, 0x1, 0x0, 0x3, r5}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x9, r3, &(0x7f0000000c00)="4162a9fc4eb4969bdfe0515f58967ff26c8e8358f7a834d10a8d2733117602e86a6da2c9a19cf7167d1425b2e4b8b5cdea459c3f58d2f2ddfdfe5da14af4dadcd101dc125a7c3407fe4949e7cc51fb6e10de4457407ac9ee2eb1888d1c634faa7241c7bb961aeb0874914fbaa7aa9946100fdc1a744ad9094efa1bf1457ac192a49922b37d6dc21172ffabc1f540e5ad60d04763438fe408edd45c42aa93be2396f848006ffcb4e8a3f48896ace634998f6d6192a59527c720234e803c574c61e4d5f390655195310e8c8feaf3607fc67c408770aaf1204f5bfdf6df0428e92a2f6dbad525270bac718381a4cd3aa3b40f5b4aa17972ce804d715180c9e92d20231b9bcbe6e5b1ca2e17813c68c8ae438c553dbf7f41a8bad458a72c9e9a339e7a0417341ab5d22db6c632fb6f34b5255f10a8b3f2fafec6af9272267d3a96d44f1b05cc855599828558187a490f619a48e7119c69f4275268da8ce7c0b2ed4d4a45da2b31f6dd93d325e4ccc0fd5041858dc36791b2a14972b946dbb7e22e7af26167a7612c8d83813c311f1ee4bb34cec12e577db73fe8022ac1af9ebf89bb738a349a4f278efb1ab59df506ca1e6efcc99e687de80387579b79f9ec4b119c8a04c6d973abb6b0da6efd2757b72fb81d8a5b0109ac26c0758ce6107023eb548f3bc65e72a2b0e950a821d81571ef065a95ab4caf81327cf904553cb1b6881d13c26d9fbb0d770c490f7fe684bb4c1071d1fc521cb7e94672a93cc32670f3f357766fc19ed23fd046d9c34086909854382e18c1f027d3431539ef8457f316d22c8fbfaf9eb6c90869116469a5b022cc0a253007e5f2724cd032d39b4495a9a3fcf1e46050ff8f0632ba3ae57d3fa45adccd9dd1d365c7e821fb59f643c3e6baae2757640489c81f5d986b2b936cb019bf8fa0bf7a54098a82dede7b14f9c08d35aad389d4b2bf3e314b118d009a2d999ab7e274141816bcaca243ba58557490afc384358369f17718a65521a3859121ac671f3b234db404aaf55f42a11949d3513f3ed86fcbbe99bf214edc5156d14b25d79e0aed56ab9ebeacebcc6cd49586fea3961a49646ad670829a0222e64f178a75551335e3d5972f978fbc3ed11c30e6646262a3b2e8f8d202933024a5367034dfe719b2bf219bcd3cb8c7696fbbc8c1f2043de8fbd345c696debcbefaa8262e773039216c37167aba912d53d3d145e7a5f016ec96bda163526e3c64f3d835f83ab163a1f9ba645ed9e6d87fb1de1f5ef402b887a6927dae53f6c82af8e945ca57da4a5e024f78b1d0bee8662941ff34c45b261413d68ee29b59278a7693097547473d7dfb042719be32d13feee778df74e2136af2ace9e1916f03b8a897f91e722b16e724b363305f820c04d2ff8482130f8067b1d13641dc157d265d4d17947f96bc90afb4c0c380d0ec9bda1244d65972ee317c52c6535ca2f1968a4291509d0c13034cecc171ea7b864d3383da1c504fc9beeb94b0062cbee7736d8a3abb41656b0eca725e85b81304530ffac6abfa3d59bc63a87144ef15ce395975165e6d3fb4bf1a77cd491bd290734718bce89c16ec4798788026faa116e89fe44217e4f70dcdd6dc2f4a9f1694ac57e630ac67fb4f36e1c9003d221a6c691805164e76b5f2df5ae9a8b79ed74ebc40cb16d58a067800270bb88a153a649988f64b2464cb4119875fa7c1b6369ebc341990fb59a7973d0c0136e253a3b011e448c3467d46b67832dacde43b87b3c79e63452075d62f9fb04411fc9c8a1579b4ebbf1423d289d4713c54141f582977e7eb82c268086a6e50ede60cd40ed186c974acfbb8ce86064838ff699616fa470b1bf155d5d38f7df4c40468c70c1f0cdf542f423b8b721672f03ea5656e6000bd41db79f91ad437cd64327fd394645b245b1f9e4a052bb06701661e2fbc81a2cee074baf488881929f0e850e41ef476c25ea2323daf4bcf1d30a817b6b6dfe805cfcaa77a469bbfb5ceaf31decf3b3ae3c81b109381ae0f577c973df6e983dc25e1c70852b49dedb3a0af3e955b96486567fa8d06c428e5373e85731b438d376bceddf1157bb8d7d628c2fa30f29a91956a12caacbd4990f7705f10c82c2361ef04a6b74835cd5c0bb08921db04b1acb0e42d9cfbbf3531ef29f5e2ba85f03fbab31f83704ae79cab001fef6e47e39f0af060c909a68665727807a53fa64dbf6e415321ddcc3978b3321a90d89acfa3de04396380ebbbb43058f563ead310f10c64d74351bbf324e8a8311bbae395be4dd5d65b10b5aa83ec8d27b350c0303e6d683279103836a7022e55c2c021530be55f3012c6088bd505eb62d2cc6b6b28fa9d7af381076d3763cd36d5d69d2a4c723f8b0b0de555663213536845e3234a34aa73164eec3d11b7c9c08652c422dd523b3f34480773b86580eacb1026cedd61224f96a4f20bc15eb8657f14322c2d1bade6c2e822488eb405736211c49ff278c6167ac6fcf32a5af8ae822b35953c6605521c6c3a142846b46727f829c1f278c6b9b8a374c05d3da8b30b1c1e1e793505d8844fb1636efc52c1d5260c0417b99bebba70a1e39267a95a5a48efb732073187d06894456b53801755188c616d072325af3aaf8b6bf8415491ee004dc4dccb78fb15da9064603cbd5173e45a7daad0983f647b23fb71d29afcc12147f9b21a63eb47973f7fe00297ebd9bb685e27d6b505e555857f99095329dfeb774b7d2adfb57ff41de027a2739c44379ee78e4eb98426e11d22ca649327fda93e47a65449bd1b7a9ca5131ee8f043d467f0bdc7f534bcd1209da94dd0cee9059c913c04548d45f0c229f206cf1b36f31b32fce654600884e1fe5d633752324cff83ba93d6a9fb740b4ba7f136a56baf12bb1d2e0ea4d00a28c8c8f5f2fd828f7226597253c07ccc59f89cc21bcf4faa56894713f7edff07883997bf4df1c8c19e9981cb659877b932db03c6ba23876c51a636aee9cf0536f0511bdca2f25ac938125234c0216f6fe17a94ee230f16de400778fc4fe845fd773c64802c2c995684656d0a99a2e5ebe096737978d9a20ee1b53a063c41b78010f2b1fa927085a85f4663613a36f0a009b6d88e6d3efdefdd84af546d30717218068959be2e80d9f6ebbc64aac93ad06509b0f217e3e72de7abb0d9ce59f652219fd368e1a91196e04c50edd9bb3c48a625880b209c39552d972eb6f7d594b32725f729dca6b960408d7188f162455deb1312b1cb7c355597342e2eaa24963886c315687888698e8c64f65d6257ac44c28e49b3c10323516dd448a909f8b2888eb8b001422f027cd772372dd5df0f48963c3f0b225eb668b4165f98452b946be48dd3b248e5581da8b7ac88ca560a1a5e370582039b1c1bbcb1d80ced649530cd1e2248fa402e3557760d51809f9aa86c748e255653389d6e3d0059c50a43c97e4840cdd3c1c95941e9e7c2d6a4d5fcec6373c84fabfce716666a881174e57c0c02f72c1f5b3f4ab4b9502850830b02d7794247aa3112db56a0bc55a30e445eccd7dc4aeed8052e279ac614c415f135d102a26a54ba6479f5072206f3bf11c1c83f2fdc35ff88b1a1aac10e6c77c9b2934ec86ac620dd5748cedb2b0c1743637fb578a6d8c825749d3d8977ecc59e33dd9ae1fd58bb5dd17f492bec911f28cce16cdc1a81ab08c0e2a9d89c374fe875b280bf801d78231daed4588c8ede64f146f3a0765d54aab5eb6eaa364240a09fb68b7e0957b4946bd8c6e6ba2d9b6033e2272cf780862a8f4116232ccc6930ef2869e13d1749ea84bf9f89043e7fa722e10333db171f14d736f00966f13dc476a4810efaf05b2d1a007897d092dcdac64d073f15bbaa7435f9689b2ba980e4c7f6a1f01b3b363a7f512db5a0119580823e3bfa6f7343889741c4ab56f789f925f53f50542490e7e7e462a002567b96012782fc35dada63c4c058685d3ce45f1a77a0ce9d1a32ef653651ff2e3fddeae2b81da7869847f9d343043385f447e8a96d30a78f8ac0f60d204e1757d0e217c0d3b002c2a76a523d1dd03705a8cd68cef16978fdb7bb003657105fd072cc020f9ba9aa9b26d6d963aa1f5c4aeed33c4f0559a46cf393aa41ea1a9c545bd9792662ccf4f792c14320cfcf234911d9df23c12bdaeefaa3d798638ac02d247ff1bfa7d86b246d19c5c2f7f6cd5fe44ec83d5f210f563acd87c8ee96884e9186a8a903783457e04978d6d2ad0161269df639fd528a43b0d8c531e6d175888f3fb1b2e619e9eb5c6a6c92f55f7e363fab3eecf6cd6150c2ace1f7d4421e70603b52786d350c2416eeea28d0cb2476a72b7883649b4b4ce0d6c1792a2be179d122606c1d6fcdeef9597ca31f86794fb14ae0c15cfb6452b8ab225074ff5ad79439a5b481497a966790ef1da8e662db6cc217e9c2751a577d0ce4474540d62ac4b98e300e2146adfc3f6ca2e0181fcc473c7e965e631470bb042e2132864a69623237bc057dff7d351908487f7391881afa0c56c044ca4cb3f093c36afbbbb4683aa6c1909e455c990263b9413b27f77c0cf4a3406658889d903673974f835b3e48400e30ff976daae483733798cdcb8f31255f3582828c0c74b4509db8682ffd87d0d9602a4a0ac9db6707480afe42f2c02ed91bc857003447ee2b317f63bdb5e6ce20f02aa8786fd78317e7dea810ad25b1f6fa7c30fd7f4409eba1679bb75281f2c68aa4b006f6550cbae2c6568bfab6e9570d0e8b082433d9ced0d4268be532cd1efc566ad796414264151f5551608e5f9af4d19e9f274e77d38048e8b85703c33f6cbfaaf531e0d0a49fae9d130e24d406d0dcbe61e0eca4a3f3e0475eaa311f37b306eaacb8b5d87126660b3fb04bdca4ecac0c8a3d2b26289697ca626b32bae007c30771b7052db093a1016382d108982b089bfd189a39bbcaa10b99c37f1c8f4dea017f5f76f4e193f39a712f7a984568d56b8b0055266d8dd4ed28a40958882b2979154e5095841fc0017a09ddab92053b1944aea073cb91083723c1e47fd6b287ecc51afa09e622ffde470b7d242e41ff80e345f6a071ae702c399655ceb46f2ed41046f71adb98a3c9c25449bbf01915e761dfbb86f28c584ee5caac68d070f6f9e77390c6ce2d4f0a6637231ec4eb5ea72d83773817a6338fb68cb206cdd000f6b48d1177489ea4bf90e4d08628dbb70b8bcbf25afbd081276f356e90f1759dcbb8bb5c8fc4296d30f8a88af37b321858a258db054c71803da07956005dee6643741a2c49ce0ff8723724831b7d56221a847d9b4c73f16accc61d110116b971b5973c853c19d3e96d53d642157af3615bbc838d982767de5dfca466369dc36852a0a4099ea6e01f5d0822b06019ccf5762c05e113ff80db756ab4af9e3b304b98b247125ab407b8ffb32fb687c03c0b0f8955506ea035a55a1d904b8c552dd96c2bc7c86ad8097b3bbc6bbbb40337f1bbe185fb48b79400d2c74a25221b1b6320b13c46c2cefd8b9a40a6f9858498c8f72e2e62bcf74d910cc04d06430eef94d61604068f20f54e433cdb3ea9004a00fd76f896fd19b03a5b1211d79611cc8cbe01e0d8ad3dc1260c22251fc69d0000a6f0eb942b609850f9152a76a9f0d29df0eee49a3f1a6bc6d29e2ed8f1f42f8c066ac39100c917f8b1ca3ae8c2873c01174c654d40ec218f7ddaeaf217d2f378d29584e12830fa1a481785f579c980dd0e13715bffbe8d731d0e47800a224ad0f28fcccb32343daa81c83add9168dcd3672d323391a7a1813ff73bbc47c944cb48b04d80cd25561352c333", 0x1000, 0x4a9, 0x0, 0x1}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x5, 0x7, r0, &(0x7f0000000840)="54d734ae5c2426cf380b858d11293748def7", 0x12, 0x2, 0x0, 0x3, r6}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x3, 0x7ff, r1, &(0x7f0000000900)="b1e54dfb7d5e5035a6c1f4254194", 0xe, 0x93, 0x0, 0x3}, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x8, 0xc6, r7, &(0x7f0000000a00)="e0f1ccbcf0cec6545e7d3a09761f9416160affc69026dc11d6a3dd0bea451b0043ed012f8a4232e873efe6f0e1ac64190cd7e8de12ace60b431b0ee36197d87e84524a6963cbc6625e7a9b3fe5787d81b9ccdff49547ae2a0aea00973fb6cb07978e4047d57ee8e31347652ae48036c8c63051b2d1541288ff8b28167c3da9b0eabc6404367c5829292490cf7af53da6349137589cfa35f1c2", 0x99, 0x7, 0x0, 0x2}, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x8, 0xb, r2, &(0x7f0000001c00)="1e743ea2963f3e674b68434ad2c764012d92133711694270563b0d8590f7079fbc0e2d94996c4e9bdce192f4c1f1fcc2e71d2d1b6f29795daba5b8d928dbda10f332b2be1e439e126ae53d8ca64017bc16b7daf6d40dfc748c76d8a18d1d0d8d9c514ec41ca1ddc3d3a3756b016599", 0x6f, 0x80000000, 0x0, 0x2}])
rt_sigtimedwait(&(0x7f0000000100)={[0x3ff]}, &(0x7f0000005c80), 0x0, 0x8)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000001c80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

1.213349282s ago: executing program 4 (id=4332):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000400000009"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0xc48e, 0x4, 0x1, 0x0, r3}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)=r2}, 0x20)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0xfff, r5, 0x0, 0x20}, 0x38)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100cb3a}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = gettid()
syz_clone(0xb44040, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigaction(0x1b, &(0x7f0000000040)={0xfffffffffffffffc, 0x4c000000, 0x0, {[0x8000000000005a]}}, 0x0, 0x8, &(0x7f00000001c0))
tkill(r7, 0x1b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x2}, 0x18)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003280)=ANY=[@ANYBLOB="140000001000010000000000000000030000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000180fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b806151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}, 0x1, 0x0, 0x0, 0x20000000}, 0x40800)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r9, 0x8008f512, &(0x7f00000001c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r9, 0x0, 0x4804}, 0x18)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="380000000806010100000000000000000000000605000100070000000900020073797a3100d7036bab2ed731e6101e2445002904f8000005000100"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x40)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x11, 0x4, &(0x7f0000000080)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x3c}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x87, &(0x7f0000000700)=""/135, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r10 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f0000000040)={'fscrypt:', @desc3}, &(0x7f0000000540)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143", 0xfffffffe}, 0x48, 0xffffffffffffffff)
r11 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'gre0\x00', &(0x7f00000005c0)={'gre0\x00', <r12=>0x0, 0x8, 0x7800, 0x401, 0x7fff, {{0x2f, 0x4, 0x1, 0x29, 0xbc, 0x64, 0x0, 0x2, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x21}, @local, {[@timestamp_prespec={0x44, 0xc, 0x34, 0x3, 0x9, [{@dev={0xac, 0x14, 0x14, 0xb}, 0x4}]}, @ssrr={0x89, 0xf, 0x3a, [@dev={0xac, 0x14, 0x14, 0x38}, @local, @multicast1]}, @generic={0x86, 0xf, "785c6f8a1928b4b027c33dfb28"}, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0xc, 0xe5, 0x1, 0x3, [{@remote, 0xb0c}]}, @rr={0x7, 0x27, 0xee, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x29}, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x2d}, @local, @local]}, @timestamp_addr={0x44, 0x44, 0xde, 0x1, 0x7, [{@loopback, 0x200}, {@remote, 0x3ff}, {@local, 0x41ad}, {@empty, 0x1}, {@private=0xa010101, 0xfff}, {@loopback, 0x9}, {@multicast1, 0xc70}, {@private=0xa010102, 0xfffffc01}]}]}}}}})
ioctl$sock_inet6_SIOCDIFADDR(r11, 0x8936, &(0x7f0000000400)={@mcast1, 0x22, r12})
r13 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000340), 0x80100, 0x0)
ioctl$PPPIOCSMAXCID(r13, 0x40047451, &(0x7f00000003c0)=0x5)
keyctl$chown(0x4, r10, 0xee01, 0xee00)

1.063168574s ago: executing program 3 (id=4334):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b70300000000b1098500000083000000bf090000000000005509010000"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0x59, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = inotify_init1(0x800)
inotify_add_watch(r2, &(0x7f0000000a00)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x11000010)

1.048767505s ago: executing program 3 (id=4335):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r2 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)

1.012302578s ago: executing program 3 (id=4336):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5)
getsockname$packet(r5, &(0x7f0000000680)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=@newtfilter={0x3c, 0x28, 0x575ac7824d421509, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, r6, {}, {0x1}, {0x4, 0x3d}}, [@TCA_RATE={0x6, 0x5, {0x0, 0x5}}, @filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x3c}}, 0x40)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0x1}}}, 0x24}}, 0x10)

974.521711ms ago: executing program 3 (id=4337):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r1}, 0x18)
r2 = syz_io_uring_setup(0x1104, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xfffffffe, 0x21e}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1fc, 0x0, 0x1})
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff})
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r5, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x40032043, 0x1})

929.579295ms ago: executing program 1 (id=4338):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

868.76827ms ago: executing program 3 (id=4339):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
kexec_load(0x4, 0xa, 0x0, 0x0)

866.25501ms ago: executing program 1 (id=4340):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
fcntl$notify(r0, 0x402, 0x8)
getdents64(r0, 0x0, 0x0)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000040)="f7c52c372758686a4121", 0xa}, {&(0x7f0000000080)="4b704bf0e6009c82f7fff6538e2ebf13b7c2128812d402718f0570378a4a1a67ab07a6c26366a42c1d4eb1764918692293c4d8075a74431ec5d7aa2c8d661fd747086d6aced26817723a5a93e0869811830e504b6b82fb93b0f2710cb147daea1dc116a3e785070e4f4416dcc9db37bc3b987ce53c8efcc20b88cb71522d0e868192430ea85b3d5773152796bfce2abc79da4e98cfafbc2ab8331f88cc0020201004b423a42c8f1e1507ed8b1eb3476a7cc1e72e", 0xb4}, {&(0x7f0000000140)="e4913e8c112036651303e3316bd11e8ab55c2e2d89f320db38e544d2aeac286f5f3d4e870ef1b80c99195a6d5d4a165e6ec9b580cfbc42173c480b1d1981e0ff2c8bc4f2c69c09d3eaaa5ee87b4fe909a56b6a7dbd6d900b56ce671cf5acb0698b6f08a24ef1202a8ffd0b68faff763f00e572e6ea", 0x75}, {&(0x7f00000001c0)="537c360a7ca7c81490f26ad13788e63d1d3f235dfd", 0x15}, {&(0x7f00000002c0)="a01d8cce33d13c5c9ec21e5334f332f159ef176c73ff2e11fd07679826a9dcfbdeeec29b295bf2a837100b0c3357fc5519383779f7ca16d6e58b996a997dad909957584be0bc741270722b7dc3f4e3c36f8d5c169e1646967a0ca6b9db79d3912fd16056f58547cc5dfd8c7fca5f4c030351875efbcf15643d8c9efcbfed300eabd2c946e31ec88ba95e87dcbe04a90623b1531c5b8eb54c8c543b44d8fb5cf47f7ae64e36493bc8dcd11eec5f", 0xad}], 0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x10880, &(0x7f0000000000)={[{@dax}, {@nouser_xattr}]}, 0x4, 0x261, &(0x7f0000001040)="$eJzs3UFoFFcYB/BvZnfTJF1K2l4KhbZQSmkDIb0VeklPhUAJoZRCW0hpSy+VRIgJ3hJPXjzoWSUnEYJ4M2fJJXhRBE9Rc4gXQYMHg6AeVnZnI9FsomQ3O+r8fjBkJpk33xtm/u/lMjMBFNZARIxERCkiBiOiEhHJ9h2+yJaB5uZC38pERK32y4OksV+2ndlq935EzEfE9xGxnCbxfzlidumP9UerP319Yqby1bml3/u6epJNG+trP2+eHTt+afS72Ws37o0lMRLVF86r85IWvysnER8dRLE3RFLOuwe8jvGjF2/Wc/9xRHzZyH8l0sgu3snpnuVKfHtmt7an7l//tJt9BTqvVqvU58D5GlA4aURUI0mHIiJbT9Ohoex/+Ful/vTQ1PSRwf+mZib/zXukAjql+rg5ALyU/7ulLP/Au6sasfbr+OLt+vpmKe/eAN1Uz//gX3PfhPxD4cg/FJf8Q3HJPxTX7vkf2KvZP58fdMeAA2f+h+LqSP57O9snoDvM/1Bczfw3ZnD5h2Ix/0Nxbc8/AFAstff2+eBw0nh5APAWy3v8AQAAAAAAAAAAAAAAAAAAdlroW5nYWrpV88rpiI0fI6Lcqn6p8T3irZcM9z9M6rs9l2TN2vJnzh8zuJDz09cf3OnEUc7vu+XVzzpRv6m3ccvs0LNHk7nJiPljETFcLu+8/5Lm/bd/H77i75W/2yzQph9+y7f+08V864+uRlyujz/DrcafND5p/Gw9/lTr16/N+oeftHkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuuZZAAAA//8QPW+s")
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmmsg$sock(r3, &(0x7f0000001f40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24000081)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x1041, 0x0)

851.330261ms ago: executing program 3 (id=4341):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
modify_ldt$write(0x1, &(0x7f0000000040)={0x401, 0x1000, 0x4000, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@getrule={0x14, 0x22, 0x400, 0x70bd27, 0x25dfdbfe, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000080)={0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, 0x10)
r5 = eventfd(0x5)
r6 = eventfd2(0x1bba0000, 0x1)
r7 = open_tree(0xffffffffffffffff, &(0x7f00000009c0)='./file0\x00', 0x1)
io_submit(0x0, 0x8, &(0x7f0000000b80)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x7, 0x401, 0xffffffffffffffff, &(0x7f00000002c0)="7d4f9e53129921a4e847302d3e4370ca6a", 0x11, 0xb}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x5, 0x7ff, r3, &(0x7f0000000380)="61ce99145e00ca55de1f8231c02f46fdc68fa75b191da7c56dbf6c1610bf5699aa1d60db439dd9e69b51dc34fbe7dab562cae4f7334432e1edf2da1b82a0d51b865d6a45b58cfd3a84e0ac5157cb47b743aa77ee37042d9f", 0x58, 0x7, 0x0, 0x1}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x3, 0x7, r4, &(0x7f00000005c0)="f78570569f2a68f1755877e0052089124ddad9d77ad86cbba6850d7846d52a447d5a81862f8ad5c9be85d701f8bfc8004d24e2366cc71c", 0x37, 0x1, 0x0, 0x3, r5}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x9, r3, &(0x7f0000000c00)="4162a9fc4eb4969bdfe0515f58967ff26c8e8358f7a834d10a8d2733117602e86a6da2c9a19cf7167d1425b2e4b8b5cdea459c3f58d2f2ddfdfe5da14af4dadcd101dc125a7c3407fe4949e7cc51fb6e10de4457407ac9ee2eb1888d1c634faa7241c7bb961aeb0874914fbaa7aa9946100fdc1a744ad9094efa1bf1457ac192a49922b37d6dc21172ffabc1f540e5ad60d04763438fe408edd45c42aa93be2396f848006ffcb4e8a3f48896ace634998f6d6192a59527c720234e803c574c61e4d5f390655195310e8c8feaf3607fc67c408770aaf1204f5bfdf6df0428e92a2f6dbad525270bac718381a4cd3aa3b40f5b4aa17972ce804d715180c9e92d20231b9bcbe6e5b1ca2e17813c68c8ae438c553dbf7f41a8bad458a72c9e9a339e7a0417341ab5d22db6c632fb6f34b5255f10a8b3f2fafec6af9272267d3a96d44f1b05cc855599828558187a490f619a48e7119c69f4275268da8ce7c0b2ed4d4a45da2b31f6dd93d325e4ccc0fd5041858dc36791b2a14972b946dbb7e22e7af26167a7612c8d83813c311f1ee4bb34cec12e577db73fe8022ac1af9ebf89bb738a349a4f278efb1ab59df506ca1e6efcc99e687de80387579b79f9ec4b119c8a04c6d973abb6b0da6efd2757b72fb81d8a5b0109ac26c0758ce6107023eb548f3bc65e72a2b0e950a821d81571ef065a95ab4caf81327cf904553cb1b6881d13c26d9fbb0d770c490f7fe684bb4c1071d1fc521cb7e94672a93cc32670f3f357766fc19ed23fd046d9c34086909854382e18c1f027d3431539ef8457f316d22c8fbfaf9eb6c90869116469a5b022cc0a253007e5f2724cd032d39b4495a9a3fcf1e46050ff8f0632ba3ae57d3fa45adccd9dd1d365c7e821fb59f643c3e6baae2757640489c81f5d986b2b936cb019bf8fa0bf7a54098a82dede7b14f9c08d35aad389d4b2bf3e314b118d009a2d999ab7e274141816bcaca243ba58557490afc384358369f17718a65521a3859121ac671f3b234db404aaf55f42a11949d3513f3ed86fcbbe99bf214edc5156d14b25d79e0aed56ab9ebeacebcc6cd49586fea3961a49646ad670829a0222e64f178a75551335e3d5972f978fbc3ed11c30e6646262a3b2e8f8d202933024a5367034dfe719b2bf219bcd3cb8c7696fbbc8c1f2043de8fbd345c696debcbefaa8262e773039216c37167aba912d53d3d145e7a5f016ec96bda163526e3c64f3d835f83ab163a1f9ba645ed9e6d87fb1de1f5ef402b887a6927dae53f6c82af8e945ca57da4a5e024f78b1d0bee8662941ff34c45b261413d68ee29b59278a7693097547473d7dfb042719be32d13feee778df74e2136af2ace9e1916f03b8a897f91e722b16e724b363305f820c04d2ff8482130f8067b1d13641dc157d265d4d17947f96bc90afb4c0c380d0ec9bda1244d65972ee317c52c6535ca2f1968a4291509d0c13034cecc171ea7b864d3383da1c504fc9beeb94b0062cbee7736d8a3abb41656b0eca725e85b81304530ffac6abfa3d59bc63a87144ef15ce395975165e6d3fb4bf1a77cd491bd290734718bce89c16ec4798788026faa116e89fe44217e4f70dcdd6dc2f4a9f1694ac57e630ac67fb4f36e1c9003d221a6c691805164e76b5f2df5ae9a8b79ed74ebc40cb16d58a067800270bb88a153a649988f64b2464cb4119875fa7c1b6369ebc341990fb59a7973d0c0136e253a3b011e448c3467d46b67832dacde43b87b3c79e63452075d62f9fb04411fc9c8a1579b4ebbf1423d289d4713c54141f582977e7eb82c268086a6e50ede60cd40ed186c974acfbb8ce86064838ff699616fa470b1bf155d5d38f7df4c40468c70c1f0cdf542f423b8b721672f03ea5656e6000bd41db79f91ad437cd64327fd394645b245b1f9e4a052bb06701661e2fbc81a2cee074baf488881929f0e850e41ef476c25ea2323daf4bcf1d30a817b6b6dfe805cfcaa77a469bbfb5ceaf31decf3b3ae3c81b109381ae0f577c973df6e983dc25e1c70852b49dedb3a0af3e955b96486567fa8d06c428e5373e85731b438d376bceddf1157bb8d7d628c2fa30f29a91956a12caacbd4990f7705f10c82c2361ef04a6b74835cd5c0bb08921db04b1acb0e42d9cfbbf3531ef29f5e2ba85f03fbab31f83704ae79cab001fef6e47e39f0af060c909a68665727807a53fa64dbf6e415321ddcc3978b3321a90d89acfa3de04396380ebbbb43058f563ead310f10c64d74351bbf324e8a8311bbae395be4dd5d65b10b5aa83ec8d27b350c0303e6d683279103836a7022e55c2c021530be55f3012c6088bd505eb62d2cc6b6b28fa9d7af381076d3763cd36d5d69d2a4c723f8b0b0de555663213536845e3234a34aa73164eec3d11b7c9c08652c422dd523b3f34480773b86580eacb1026cedd61224f96a4f20bc15eb8657f14322c2d1bade6c2e822488eb405736211c49ff278c6167ac6fcf32a5af8ae822b35953c6605521c6c3a142846b46727f829c1f278c6b9b8a374c05d3da8b30b1c1e1e793505d8844fb1636efc52c1d5260c0417b99bebba70a1e39267a95a5a48efb732073187d06894456b53801755188c616d072325af3aaf8b6bf8415491ee004dc4dccb78fb15da9064603cbd5173e45a7daad0983f647b23fb71d29afcc12147f9b21a63eb47973f7fe00297ebd9bb685e27d6b505e555857f99095329dfeb774b7d2adfb57ff41de027a2739c44379ee78e4eb98426e11d22ca649327fda93e47a65449bd1b7a9ca5131ee8f043d467f0bdc7f534bcd1209da94dd0cee9059c913c04548d45f0c229f206cf1b36f31b32fce654600884e1fe5d633752324cff83ba93d6a9fb740b4ba7f136a56baf12bb1d2e0ea4d00a28c8c8f5f2fd828f7226597253c07ccc59f89cc21bcf4faa56894713f7edff07883997bf4df1c8c19e9981cb659877b932db03c6ba23876c51a636aee9cf0536f0511bdca2f25ac938125234c0216f6fe17a94ee230f16de400778fc4fe845fd773c64802c2c995684656d0a99a2e5ebe096737978d9a20ee1b53a063c41b78010f2b1fa927085a85f4663613a36f0a009b6d88e6d3efdefdd84af546d30717218068959be2e80d9f6ebbc64aac93ad06509b0f217e3e72de7abb0d9ce59f652219fd368e1a91196e04c50edd9bb3c48a625880b209c39552d972eb6f7d594b32725f729dca6b960408d7188f162455deb1312b1cb7c355597342e2eaa24963886c315687888698e8c64f65d6257ac44c28e49b3c10323516dd448a909f8b2888eb8b001422f027cd772372dd5df0f48963c3f0b225eb668b4165f98452b946be48dd3b248e5581da8b7ac88ca560a1a5e370582039b1c1bbcb1d80ced649530cd1e2248fa402e3557760d51809f9aa86c748e255653389d6e3d0059c50a43c97e4840cdd3c1c95941e9e7c2d6a4d5fcec6373c84fabfce716666a881174e57c0c02f72c1f5b3f4ab4b9502850830b02d7794247aa3112db56a0bc55a30e445eccd7dc4aeed8052e279ac614c415f135d102a26a54ba6479f5072206f3bf11c1c83f2fdc35ff88b1a1aac10e6c77c9b2934ec86ac620dd5748cedb2b0c1743637fb578a6d8c825749d3d8977ecc59e33dd9ae1fd58bb5dd17f492bec911f28cce16cdc1a81ab08c0e2a9d89c374fe875b280bf801d78231daed4588c8ede64f146f3a0765d54aab5eb6eaa364240a09fb68b7e0957b4946bd8c6e6ba2d9b6033e2272cf780862a8f4116232ccc6930ef2869e13d1749ea84bf9f89043e7fa722e10333db171f14d736f00966f13dc476a4810efaf05b2d1a007897d092dcdac64d073f15bbaa7435f9689b2ba980e4c7f6a1f01b3b363a7f512db5a0119580823e3bfa6f7343889741c4ab56f789f925f53f50542490e7e7e462a002567b96012782fc35dada63c4c058685d3ce45f1a77a0ce9d1a32ef653651ff2e3fddeae2b81da7869847f9d343043385f447e8a96d30a78f8ac0f60d204e1757d0e217c0d3b002c2a76a523d1dd03705a8cd68cef16978fdb7bb003657105fd072cc020f9ba9aa9b26d6d963aa1f5c4aeed33c4f0559a46cf393aa41ea1a9c545bd9792662ccf4f792c14320cfcf234911d9df23c12bdaeefaa3d798638ac02d247ff1bfa7d86b246d19c5c2f7f6cd5fe44ec83d5f210f563acd87c8ee96884e9186a8a903783457e04978d6d2ad0161269df639fd528a43b0d8c531e6d175888f3fb1b2e619e9eb5c6a6c92f55f7e363fab3eecf6cd6150c2ace1f7d4421e70603b52786d350c2416eeea28d0cb2476a72b7883649b4b4ce0d6c1792a2be179d122606c1d6fcdeef9597ca31f86794fb14ae0c15cfb6452b8ab225074ff5ad79439a5b481497a966790ef1da8e662db6cc217e9c2751a577d0ce4474540d62ac4b98e300e2146adfc3f6ca2e0181fcc473c7e965e631470bb042e2132864a69623237bc057dff7d351908487f7391881afa0c56c044ca4cb3f093c36afbbbb4683aa6c1909e455c990263b9413b27f77c0cf4a3406658889d903673974f835b3e48400e30ff976daae483733798cdcb8f31255f3582828c0c74b4509db8682ffd87d0d9602a4a0ac9db6707480afe42f2c02ed91bc857003447ee2b317f63bdb5e6ce20f02aa8786fd78317e7dea810ad25b1f6fa7c30fd7f4409eba1679bb75281f2c68aa4b006f6550cbae2c6568bfab6e9570d0e8b082433d9ced0d4268be532cd1efc566ad796414264151f5551608e5f9af4d19e9f274e77d38048e8b85703c33f6cbfaaf531e0d0a49fae9d130e24d406d0dcbe61e0eca4a3f3e0475eaa311f37b306eaacb8b5d87126660b3fb04bdca4ecac0c8a3d2b26289697ca626b32bae007c30771b7052db093a1016382d108982b089bfd189a39bbcaa10b99c37f1c8f4dea017f5f76f4e193f39a712f7a984568d56b8b0055266d8dd4ed28a40958882b2979154e5095841fc0017a09ddab92053b1944aea073cb91083723c1e47fd6b287ecc51afa09e622ffde470b7d242e41ff80e345f6a071ae702c399655ceb46f2ed41046f71adb98a3c9c25449bbf01915e761dfbb86f28c584ee5caac68d070f6f9e77390c6ce2d4f0a6637231ec4eb5ea72d83773817a6338fb68cb206cdd000f6b48d1177489ea4bf90e4d08628dbb70b8bcbf25afbd081276f356e90f1759dcbb8bb5c8fc4296d30f8a88af37b321858a258db054c71803da07956005dee6643741a2c49ce0ff8723724831b7d56221a847d9b4c73f16accc61d110116b971b5973c853c19d3e96d53d642157af3615bbc838d982767de5dfca466369dc36852a0a4099ea6e01f5d0822b06019ccf5762c05e113ff80db756ab4af9e3b304b98b247125ab407b8ffb32fb687c03c0b0f8955506ea035a55a1d904b8c552dd96c2bc7c86ad8097b3bbc6bbbb40337f1bbe185fb48b79400d2c74a25221b1b6320b13c46c2cefd8b9a40a6f9858498c8f72e2e62bcf74d910cc04d06430eef94d61604068f20f54e433cdb3ea9004a00fd76f896fd19b03a5b1211d79611cc8cbe01e0d8ad3dc1260c22251fc69d0000a6f0eb942b609850f9152a76a9f0d29df0eee49a3f1a6bc6d29e2ed8f1f42f8c066ac39100c917f8b1ca3ae8c2873c01174c654d40ec218f7ddaeaf217d2f378d29584e12830fa1a481785f579c980dd0e13715bffbe8d731d0e47800a224ad0f28fcccb32343daa81c83add9168dcd3672d323391a7a1813ff73bbc47c944cb48b04d80cd25561352c333", 0x1000, 0x4a9, 0x0, 0x1}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x5, 0x7, r0, &(0x7f0000000840)="54d734ae5c2426cf380b858d11293748def7", 0x12, 0x2, 0x0, 0x3, r6}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x3, 0x7ff, r1, &(0x7f0000000900)="b1e54dfb7d5e5035a6c1f42541947b3ada9f6ed788959ac1109d3f48", 0x1c, 0x93, 0x0, 0x3}, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x8, 0xc6, r7, &(0x7f0000000a00)="e0f1ccbcf0cec6545e7d3a09761f9416160affc69026dc11d6a3dd0bea451b0043ed012f8a4232e873efe6f0e1ac64190cd7e8de12ace60b431b0ee36197d87e84524a6963cbc6625e7a9b3fe5787d81b9ccdff49547ae2a0aea00973fb6cb07978e4047d57ee8e31347652ae48036c8c63051b2d1541288ff8b28167c3da9b0eabc6404367c5829292490cf7af53da6349137589cfa35f1c2", 0x99, 0x7, 0x0, 0x2}, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x8, 0xb, r2, &(0x7f0000001c00)="1e743ea2963f3e674b68434ad2c764012d92133711694270563b0d8590f7079fbc0e2d94996c4e9bdce192f4c1f1fcc2e71d2d1b6f29795daba5b8d928dbda10f332b2be1e439e126ae53d8ca64017bc16b7daf6d40dfc748c76d8a18d1d0d8d9c514ec41ca1ddc3d3a3756b016599", 0x6f, 0x80000000, 0x0, 0x2}])
rt_sigtimedwait(&(0x7f0000000100)={[0x3ff]}, &(0x7f0000005c80), 0x0, 0x8)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000001c80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

786.865296ms ago: executing program 1 (id=4342):
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xa18}}, './file0\x00'})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4e, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
ustat(0xd, &(0x7f0000000680))
fsmount(r0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000540)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000014000e0a49bf925471e7fc50983f097013799b641ea79c734b6ef4a909f6c2743f53f288e526b45fe0769b612cae30d347d692db24c0a7fc637fa1cb855773a97058bb1e89ea2629a03a000f0f527000fbdb2d1b65fa9d7a12f86e4727da8c12d73cadf3961abdb1e575e65427efb303c637f2785cdb1d128d656102d655936b6ead69539ab7933768022578e97e1df45e204b804dce7f1b89c9e85251bbe2f57c3b4be994e3dfaefab23911bf72bf62214f8d1154befd11e305e47343dc4bc0e603181bc0bcd0a3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="f5e6331418d17a49997cf97196f570478c44cdbb2fc03bd0c1402798b4b53a48db4ba178ce7a4791e63cda5ac1a33f2212d065e5b28615f2c3aedd1d6747824b671b51f0f4024876a50aed9f5f6bec6c91dc7b86c6558732dcdbac7a334ad3570a7751d35ff9c3b7c4066436206766cbfeac4de34d9c32d2a1c8c113f3f1d39dd458845bd4f840f3a530ffe712fbe3311312192c8bf40857439bdcd5041873d6a39d1b8b"], 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r2}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@deltfilter={0x24, 0x2d, 0x200, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4, 0xf}}}, 0x24}}, 0x14000000)
socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@usrquota}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mount(&(0x7f0000000000), &(0x7f00000006c0)='./file0\x00', &(0x7f0000000340)='btrfs\x00', 0x0, &(0x7f0000000900)='\x00'/10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$TIOCSSOFTCAR(r6, 0x541a, &(0x7f0000000080)=0x1ff)
write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r6, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)

738.919191ms ago: executing program 0 (id=4344):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r2 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)

738.41345ms ago: executing program 0 (id=4345):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b70300000000b1098500000083000000bf090000000000005509010000"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0x59, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = inotify_init1(0x800)
inotify_add_watch(r2, &(0x7f0000000a00)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x11000010)

699.737734ms ago: executing program 0 (id=4346):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0) (fail_nth: 3)

373.55335ms ago: executing program 0 (id=4347):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5)
getsockname$packet(r5, &(0x7f0000000680)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=@newtfilter={0x3c, 0x28, 0x575ac7824d421509, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, r6, {}, {0x1}, {0x4, 0x3d}}, [@TCA_RATE={0x6, 0x5, {0x0, 0x5}}, @filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x3c}}, 0x40)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0x1}}}, 0x24}}, 0x10)

181.692125ms ago: executing program 4 (id=4348):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r1, 0x0, 0x0)

167.401996ms ago: executing program 0 (id=4349):
r0 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0xa3c}, {0xa, 0xfffe, 0xfffffffd, @dev, 0x4}, 0x1000, {[0x9, 0x0, 0xfffffffe, 0xfffffef9, 0x0, 0x1, 0x2]}}, 0x5c)
syz_emit_ethernet(0x4e, &(0x7f0000002940)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x18, 0x3a, 0xff, @local, @local, {[], @ndisc_na={0x88, 0x0, 0x0, 0xce, '\x00', @loopback}}}}}}, 0x0)

148.804008ms ago: executing program 0 (id=4350):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

70.699614ms ago: executing program 4 (id=4351):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r1}, 0x18)
r2 = syz_io_uring_setup(0x1104, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xfffffffe, 0x21e}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1fc, 0x0, 0x1})
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff})
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r5, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x40032043, 0x1})

43.961916ms ago: executing program 1 (id=4352):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\t\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000007000000000000000000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000ac0)={r2, r3}, 0xc)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000000)={r2, r1}, 0xc)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000000)={r2, r0}, 0xc)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000100)={r2, r0}, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000540)=ANY=[@ANYRESOCT=r2, @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="00012dbd7000fbdbdf25490000000800010076000000f6fcd59bf231d4b0dc73da524b752cd362afe0a4acbb7882f61b4b8dc6005fe82db5ff10a32c1d1519f90455b9f7ed7a0f510f890bbf2a45d84ea848538b035a53f003cf009b2c67b7d6a16b5b303def27f406ba41eda53cc5e69a921a5ff0e4071ce5c889e7e9995d5b4146ee6b6ac164dca810d229c1c96b2a04e26c7ef1efd68732737b7f4e111a3d9b4502be8e4009765dbeca4967d4c50ec47ce05b176007733e0093dd93300b57f3b18677e4a10e142d6bfc0a4a4356d551e471c39847d15e3db8eba6c2e6e1ca989ea3e2d90a06bae949d00f9ade75238a8a1d4d12f5"], 0x1c}}, 0x8000)
r6 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$selinux_access(r6, &(0x7f0000001a80)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = openat2(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x200, 0x108, 0x1}, 0x18)
bind$inet(r7, &(0x7f00000004c0)={0x2, 0x4e20, @local}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x42b}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)

0s ago: executing program 2 (id=4353):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x60040, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r2}, 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@int={0xa, 0x0, 0x0, 0x1, 0x0, 0x2e, 0x0, 0x45, 0x6}]}, {0x0, [0x0, 0x30]}}, &(0x7f0000000180)=""/44, 0x2c, 0x2c, 0x0, 0x9, 0x10000, @value=r4}, 0x28)
socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r6}, 0x18)
writev(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r7, &(0x7f0000000240)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064c6", 0x15}, {&(0x7f0000000000)="17460081ba60ccbb9d000000000000", 0xf}], 0x2}}, {{&(0x7f0000000080)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000780)="5825be06000000000000007ca2746314d1787b351f0dda2d3d656bc3a2a75e0d", 0x20}], 0x1}}], 0x2, 0x4004040)
perf_event_open(&(0x7f0000000600)={0x5, 0x80, 0xec, 0x5, 0x40, 0x6, 0x0, 0x0, 0x4d2d9, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x10088a, 0x7ff, 0x6, 0x0, 0xb, 0x2, 0x7, 0x0, 0x0, 0x0, 0x4000000000002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)

kernel console output (not intermixed with test programs):

filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.153868][T13354] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  212.166758][T13358] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3687'.
[  212.221320][T10491] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.222971][T11769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.368647][T13397] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3700'.
[  212.374823][T13397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3700'.
[  212.525529][T13413] FAULT_INJECTION: forcing a failure.
[  212.525529][T13413] name failslab, interval 1, probability 0, space 0, times 0
[  212.538306][T13413] CPU: 1 UID: 0 PID: 13413 Comm: syz.4.3705 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  212.538377][T13413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  212.538389][T13413] Call Trace:
[  212.538396][T13413]  <TASK>
[  212.538425][T13413]  __dump_stack+0x1d/0x30
[  212.538463][T13413]  dump_stack_lvl+0xe8/0x140
[  212.538484][T13413]  dump_stack+0x15/0x1b
[  212.538499][T13413]  should_fail_ex+0x265/0x280
[  212.538520][T13413]  should_failslab+0x8c/0xb0
[  212.538569][T13413]  kmem_cache_alloc_node_noprof+0x57/0x320
[  212.538604][T13413]  ? __alloc_skb+0x101/0x320
[  212.538628][T13413]  __alloc_skb+0x101/0x320
[  212.538651][T13413]  netlink_alloc_large_skb+0xba/0xf0
[  212.538749][T13413]  netlink_sendmsg+0x3cf/0x6b0
[  212.538850][T13413]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.538907][T13413]  __sock_sendmsg+0x145/0x180
[  212.538938][T13413]  ____sys_sendmsg+0x31e/0x4e0
[  212.538967][T13413]  ___sys_sendmsg+0x17b/0x1d0
[  212.539052][T13413]  __x64_sys_sendmsg+0xd4/0x160
[  212.539114][T13413]  x64_sys_call+0x191e/0x2ff0
[  212.539134][T13413]  do_syscall_64+0xd2/0x200
[  212.539163][T13413]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  212.539226][T13413]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  212.539302][T13413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.539327][T13413] RIP: 0033:0x7f96fc61ebe9
[  212.539345][T13413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.539366][T13413] RSP: 002b:00007f96fb07f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.539389][T13413] RAX: ffffffffffffffda RBX: 00007f96fc855fa0 RCX: 00007f96fc61ebe9
[  212.539470][T13413] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000003
[  212.539485][T13413] RBP: 00007f96fb07f090 R08: 0000000000000000 R09: 0000000000000000
[  212.539501][T13413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.539516][T13413] R13: 00007f96fc856038 R14: 00007f96fc855fa0 R15: 00007fffe5114188
[  212.539538][T13413]  </TASK>
[  212.539873][T13414] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3702'.
[  212.808644][T13437] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3710'.
[  212.837327][T13437] wireguard0: entered promiscuous mode
[  212.842829][T13437] wireguard0: entered allmulticast mode
[  213.084988][T13460] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  213.248421][T13475] loop2: detected capacity change from 0 to 1024
[  213.255707][T13475] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  213.275877][T13475] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #3: block 1: comm syz.2.3724: lblock 1 mapped to illegal pblock 1 (length 1)
[  213.294150][T13475] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.3724: Failed to acquire dquot type 0
[  213.306358][T13475] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.3724: Freeing blocks not in datazone - block = 0, count = 4096
[  213.360068][T13482] loop4: detected capacity change from 0 to 512
[  213.367853][T13475] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3724: Invalid inode bitmap blk 0 in block_group 0
[  213.383658][T13475] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  213.399429][T13475] EXT4-fs (loop2): 1 orphan inode deleted
[  213.412396][T13475] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.449707][T13482] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.3720: casefold flag without casefold feature
[  213.462972][T13482] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3720: couldn't read orphan inode 15 (err -117)
[  213.476127][T13482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.702205][ T8694] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:17: lblock 1 mapped to illegal pblock 1 (length 1)
[  213.735456][   T29] kauditd_printk_skb: 1075 callbacks suppressed
[  213.735472][   T29] audit: type=1326 audit(1756523926.716:12012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13478 comm="syz.1.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  213.737229][T13479] netlink: 'syz.1.3725': attribute type 1 has an invalid length.
[  213.741841][   T29] audit: type=1326 audit(1756523926.716:12013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13478 comm="syz.1.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  213.797601][   T29] audit: type=1326 audit(1756523926.716:12014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13478 comm="syz.1.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  213.821226][   T29] audit: type=1326 audit(1756523926.716:12015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13478 comm="syz.1.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  213.844892][   T29] audit: type=1326 audit(1756523926.716:12016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13478 comm="syz.1.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  213.866235][ T8694] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  213.868504][   T29] audit: type=1326 audit(1756523926.716:12017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13478 comm="syz.1.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  213.876949][ T8694] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:17: Failed to release dquot type 0
[  213.900563][   T29] audit: type=1326 audit(1756523926.716:12018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13478 comm="syz.1.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  213.929556][T11769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.935632][   T29] audit: type=1326 audit(1756523926.716:12019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13478 comm="syz.1.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  213.968244][   T29] audit: type=1326 audit(1756523926.716:12020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13478 comm="syz.1.3725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  214.079473][T11515] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.253362][T13527] loop2: detected capacity change from 0 to 7
[  214.558610][T13542] loop3: detected capacity change from 0 to 512
[  214.634979][T13542] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.3739: casefold flag without casefold feature
[  214.649456][T13542] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3739: couldn't read orphan inode 15 (err -117)
[  214.663662][T13542] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.009683][T13551] loop1: detected capacity change from 0 to 512
[  215.019891][T13551] EXT4-fs warning (device loop1): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop1.
[  215.183656][T10491] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.230543][T13571] loop2: detected capacity change from 0 to 512
[  215.251423][T13571] EXT4-fs: Ignoring removed nobh option
[  215.297208][T13571] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.3751: iget: bad i_size value: 38620345925642
[  215.318906][T13571] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3751: couldn't read orphan inode 15 (err -117)
[  215.351864][T13571] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.370336][T13571] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.3751: bg 0: block 5: invalid block bitmap
[  215.393434][T13571] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  215.405846][T13571] EXT4-fs (loop2): This should not happen!! Data will be lost
[  215.405846][T13571] 
[  215.415712][T13571] EXT4-fs (loop2): Total free blocks count 0
[  215.421983][T13571] EXT4-fs (loop2): Free/Dirty block details
[  215.427942][T13571] EXT4-fs (loop2): free_blocks=0
[  215.433060][T13571] EXT4-fs (loop2): dirty_blocks=16
[  215.438458][T13571] EXT4-fs (loop2): Block reservation details
[  215.444467][T13571] EXT4-fs (loop2): i_reserved_data_blocks=16
[  215.479383][T13593] loop3: detected capacity change from 0 to 2048
[  215.500024][T13593] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  215.537537][T11769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.566024][T13605] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:169: inode #12: comm syz.3.3760: inline data xattr refers to an external xattr inode
[  215.581699][T13604] tipc: Started in network mode
[  215.586654][T13604] tipc: Node identity ac14140f, cluster identity 4711
[  215.642334][T13604] tipc: New replicast peer: 255.255.255.83
[  215.648413][T13604] tipc: Enabled bearer <udp:£>, priority 10
[  215.730029][T13605] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  215.747568][T13605] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 628 with error 28
[  215.760119][T13605] EXT4-fs (loop3): This should not happen!! Data will be lost
[  215.760119][T13605] 
[  215.769815][T13605] EXT4-fs (loop3): Total free blocks count 0
[  215.775819][T13605] EXT4-fs (loop3): Free/Dirty block details
[  215.781754][T13605] EXT4-fs (loop3): free_blocks=2415919104
[  215.787604][T13605] EXT4-fs (loop3): dirty_blocks=640
[  215.792825][T13605] EXT4-fs (loop3): Block reservation details
[  215.798932][T13605] EXT4-fs (loop3): i_reserved_data_blocks=40
[  215.961894][T13621] bridge_slave_1: left allmulticast mode
[  215.967658][T13621] bridge_slave_1: left promiscuous mode
[  215.973513][T13621] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.982694][T13621] bridge_slave_0: left allmulticast mode
[  215.988552][T13621] bridge_slave_0: left promiscuous mode
[  215.994279][T13621] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.133328][ T8681] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  216.522591][T13662] __nla_validate_parse: 11 callbacks suppressed
[  216.522610][T13662] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3783'.
[  216.554704][T13664] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3784'.
[  216.579043][T13664] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3784'.
[  216.650185][T13666] loop3: detected capacity change from 0 to 2048
[  216.685357][T13672] loop0: detected capacity change from 0 to 2048
[  216.710589][T13666] Alternate GPT is invalid, using primary GPT.
[  216.717088][T13666]  loop3: p2 p3 p7
[  216.743242][T13672] Alternate GPT is invalid, using primary GPT.
[  216.749800][T13672]  loop0: p2 p3 p7
[  216.767339][   T23] tipc: Node number set to 2886997007
[  216.778174][T13672] FAULT_INJECTION: forcing a failure.
[  216.778174][T13672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.791360][T13672] CPU: 0 UID: 0 PID: 13672 Comm: syz.0.3788 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  216.791389][T13672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  216.791402][T13672] Call Trace:
[  216.791410][T13672]  <TASK>
[  216.791418][T13672]  __dump_stack+0x1d/0x30
[  216.791441][T13672]  dump_stack_lvl+0xe8/0x140
[  216.791461][T13672]  dump_stack+0x15/0x1b
[  216.791498][T13672]  should_fail_ex+0x265/0x280
[  216.791521][T13672]  should_fail+0xb/0x20
[  216.791538][T13672]  should_fail_usercopy+0x1a/0x20
[  216.791562][T13672]  _copy_from_user+0x1c/0xb0
[  216.791593][T13672]  ___sys_sendmsg+0xc1/0x1d0
[  216.791697][T13672]  __x64_sys_sendmsg+0xd4/0x160
[  216.791725][T13672]  x64_sys_call+0x191e/0x2ff0
[  216.791746][T13672]  do_syscall_64+0xd2/0x200
[  216.791849][T13672]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  216.791879][T13672]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  216.791912][T13672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.791934][T13672] RIP: 0033:0x7f7e32b2ebe9
[  216.791949][T13672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.791981][T13672] RSP: 002b:00007f7e3158f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  216.792000][T13672] RAX: ffffffffffffffda RBX: 00007f7e32d65fa0 RCX: 00007f7e32b2ebe9
[  216.792012][T13672] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  216.792085][T13672] RBP: 00007f7e3158f090 R08: 0000000000000000 R09: 0000000000000000
[  216.792098][T13672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.792112][T13672] R13: 00007f7e32d66038 R14: 00007f7e32d65fa0 R15: 00007ffc64a8dfd8
[  216.792135][T13672]  </TASK>
[  217.072311][T13681] loop0: detected capacity change from 0 to 2048
[  217.103296][T13681] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  217.212078][T13685] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:169: inode #12: comm syz.0.3790: inline data xattr refers to an external xattr inode
[  217.290600][T13685] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  217.326826][T13685] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 126 with error 28
[  217.339348][T13685] EXT4-fs (loop0): This should not happen!! Data will be lost
[  217.339348][T13685] 
[  217.349137][T13685] EXT4-fs (loop0): Total free blocks count 0
[  217.355131][T13685] EXT4-fs (loop0): Free/Dirty block details
[  217.361314][T13685] EXT4-fs (loop0): free_blocks=2415919104
[  217.367063][T13685] EXT4-fs (loop0): dirty_blocks=208
[  217.372430][T13685] EXT4-fs (loop0): Block reservation details
[  217.378439][T13685] EXT4-fs (loop0): i_reserved_data_blocks=13
[  217.388771][T13692] loop1: detected capacity change from 0 to 512
[  217.405583][T13692] EXT4-fs: Ignoring removed nobh option
[  217.427902][T13692] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.3793: iget: bad i_size value: 38620345925642
[  217.447493][T13692] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.3793: couldn't read orphan inode 15 (err -117)
[  217.480009][T13692] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.586828][T13696] loop4: detected capacity change from 0 to 8192
[  217.627081][T13698] loop2: detected capacity change from 0 to 2048
[  217.636990][T13692] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3793'.
[  217.660208][T13700] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3796'.
[  217.679193][T13666] syz.3.3785 (13666) used greatest stack depth: 7096 bytes left
[  217.681198][T13698] Alternate GPT is invalid, using primary GPT.
[  217.693251][T13698]  loop2: p2 p3 p7
[  217.696028][T13700] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3796'.
[  217.719778][T13692] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.3793: bg 0: block 5: invalid block bitmap
[  217.737093][T13692] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  217.749626][T13692] EXT4-fs (loop1): This should not happen!! Data will be lost
[  217.749626][T13692] 
[  217.759348][T13692] EXT4-fs (loop1): Total free blocks count 0
[  217.765412][T13692] EXT4-fs (loop1): Free/Dirty block details
[  217.771448][T13692] EXT4-fs (loop1): free_blocks=0
[  217.776464][T13692] EXT4-fs (loop1): dirty_blocks=16
[  217.781682][T13692] EXT4-fs (loop1): Block reservation details
[  217.787728][T13692] EXT4-fs (loop1): i_reserved_data_blocks=16
[  217.800744][ T8683] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  217.944559][T13707] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3799'.
[  217.957119][T10841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.970018][T13707] veth0_macvtap: left promiscuous mode
[  218.082231][T13716] loop0: detected capacity change from 0 to 512
[  218.101812][T13716] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.3800: casefold flag without casefold feature
[  218.115079][T13716] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.3800: couldn't read orphan inode 15 (err -117)
[  218.128514][T13716] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.410324][T13709] netlink: 'syz.3.3801': attribute type 1 has an invalid length.
[  218.576317][T13723] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3804'.
[  218.589421][T13698] syz.2.3794 (13698) used greatest stack depth: 7008 bytes left
[  218.725802][T11977] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.853850][T13758] tmpfs: Bad value for 'mpol'
[  218.858659][   T29] kauditd_printk_skb: 683 callbacks suppressed
[  218.858680][   T29] audit: type=1400 audit(1756523931.836:12704): avc:  denied  { mounton } for  pid=13757 comm="syz.0.3815" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  218.907284][   T29] audit: type=1400 audit(1756523931.876:12705): avc:  denied  { create } for  pid=13757 comm="syz.0.3815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  218.927059][   T29] audit: type=1400 audit(1756523931.876:12706): avc:  denied  { bind } for  pid=13757 comm="syz.0.3815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  218.946836][   T29] audit: type=1400 audit(1756523931.876:12707): avc:  denied  { name_bind } for  pid=13757 comm="syz.0.3815" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  218.967498][   T29] audit: type=1400 audit(1756523931.876:12708): avc:  denied  { node_bind } for  pid=13757 comm="syz.0.3815" saddr=::ffff:255.255.255.255 src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  218.990652][   T29] audit: type=1326 audit(1756523931.876:12709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13757 comm="syz.0.3815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e32b2ebe9 code=0x7ffc0000
[  219.014334][   T29] audit: type=1326 audit(1756523931.876:12710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13757 comm="syz.0.3815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e32b2ebe9 code=0x7ffc0000
[  219.038118][   T29] audit: type=1326 audit(1756523931.876:12711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13757 comm="syz.0.3815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e32b2ebe9 code=0x7ffc0000
[  219.061780][   T29] audit: type=1326 audit(1756523931.876:12712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13757 comm="syz.0.3815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e32b2ebe9 code=0x7ffc0000
[  219.085445][   T29] audit: type=1326 audit(1756523931.876:12713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13757 comm="syz.0.3815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e32b2ebe9 code=0x7ffc0000
[  219.139217][T13771] loop2: detected capacity change from 0 to 7
[  219.756733][T13814] loop2: detected capacity change from 0 to 7
[  219.827936][T13824] FAULT_INJECTION: forcing a failure.
[  219.827936][T13824] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.841111][T13824] CPU: 0 UID: 0 PID: 13824 Comm: syz.2.3837 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  219.841172][T13824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  219.841188][T13824] Call Trace:
[  219.841196][T13824]  <TASK>
[  219.841204][T13824]  __dump_stack+0x1d/0x30
[  219.841230][T13824]  dump_stack_lvl+0xe8/0x140
[  219.841251][T13824]  dump_stack+0x15/0x1b
[  219.841266][T13824]  should_fail_ex+0x265/0x280
[  219.841327][T13824]  should_fail+0xb/0x20
[  219.841358][T13824]  should_fail_usercopy+0x1a/0x20
[  219.841381][T13824]  strncpy_from_user+0x25/0x230
[  219.841456][T13824]  ? __rcu_read_unlock+0x4f/0x70
[  219.841480][T13824]  path_removexattrat+0x82/0x570
[  219.841534][T13824]  __x64_sys_fremovexattr+0x35/0x40
[  219.841567][T13824]  x64_sys_call+0x4e0/0x2ff0
[  219.841619][T13824]  do_syscall_64+0xd2/0x200
[  219.841655][T13824]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  219.841699][T13824]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  219.841725][T13824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.841753][T13824] RIP: 0033:0x7f92d459ebe9
[  219.841769][T13824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.841796][T13824] RSP: 002b:00007f92d3007038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c7
[  219.841814][T13824] RAX: ffffffffffffffda RBX: 00007f92d47d5fa0 RCX: 00007f92d459ebe9
[  219.841826][T13824] RDX: 0000000000000000 RSI: 0000200000000180 RDI: ffffffffffffffff
[  219.841838][T13824] RBP: 00007f92d3007090 R08: 0000000000000000 R09: 0000000000000000
[  219.841882][T13824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.841898][T13824] R13: 00007f92d47d6038 R14: 00007f92d47d5fa0 R15: 00007ffd8d7427f8
[  219.841970][T13824]  </TASK>
[  220.287943][T13851] loop4: detected capacity change from 0 to 512
[  220.307598][T13851] EXT4-fs: Ignoring removed nobh option
[  220.319417][T13851] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.3849: iget: bad i_size value: 38620345925642
[  220.335171][T13851] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3849: couldn't read orphan inode 15 (err -117)
[  220.360037][T13851] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.376919][T13856] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3852'.
[  220.379350][T13851] netlink: 80 bytes leftover after parsing attributes in process `syz.4.3849'.
[  220.398242][T13851] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.3849: bg 0: block 5: invalid block bitmap
[  220.443409][T13851] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  220.455753][T13851] EXT4-fs (loop4): This should not happen!! Data will be lost
[  220.455753][T13851] 
[  220.465603][T13851] EXT4-fs (loop4): Total free blocks count 0
[  220.471757][T13851] EXT4-fs (loop4): Free/Dirty block details
[  220.477722][T13851] EXT4-fs (loop4): free_blocks=0
[  220.482675][T13851] EXT4-fs (loop4): dirty_blocks=16
[  220.487987][T13851] EXT4-fs (loop4): Block reservation details
[  220.494003][T13851] EXT4-fs (loop4): i_reserved_data_blocks=16
[  220.600409][T11515] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.751185][T13895] loop2: detected capacity change from 0 to 2048
[  220.788772][T13907] loop1: detected capacity change from 0 to 512
[  220.795617][T13907] EXT4-fs: Ignoring removed nobh option
[  220.804527][T13907] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.3870: iget: bad i_size value: 38620345925642
[  220.818919][T13907] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.3870: couldn't read orphan inode 15 (err -117)
[  220.827769][T13916] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:169: inode #12: comm syz.2.3867: inline data xattr refers to an external xattr inode
[  220.836063][T13907] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.3870: bg 0: block 5: invalid block bitmap
[  220.858389][T13907] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  220.870823][T13907] EXT4-fs (loop1): This should not happen!! Data will be lost
[  220.870823][T13907] 
[  220.880561][T13907] EXT4-fs (loop1): Total free blocks count 0
[  220.886581][T13907] EXT4-fs (loop1): Free/Dirty block details
[  220.892571][T13907] EXT4-fs (loop1): free_blocks=0
[  220.897558][T13907] EXT4-fs (loop1): dirty_blocks=16
[  220.902704][T13907] EXT4-fs (loop1): Block reservation details
[  220.908801][T13907] EXT4-fs (loop1): i_reserved_data_blocks=16
[  220.926979][T13916] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  220.941997][T13916] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 372 with max blocks 348 with error 28
[  220.954818][T13916] EXT4-fs (loop2): This should not happen!! Data will be lost
[  220.954818][T13916] 
[  220.964565][T13916] EXT4-fs (loop2): Total free blocks count 0
[  220.970746][T13916] EXT4-fs (loop2): Free/Dirty block details
[  220.976653][T13916] EXT4-fs (loop2): free_blocks=2415919104
[  220.982588][T13916] EXT4-fs (loop2): dirty_blocks=736
[  220.987895][T13916] EXT4-fs (loop2): Block reservation details
[  220.993897][T13916] EXT4-fs (loop2): i_reserved_data_blocks=46
[  220.994439][T13924] loop3: detected capacity change from 0 to 8192
[  221.183628][ T8687] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  221.196027][ T8687] EXT4-fs (loop2): This should not happen!! Data will be lost
[  221.196027][ T8687] 
[  221.241606][T13944] loop2: detected capacity change from 0 to 512
[  221.249124][T13944] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  221.269155][T13944] EXT4-fs (loop2): can't mount with journal_async_commit, fs mounted w/o journal
[  221.304096][T13948] sg_write: data in/out 64380/1 bytes for SCSI command 0x1c-- guessing data in;
[  221.304096][T13948]    program syz.2.3881 not setting count and/or reply_len properly
[  221.304334][T13938] netlink: 'syz.0.3877': attribute type 1 has an invalid length.
[  221.397131][T13952] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  221.409153][T13952] syzkaller0: entered promiscuous mode
[  221.414767][T13952] syzkaller0: entered allmulticast mode
[  221.544467][T13956] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  221.554322][T13956] syzkaller0: entered promiscuous mode
[  221.559882][T13956] syzkaller0: entered allmulticast mode
[  221.572395][T13958] loop2: detected capacity change from 0 to 512
[  221.592815][T13958] __nla_validate_parse: 1 callbacks suppressed
[  221.592896][T13958] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3886'.
[  221.608506][T13960] loop4: detected capacity change from 0 to 512
[  221.615016][T13960] EXT4-fs: Ignoring removed nobh option
[  221.623011][T13960] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.3887: iget: bad i_size value: 38620345925642
[  221.750944][T13960] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3887: couldn't read orphan inode 15 (err -117)
[  221.767996][T13960] netlink: 80 bytes leftover after parsing attributes in process `syz.4.3887'.
[  221.780696][T13960] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.3887: bg 0: block 5: invalid block bitmap
[  221.793775][T13960] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  221.806372][T13960] EXT4-fs (loop4): This should not happen!! Data will be lost
[  221.806372][T13960] 
[  221.816086][T13960] EXT4-fs (loop4): Total free blocks count 0
[  221.822088][T13960] EXT4-fs (loop4): Free/Dirty block details
[  221.827996][T13960] EXT4-fs (loop4): free_blocks=0
[  221.832927][T13960] EXT4-fs (loop4): dirty_blocks=16
[  221.838137][T13960] EXT4-fs (loop4): Block reservation details
[  221.844137][T13960] EXT4-fs (loop4): i_reserved_data_blocks=16
[  221.932430][T13972] loop2: detected capacity change from 0 to 512
[  221.941520][T13972] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.3888: casefold flag without casefold feature
[  221.954684][T13972] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3888: couldn't read orphan inode 15 (err -117)
[  222.155676][T13979] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  222.215260][T13979] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  222.354230][T13991] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  222.364035][T13991] syzkaller0: entered promiscuous mode
[  222.369662][T13991] syzkaller0: entered allmulticast mode
[  222.546545][T14001] loop0: detected capacity change from 0 to 164
[  222.555645][T14004] loop2: detected capacity change from 0 to 164
[  222.564279][T14001] rock: directory entry would overflow storage
[  222.570495][T14001] rock: sig=0x66, size=4, remaining=3
[  222.577441][T14004] rock: directory entry would overflow storage
[  222.583777][T14004] rock: sig=0x66, size=4, remaining=3
[  222.601620][T14004] rock: directory entry would overflow storage
[  222.607864][T14004] rock: sig=0x66, size=4, remaining=3
[  222.627538][T14004] iso9660: Corrupted directory entry in block 4 of inode 1792
[  222.678167][T14008] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  222.686652][T14008] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  222.743360][T14023] sch_fq: defrate 4294967295 ignored.
[  222.760040][T14025] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3912'.
[  222.776064][T14025] loop1: detected capacity change from 0 to 1024
[  222.782661][T14025] EXT4-fs: Ignoring removed bh option
[  222.788200][T14025] EXT4-fs: inline encryption not supported
[  222.794203][T14025] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  222.803326][T14025] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  222.815318][T14025] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #3: block 1: comm syz.1.3912: lblock 1 mapped to illegal pblock 1 (length 1)
[  222.830085][T14025] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.3912: Failed to acquire dquot type 0
[  222.842079][T14025] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.3912: Freeing blocks not in datazone - block = 0, count = 4096
[  222.867806][T14025] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.3912: Invalid inode bitmap blk 0 in block_group 0
[  222.881090][T14025] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  222.890035][T14025] EXT4-fs (loop1): 1 orphan inode deleted
[  222.890038][ T8683] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:12: lblock 1 mapped to illegal pblock 1 (length 1)
[  222.896473][T14025] EXT4-fs mount: 8 callbacks suppressed
[  222.896507][T14025] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.936604][ T8683] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:12: Failed to release dquot type 0
[  222.958212][T14025] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.252091][T14052] FAULT_INJECTION: forcing a failure.
[  223.252091][T14052] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.265267][T14052] CPU: 1 UID: 0 PID: 14052 Comm: syz.0.3923 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  223.265308][T14052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  223.265324][T14052] Call Trace:
[  223.265331][T14052]  <TASK>
[  223.265339][T14052]  __dump_stack+0x1d/0x30
[  223.265366][T14052]  dump_stack_lvl+0xe8/0x140
[  223.265485][T14052]  dump_stack+0x15/0x1b
[  223.265508][T14052]  should_fail_ex+0x265/0x280
[  223.265534][T14052]  should_fail+0xb/0x20
[  223.265551][T14052]  should_fail_usercopy+0x1a/0x20
[  223.265598][T14052]  _copy_to_user+0x20/0xa0
[  223.265635][T14052]  simple_read_from_buffer+0xb5/0x130
[  223.265721][T14052]  proc_fail_nth_read+0x10e/0x150
[  223.265751][T14052]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.265778][T14052]  vfs_read+0x1a8/0x770
[  223.265866][T14052]  ? __rcu_read_unlock+0x4f/0x70
[  223.265888][T14052]  ? __fget_files+0x184/0x1c0
[  223.265916][T14052]  ksys_read+0xda/0x1a0
[  223.265940][T14052]  __x64_sys_read+0x40/0x50
[  223.265972][T14052]  x64_sys_call+0x27bc/0x2ff0
[  223.265993][T14052]  do_syscall_64+0xd2/0x200
[  223.266023][T14052]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  223.266047][T14052]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  223.266154][T14052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.266175][T14052] RIP: 0033:0x7f7e32b2d5fc
[  223.266190][T14052] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  223.266257][T14052] RSP: 002b:00007f7e3158f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  223.266275][T14052] RAX: ffffffffffffffda RBX: 00007f7e32d65fa0 RCX: 00007f7e32b2d5fc
[  223.266331][T14052] RDX: 000000000000000f RSI: 00007f7e3158f0a0 RDI: 0000000000000006
[  223.266343][T14052] RBP: 00007f7e3158f090 R08: 0000000000000000 R09: 0000000000000000
[  223.266355][T14052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.266367][T14052] R13: 00007f7e32d66038 R14: 00007f7e32d65fa0 R15: 00007ffc64a8dfd8
[  223.266385][T14052]  </TASK>
[  223.565442][T14067] loop3: detected capacity change from 0 to 512
[  223.581104][T14067] netlink: 256 bytes leftover after parsing attributes in process `syz.3.3930'.
[  223.692578][T14083] FAULT_INJECTION: forcing a failure.
[  223.692578][T14083] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.705716][T14083] CPU: 0 UID: 0 PID: 14083 Comm: syz.3.3936 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  223.705744][T14083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  223.705827][T14083] Call Trace:
[  223.705835][T14083]  <TASK>
[  223.705844][T14083]  __dump_stack+0x1d/0x30
[  223.705869][T14083]  dump_stack_lvl+0xe8/0x140
[  223.705951][T14083]  dump_stack+0x15/0x1b
[  223.705966][T14083]  should_fail_ex+0x265/0x280
[  223.705984][T14083]  should_fail+0xb/0x20
[  223.705999][T14083]  should_fail_usercopy+0x1a/0x20
[  223.706082][T14083]  strncpy_from_user+0x25/0x230
[  223.706226][T14083]  strncpy_from_user_nofault+0x68/0xf0
[  223.706314][T14083]  bpf_probe_read_user_str+0x2a/0x70
[  223.706342][T14083]  bpf_prog_02a70dbeb5f742df+0x43/0x49
[  223.706430][T14083]  bpf_trace_run2+0x107/0x1c0
[  223.706452][T14083]  ? getname_flags+0x2be/0x3b0
[  223.706578][T14083]  __bpf_trace_sys_enter+0x10/0x30
[  223.706597][T14083]  trace_sys_enter+0x86/0xf0
[  223.706616][T14083]  syscall_trace_enter+0x13e/0x1e0
[  223.706682][T14083]  do_syscall_64+0xac/0x200
[  223.706779][T14083]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  223.706799][T14083]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  223.706899][T14083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.706918][T14083] RIP: 0033:0x7f480dafd5fc
[  223.706931][T14083] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  223.706947][T14083] RSP: 002b:00007f480c567030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  223.707014][T14083] RAX: ffffffffffffffda RBX: 00007f480dd35fa0 RCX: 00007f480dafd5fc
[  223.707025][T14083] RDX: 000000000000000f RSI: 00007f480c5670a0 RDI: 0000000000000005
[  223.707036][T14083] RBP: 00007f480c567090 R08: 0000000000000000 R09: 0000000000000000
[  223.707046][T14083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.707069][T14083] R13: 00007f480dd36038 R14: 00007f480dd35fa0 R15: 00007fff8310aa38
[  223.707085][T14083]  </TASK>
[  223.964574][T14091] loop1: detected capacity change from 0 to 1024
[  223.982104][T14091] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  224.085977][T14107] netlink: 268 bytes leftover after parsing attributes in process `syz.4.3945'.
[  224.098769][T14108] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: comm syz.1.3938: lblock 0 mapped to illegal pblock 0 (length 4)
[  224.128546][T14108] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  224.130697][   T29] kauditd_printk_skb: 576 callbacks suppressed
[  224.130713][   T29] audit: type=1326 audit(224.105:13287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14109 comm="syz.4.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  224.140964][T14108] EXT4-fs (loop1): This should not happen!! Data will be lost
[  224.140964][T14108] 
[  224.147462][   T29] audit: type=1326 audit(224.115:13288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14109 comm="syz.4.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  224.206085][   T29] audit: type=1326 audit(224.175:13289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14109 comm="syz.4.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  224.229114][   T29] audit: type=1326 audit(224.175:13290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14109 comm="syz.4.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  224.252088][   T29] audit: type=1326 audit(224.175:13291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14109 comm="syz.4.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  224.275334][   T29] audit: type=1326 audit(224.175:13292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14109 comm="syz.4.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  224.298361][   T29] audit: type=1326 audit(224.175:13293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14109 comm="syz.4.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  224.321328][   T29] audit: type=1326 audit(224.175:13294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14109 comm="syz.4.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  224.344342][   T29] audit: type=1326 audit(224.175:13295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14109 comm="syz.4.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  224.367336][   T29] audit: type=1326 audit(224.175:13296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14109 comm="syz.4.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  224.435419][T14114] SELinux:  Context system_u:object_r:getty_var_run_t:s0 is not valid (left unmapped).
[  224.490143][T14119] loop0: detected capacity change from 0 to 512
[  224.496815][T14119] EXT4-fs: Ignoring removed nobh option
[  224.520992][T14119] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.3948: iget: bad i_size value: 38620345925642
[  224.543834][T14119] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.3948: couldn't read orphan inode 15 (err -117)
[  224.558811][T14119] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.575368][T14119] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3948'.
[  224.587114][T14119] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.3948: bg 0: block 5: invalid block bitmap
[  224.601478][T14119] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  224.613869][T14119] EXT4-fs (loop0): This should not happen!! Data will be lost
[  224.613869][T14119] 
[  224.623586][T14119] EXT4-fs (loop0): Total free blocks count 0
[  224.629727][T14119] EXT4-fs (loop0): Free/Dirty block details
[  224.635629][T14119] EXT4-fs (loop0): free_blocks=0
[  224.640697][T14119] EXT4-fs (loop0): dirty_blocks=16
[  224.645996][T14119] EXT4-fs (loop0): Block reservation details
[  224.652213][T14119] EXT4-fs (loop0): i_reserved_data_blocks=16
[  224.673613][ T8683] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 4: comm kworker/u8:12: lblock 4 mapped to illegal pblock 4 (length 2)
[  224.690916][ T8683] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  224.703236][ T8683] EXT4-fs (loop1): This should not happen!! Data will be lost
[  224.703236][ T8683] 
[  224.718079][ T8683] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:12: lblock 8 mapped to illegal pblock 8 (length 8)
[  224.732703][ T8683] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  224.745061][ T8683] EXT4-fs (loop1): This should not happen!! Data will be lost
[  224.745061][ T8683] 
[  224.767075][T11977] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.784951][T14127] FAULT_INJECTION: forcing a failure.
[  224.784951][T14127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.798078][T14127] CPU: 0 UID: 0 PID: 14127 Comm: syz.0.3952 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  224.798113][T14127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  224.798164][T14127] Call Trace:
[  224.798172][T14127]  <TASK>
[  224.798181][T14127]  __dump_stack+0x1d/0x30
[  224.798207][T14127]  dump_stack_lvl+0xe8/0x140
[  224.798242][T14127]  dump_stack+0x15/0x1b
[  224.798261][T14127]  should_fail_ex+0x265/0x280
[  224.798285][T14127]  should_fail+0xb/0x20
[  224.798301][T14127]  should_fail_usercopy+0x1a/0x20
[  224.798323][T14127]  _copy_from_user+0x1c/0xb0
[  224.798506][T14127]  ___sys_sendmsg+0xc1/0x1d0
[  224.798551][T14127]  __x64_sys_sendmsg+0xd4/0x160
[  224.798579][T14127]  x64_sys_call+0x191e/0x2ff0
[  224.798600][T14127]  do_syscall_64+0xd2/0x200
[  224.798653][T14127]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  224.798683][T14127]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  224.798760][T14127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.798785][T14127] RIP: 0033:0x7f7e32b2ebe9
[  224.798803][T14127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.798827][T14127] RSP: 002b:00007f7e3158f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.798878][T14127] RAX: ffffffffffffffda RBX: 00007f7e32d65fa0 RCX: 00007f7e32b2ebe9
[  224.798890][T14127] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  224.798901][T14127] RBP: 00007f7e3158f090 R08: 0000000000000000 R09: 0000000000000000
[  224.798912][T14127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.798924][T14127] R13: 00007f7e32d66038 R14: 00007f7e32d65fa0 R15: 00007ffc64a8dfd8
[  224.798946][T14127]  </TASK>
[  224.850505][T10841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  225.065405][T14140] syzkaller0: entered promiscuous mode
[  225.071093][T14140] syzkaller0: entered allmulticast mode
[  225.156676][T14154] FAULT_INJECTION: forcing a failure.
[  225.156676][T14154] name failslab, interval 1, probability 0, space 0, times 0
[  225.169436][T14154] CPU: 0 UID: 0 PID: 14154 Comm: syz.4.3963 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  225.169468][T14154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  225.169526][T14154] Call Trace:
[  225.169533][T14154]  <TASK>
[  225.169540][T14154]  __dump_stack+0x1d/0x30
[  225.169561][T14154]  dump_stack_lvl+0xe8/0x140
[  225.169586][T14154]  dump_stack+0x15/0x1b
[  225.169608][T14154]  should_fail_ex+0x265/0x280
[  225.169630][T14154]  should_failslab+0x8c/0xb0
[  225.169675][T14154]  kmem_cache_alloc_node_noprof+0x57/0x320
[  225.169713][T14154]  ? __alloc_skb+0x101/0x320
[  225.169740][T14154]  __alloc_skb+0x101/0x320
[  225.169759][T14154]  netlink_alloc_large_skb+0xba/0xf0
[  225.169795][T14154]  netlink_sendmsg+0x3cf/0x6b0
[  225.169823][T14154]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.169845][T14154]  __sock_sendmsg+0x145/0x180
[  225.169957][T14154]  ____sys_sendmsg+0x31e/0x4e0
[  225.170114][T14154]  ___sys_sendmsg+0x17b/0x1d0
[  225.170160][T14154]  __x64_sys_sendmsg+0xd4/0x160
[  225.170251][T14154]  x64_sys_call+0x191e/0x2ff0
[  225.170285][T14154]  do_syscall_64+0xd2/0x200
[  225.170322][T14154]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  225.170346][T14154]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  225.170443][T14154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.170464][T14154] RIP: 0033:0x7f96fc61ebe9
[  225.170482][T14154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.170499][T14154] RSP: 002b:00007f96fb07f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.170517][T14154] RAX: ffffffffffffffda RBX: 00007f96fc855fa0 RCX: 00007f96fc61ebe9
[  225.170560][T14154] RDX: 0000000000000000 RSI: 00002000000037c0 RDI: 0000000000000003
[  225.170575][T14154] RBP: 00007f96fb07f090 R08: 0000000000000000 R09: 0000000000000000
[  225.170591][T14154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.170604][T14154] R13: 00007f96fc856038 R14: 00007f96fc855fa0 R15: 00007fffe5114188
[  225.170622][T14154]  </TASK>
[  225.441641][T14171] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14171 comm=syz.0.3964
[  225.569355][T14183] capability: warning: `syz.0.3969' uses deprecated v2 capabilities in a way that may be insecure
[  225.742472][T14196] syzkaller0: entered promiscuous mode
[  225.748035][T14196] syzkaller0: entered allmulticast mode
[  225.817572][T14204] loop2: detected capacity change from 0 to 512
[  225.840719][T14204] EXT4-fs: Ignoring removed nobh option
[  225.858543][T14204] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.3979: iget: bad i_size value: 38620345925642
[  225.882572][T14204] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3979: couldn't read orphan inode 15 (err -117)
[  225.896014][T14204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.903829][T14214] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3983'.
[  225.928652][T14204] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3979'.
[  225.951632][T14204] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.3979: bg 0: block 5: invalid block bitmap
[  225.982109][T14204] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  225.994599][T14204] EXT4-fs (loop2): This should not happen!! Data will be lost
[  225.994599][T14204] 
[  226.004303][T14204] EXT4-fs (loop2): Total free blocks count 0
[  226.010366][T14204] EXT4-fs (loop2): Free/Dirty block details
[  226.016273][T14204] EXT4-fs (loop2): free_blocks=0
[  226.021324][T14204] EXT4-fs (loop2): dirty_blocks=16
[  226.026547][T14204] EXT4-fs (loop2): Block reservation details
[  226.032628][T14204] EXT4-fs (loop2): i_reserved_data_blocks=16
[  226.151768][T11769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.370611][T14253] syzkaller0: entered promiscuous mode
[  226.376134][T14253] syzkaller0: entered allmulticast mode
[  226.386522][T14255] loop2: detected capacity change from 0 to 7
[  226.432113][T14259] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3994'.
[  226.672984][T14273] loop2: detected capacity change from 0 to 2048
[  226.673976][T14269] netlink: 'syz.0.3999': attribute type 1 has an invalid length.
[  226.699616][T14273] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  226.773680][T14279] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:169: inode #12: comm syz.2.4000: inline data xattr refers to an external xattr inode
[  226.851592][T14279] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  226.870935][T14279] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1886 with error 28
[  226.883531][T14279] EXT4-fs (loop2): This should not happen!! Data will be lost
[  226.883531][T14279] 
[  226.893217][T14279] EXT4-fs (loop2): Total free blocks count 0
[  226.899421][T14279] EXT4-fs (loop2): Free/Dirty block details
[  226.905327][T14279] EXT4-fs (loop2): free_blocks=2415919104
[  226.911106][T14279] EXT4-fs (loop2): dirty_blocks=1888
[  226.916402][T14279] EXT4-fs (loop2): Block reservation details
[  226.922409][T14279] EXT4-fs (loop2): i_reserved_data_blocks=118
[  226.976994][T14290] loop0: detected capacity change from 0 to 512
[  227.000046][T14290] EXT4-fs: Ignoring removed nobh option
[  227.011849][T14290] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.4005: iget: bad i_size value: 38620345925642
[  227.015589][T14295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4006'.
[  227.048477][T14290] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.4005: couldn't read orphan inode 15 (err -117)
[  227.088189][T14290] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.115572][T14301] loop1: detected capacity change from 0 to 1024
[  227.148920][T14290] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4005'.
[  227.170759][T14290] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4005: bg 0: block 5: invalid block bitmap
[  227.187839][T14301] EXT4-fs: Ignoring removed bh option
[  227.193286][T14301] EXT4-fs: Ignoring removed nobh option
[  227.199010][T14301] EXT4-fs: Ignoring removed bh option
[  227.214007][T14290] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  227.226426][T14290] EXT4-fs (loop0): This should not happen!! Data will be lost
[  227.226426][T14290] 
[  227.236185][T14290] EXT4-fs (loop0): Total free blocks count 0
[  227.242240][T14290] EXT4-fs (loop0): Free/Dirty block details
[  227.248263][T14290] EXT4-fs (loop0): free_blocks=0
[  227.253213][T14290] EXT4-fs (loop0): dirty_blocks=16
[  227.258415][T14290] EXT4-fs (loop0): Block reservation details
[  227.264410][T14290] EXT4-fs (loop0): i_reserved_data_blocks=16
[  227.271118][T14301] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.301046][T14301] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.4010: Allocating blocks 385-513 which overlap fs metadata
[  227.332388][T14301] EXT4-fs (loop1): pa ffff8881072002a0: logic 16, phys. 129, len 24
[  227.340510][T14301] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  227.382363][T14306] netlink: 'syz.3.4012': attribute type 1 has an invalid length.
[  227.416611][T10841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.489959][T11977] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.541301][T14331] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4016'.
[  227.589695][T14340] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4021'.
[  227.645882][T14347] random: crng reseeded on system resumption
[  227.684266][   T12] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  227.746990][T14355] loop1: detected capacity change from 0 to 512
[  227.767646][T14355] EXT4-fs: Ignoring removed nobh option
[  227.786589][T14355] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.4027: iget: bad i_size value: 38620345925642
[  227.799850][T14355] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.4027: couldn't read orphan inode 15 (err -117)
[  227.817749][T14355] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.831914][T14355] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4027'.
[  227.843192][T14355] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.4027: bg 0: block 5: invalid block bitmap
[  227.873230][T14355] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  227.885690][T14355] EXT4-fs (loop1): This should not happen!! Data will be lost
[  227.885690][T14355] 
[  227.895575][T14355] EXT4-fs (loop1): Total free blocks count 0
[  227.901607][T14355] EXT4-fs (loop1): Free/Dirty block details
[  227.907620][T14355] EXT4-fs (loop1): free_blocks=0
[  227.912572][T14355] EXT4-fs (loop1): dirty_blocks=16
[  227.917761][T14355] EXT4-fs (loop1): Block reservation details
[  227.923754][T14355] EXT4-fs (loop1): i_reserved_data_blocks=16
[  227.964209][T14368] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4032'.
[  227.991229][T14372] loop2: detected capacity change from 0 to 7
[  228.025787][T10841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.042302][T14374] syzkaller0: entered promiscuous mode
[  228.047915][T14374] syzkaller0: entered allmulticast mode
[  229.070110][T14408] loop4: detected capacity change from 0 to 512
[  229.086780][T14408] EXT4-fs: Ignoring removed nobh option
[  229.105325][T14408] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4046: iget: bad i_size value: 38620345925642
[  229.119909][T14408] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4046: couldn't read orphan inode 15 (err -117)
[  229.143704][T14408] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.177453][T14408] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4046'.
[  229.200476][T14408] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4046: bg 0: block 5: invalid block bitmap
[  229.399782][T14408] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  229.412120][T14408] EXT4-fs (loop4): This should not happen!! Data will be lost
[  229.412120][T14408] 
[  229.421833][T14408] EXT4-fs (loop4): Total free blocks count 0
[  229.427869][T14408] EXT4-fs (loop4): Free/Dirty block details
[  229.433782][T14408] EXT4-fs (loop4): free_blocks=0
[  229.438917][T14408] EXT4-fs (loop4): dirty_blocks=16
[  229.444038][T14408] EXT4-fs (loop4): Block reservation details
[  229.450063][T14408] EXT4-fs (loop4): i_reserved_data_blocks=16
[  229.501752][   T29] kauditd_printk_skb: 387 callbacks suppressed
[  229.501766][   T29] audit: type=1326 audit(229.475:13684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14413 comm="syz.1.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  229.542105][T14414] lo speed is unknown, defaulting to 1000
[  229.549479][T14415] FAULT_INJECTION: forcing a failure.
[  229.549479][T14415] name failslab, interval 1, probability 0, space 0, times 0
[  229.562182][T14415] CPU: 0 UID: 0 PID: 14415 Comm: syz.1.4048 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  229.562286][T14415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  229.562303][T14415] Call Trace:
[  229.562310][T14415]  <TASK>
[  229.562320][T14415]  __dump_stack+0x1d/0x30
[  229.562379][T14415]  dump_stack_lvl+0xe8/0x140
[  229.562403][T14415]  dump_stack+0x15/0x1b
[  229.562424][T14415]  should_fail_ex+0x265/0x280
[  229.562446][T14415]  should_failslab+0x8c/0xb0
[  229.562510][T14415]  kmem_cache_alloc_node_noprof+0x57/0x320
[  229.562539][T14415]  ? __alloc_skb+0x101/0x320
[  229.562620][T14415]  __alloc_skb+0x101/0x320
[  229.562641][T14415]  ? audit_log_start+0x365/0x6c0
[  229.562674][T14415]  audit_log_start+0x380/0x6c0
[  229.562705][T14415]  audit_seccomp+0x48/0x100
[  229.562734][T14415]  ? __seccomp_filter+0x68c/0x10d0
[  229.562762][T14415]  __seccomp_filter+0x69d/0x10d0
[  229.562841][T14415]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  229.562939][T14415]  ? vfs_write+0x7e8/0x960
[  229.562966][T14415]  ? __rcu_read_unlock+0x4f/0x70
[  229.562989][T14415]  ? __fget_files+0x184/0x1c0
[  229.563090][T14415]  __secure_computing+0x82/0x150
[  229.563116][T14415]  syscall_trace_enter+0xcf/0x1e0
[  229.563206][T14415]  do_syscall_64+0xac/0x200
[  229.563302][T14415]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  229.563331][T14415]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  229.563364][T14415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.563396][T14415] RIP: 0033:0x7fe3c4c3ebe9
[  229.563411][T14415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.563428][T14415] RSP: 002b:00007fe3c369f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  229.563449][T14415] RAX: ffffffffffffffda RBX: 00007fe3c4e75fa0 RCX: 00007fe3c4c3ebe9
[  229.563540][T14415] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  229.563555][T14415] RBP: 00007fe3c369f090 R08: 0000000000000000 R09: 0000000000000000
[  229.563571][T14415] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000001
[  229.563586][T14415] R13: 00007fe3c4e76038 R14: 00007fe3c4e75fa0 R15: 00007ffd0284a968
[  229.563607][T14415]  </TASK>
[  229.563617][T14415] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64
[  229.576347][   T29] audit: type=1326 audit(229.525:13685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14413 comm="syz.1.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe3c4c3d550 code=0x7ffc0000
[  229.583680][T14415] audit: out of memory in audit_log_start
[  229.586969][   T29] audit: type=1326 audit(229.525:13686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14413 comm="syz.1.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe3c4c3d69f code=0x7ffc0000
[  229.702934][T14416] netlink: 'syz.2.4047': attribute type 21 has an invalid length.
[  229.708963][T14416] netlink: 'syz.2.4047': attribute type 4 has an invalid length.
[  229.847319][   T29] audit: type=1326 audit(229.615:13687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14413 comm="syz.1.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fe3c4c3d5fc code=0x7ffc0000
[  229.856453][T11515] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.877880][   T29] audit: type=1326 audit(229.615:13688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14413 comm="syz.1.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe3c4c3d69f code=0x7ffc0000
[  229.909516][   T29] audit: type=1326 audit(229.615:13689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14413 comm="syz.1.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe3c4c3d84a code=0x7ffc0000
[  229.932369][   T29] audit: type=1326 audit(229.615:13690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14413 comm="syz.1.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  229.955787][   T29] audit: type=1326 audit(229.615:13691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14413 comm="syz.1.4048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  229.991383][T14418] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  230.111567][T14430] loop2: detected capacity change from 0 to 512
[  230.179199][T14430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.195900][T14436] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  230.203309][T14436] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  230.255190][T11769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.295591][T14444] loop3: detected capacity change from 0 to 2048
[  230.311319][T14444] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  230.393992][T14448] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:169: inode #12: comm syz.3.4057: inline data xattr refers to an external xattr inode
[  230.475579][T14448] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  230.498555][T14445] netlink: 'syz.2.4056': attribute type 1 has an invalid length.
[  230.506603][T14448] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 916 with error 28
[  230.519043][T14448] EXT4-fs (loop3): This should not happen!! Data will be lost
[  230.519043][T14448] 
[  230.528719][T14448] EXT4-fs (loop3): Total free blocks count 0
[  230.534703][T14448] EXT4-fs (loop3): Free/Dirty block details
[  230.540663][T14448] EXT4-fs (loop3): free_blocks=2415919104
[  230.546418][T14448] EXT4-fs (loop3): dirty_blocks=928
[  230.551686][T14448] EXT4-fs (loop3): Block reservation details
[  230.557750][T14448] EXT4-fs (loop3): i_reserved_data_blocks=58
[  230.911275][T10491] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  230.941640][T14461] loop2: detected capacity change from 0 to 7
[  231.002189][T14473] loop2: detected capacity change from 0 to 512
[  231.010973][T14473] EXT4-fs: Ignoring removed nobh option
[  231.029671][T14473] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.4065: iget: bad i_size value: 38620345925642
[  231.052871][T14473] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4065: couldn't read orphan inode 15 (err -117)
[  231.069517][T14473] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.109074][T14473] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4065'.
[  231.120142][T14473] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.4065: bg 0: block 5: invalid block bitmap
[  231.137424][T14473] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  231.149768][T14473] EXT4-fs (loop2): This should not happen!! Data will be lost
[  231.149768][T14473] 
[  231.159514][T14473] EXT4-fs (loop2): Total free blocks count 0
[  231.165515][T14473] EXT4-fs (loop2): Free/Dirty block details
[  231.171457][T14473] EXT4-fs (loop2): free_blocks=0
[  231.175055][T14484] FAULT_INJECTION: forcing a failure.
[  231.175055][T14484] name failslab, interval 1, probability 0, space 0, times 0
[  231.176418][T14473] EXT4-fs (loop2): dirty_blocks=16
[  231.189112][T14484] CPU: 0 UID: 0 PID: 14484 Comm: syz.4.4066 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  231.189151][T14484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  231.189171][T14484] Call Trace:
[  231.189180][T14484]  <TASK>
[  231.189191][T14484]  __dump_stack+0x1d/0x30
[  231.189219][T14484]  dump_stack_lvl+0xe8/0x140
[  231.189297][T14484]  dump_stack+0x15/0x1b
[  231.189319][T14484]  should_fail_ex+0x265/0x280
[  231.189347][T14484]  ? audit_log_d_path+0x8d/0x150
[  231.189390][T14484]  should_failslab+0x8c/0xb0
[  231.189424][T14484]  __kmalloc_cache_noprof+0x4c/0x320
[  231.189531][T14484]  audit_log_d_path+0x8d/0x150
[  231.189574][T14484]  audit_log_d_path_exe+0x42/0x70
[  231.189615][T14484]  audit_log_task+0x1e9/0x250
[  231.189732][T14484]  audit_seccomp+0x61/0x100
[  231.189786][T14484]  ? __seccomp_filter+0x68c/0x10d0
[  231.189872][T14484]  __seccomp_filter+0x69d/0x10d0
[  231.189903][T14484]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  231.189941][T14484]  ? vfs_write+0x7e8/0x960
[  231.190015][T14484]  ? kmem_cache_free+0xdf/0x300
[  231.190060][T14484]  __secure_computing+0x82/0x150
[  231.190094][T14484]  syscall_trace_enter+0xcf/0x1e0
[  231.190128][T14484]  do_syscall_64+0xac/0x200
[  231.190167][T14484]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  231.190260][T14484]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  231.190296][T14484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.190398][T14484] RIP: 0033:0x7f96fc61ebe9
[  231.190419][T14484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.190444][T14484] RSP: 002b:00007f96fb07f038 EFLAGS: 00000246 ORIG_RAX: 000000000000014e
[  231.190468][T14484] RAX: ffffffffffffffda RBX: 00007f96fc855fa0 RCX: 00007f96fc61ebe9
[  231.190486][T14484] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 00002000000004c0
[  231.190503][T14484] RBP: 00007f96fb07f090 R08: 0000000000000000 R09: 0000000000000000
[  231.190528][T14484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.190574][T14484] R13: 00007f96fc856038 R14: 00007f96fc855fa0 R15: 00007fffe5114188
[  231.190602][T14484]  </TASK>
[  231.405990][T14473] EXT4-fs (loop2): Block reservation details
[  231.412082][T14473] EXT4-fs (loop2): i_reserved_data_blocks=16
[  231.490082][T11769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.513055][T14541] FAULT_INJECTION: forcing a failure.
[  232.513055][T14541] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  232.526487][T14541] CPU: 0 UID: 0 PID: 14541 Comm: syz.3.4085 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  232.526523][T14541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  232.526567][T14541] Call Trace:
[  232.526575][T14541]  <TASK>
[  232.526583][T14541]  __dump_stack+0x1d/0x30
[  232.526669][T14541]  dump_stack_lvl+0xe8/0x140
[  232.526694][T14541]  dump_stack+0x15/0x1b
[  232.526715][T14541]  should_fail_ex+0x265/0x280
[  232.526813][T14541]  should_fail+0xb/0x20
[  232.526835][T14541]  should_fail_usercopy+0x1a/0x20
[  232.526856][T14541]  _copy_to_iter+0x387/0xe70
[  232.526883][T14541]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  232.526910][T14541]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  232.526941][T14541]  __skb_datagram_iter+0xc6/0x690
[  232.527025][T14541]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  232.527056][T14541]  skb_copy_datagram_iter+0x3d/0x110
[  232.527087][T14541]  netlink_recvmsg+0x1a8/0x550
[  232.527133][T14541]  ? __pfx_netlink_recvmsg+0x10/0x10
[  232.527154][T14541]  sock_recvmsg+0x136/0x170
[  232.527187][T14541]  ____sys_recvmsg+0xf5/0x280
[  232.527256][T14541]  ___sys_recvmsg+0x11f/0x370
[  232.527342][T14541]  do_recvmmsg+0x1ef/0x540
[  232.527386][T14541]  ? get_timespec64+0xc9/0x100
[  232.527422][T14541]  __x64_sys_recvmmsg+0xfb/0x170
[  232.527449][T14541]  x64_sys_call+0x27a6/0x2ff0
[  232.527476][T14541]  do_syscall_64+0xd2/0x200
[  232.527567][T14541]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  232.527736][T14541]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  232.527767][T14541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.527813][T14541] RIP: 0033:0x7f480dafebe9
[  232.527831][T14541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.527853][T14541] RSP: 002b:00007f480c567038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  232.527875][T14541] RAX: ffffffffffffffda RBX: 00007f480dd35fa0 RCX: 00007f480dafebe9
[  232.527891][T14541] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000006
[  232.527906][T14541] RBP: 00007f480c567090 R08: 0000200000003700 R09: 0000000000000000
[  232.527921][T14541] R10: 0000000002040000 R11: 0000000000000246 R12: 0000000000000001
[  232.527949][T14541] R13: 00007f480dd36038 R14: 00007f480dd35fa0 R15: 00007fff8310aa38
[  232.527967][T14541]  </TASK>
[  232.959906][T14553] loop2: detected capacity change from 0 to 7
[  232.986960][T14550] loop3: detected capacity change from 0 to 2048
[  233.033315][T14550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  233.051896][T14563] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4092'.
[  233.061648][T14563] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4092'.
[  233.102852][T14566] loop2: detected capacity change from 0 to 2048
[  233.112234][T14567] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:169: inode #12: comm syz.3.4090: inline data xattr refers to an external xattr inode
[  233.158384][T14566] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  233.192577][T14567] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  233.209263][T14567] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 994 with error 28
[  233.221691][T14567] EXT4-fs (loop3): This should not happen!! Data will be lost
[  233.221691][T14567] 
[  233.231376][T14567] EXT4-fs (loop3): Total free blocks count 0
[  233.237384][T14567] EXT4-fs (loop3): Free/Dirty block details
[  233.243292][T14567] EXT4-fs (loop3): free_blocks=2415919104
[  233.249131][T14567] EXT4-fs (loop3): dirty_blocks=1008
[  233.254458][T14567] EXT4-fs (loop3): Block reservation details
[  233.260466][T14567] EXT4-fs (loop3): i_reserved_data_blocks=63
[  233.260656][T14571] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:169: inode #12: comm syz.2.4094: inline data xattr refers to an external xattr inode
[  233.410600][T14575] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  233.440267][T14575] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 496 with max blocks 162 with error 28
[  233.452911][T14575] EXT4-fs (loop2): This should not happen!! Data will be lost
[  233.452911][T14575] 
[  233.462607][T14575] EXT4-fs (loop2): Total free blocks count 0
[  233.468697][T14575] EXT4-fs (loop2): Free/Dirty block details
[  233.474611][T14575] EXT4-fs (loop2): free_blocks=2415919104
[  233.480467][T14575] EXT4-fs (loop2): dirty_blocks=672
[  233.485677][T14575] EXT4-fs (loop2): Block reservation details
[  233.491693][T14575] EXT4-fs (loop2): i_reserved_data_blocks=42
[  233.664281][ T8683] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  233.846188][ T8683] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  234.028196][T14596] loop2: detected capacity change from 0 to 7
[  234.436805][T14609] loop3: detected capacity change from 0 to 2048
[  234.445997][T14613] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4110'.
[  234.475974][T14613] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4110'.
[  234.500474][T14609] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  234.513258][   T29] kauditd_printk_skb: 618 callbacks suppressed
[  234.513274][   T29] audit: type=1326 audit(234.485:14310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14608 comm="syz.3.4108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f480dafd550 code=0x7ffc0000
[  234.544374][   T29] audit: type=1326 audit(234.495:14311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14604 comm="syz.1.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  234.567397][   T29] audit: type=1326 audit(234.495:14312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14604 comm="syz.1.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  234.590463][   T29] audit: type=1326 audit(234.515:14313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14608 comm="syz.3.4108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f480dafd937 code=0x7ffc0000
[  234.613419][   T29] audit: type=1326 audit(234.515:14314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14608 comm="syz.3.4108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f480dafd550 code=0x7ffc0000
[  234.636420][   T29] audit: type=1326 audit(234.515:14315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14608 comm="syz.3.4108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480dafebe9 code=0x7ffc0000
[  234.659598][   T29] audit: type=1326 audit(234.515:14316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14608 comm="syz.3.4108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480dafebe9 code=0x7ffc0000
[  234.682675][   T29] audit: type=1326 audit(234.515:14317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14608 comm="syz.3.4108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f480dafebe9 code=0x7ffc0000
[  234.706209][T14620] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:169: inode #12: comm syz.3.4108: inline data xattr refers to an external xattr inode
[  234.723759][   T29] audit: type=1326 audit(234.515:14318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14608 comm="syz.3.4108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480dafebe9 code=0x7ffc0000
[  234.746978][   T29] audit: type=1326 audit(234.515:14319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14608 comm="syz.3.4108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f480dafebe9 code=0x7ffc0000
[  234.838735][T14619] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  234.854261][T14619] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 644 with error 28
[  234.866686][T14619] EXT4-fs (loop3): This should not happen!! Data will be lost
[  234.866686][T14619] 
[  234.876414][T14619] EXT4-fs (loop3): Total free blocks count 0
[  234.882470][T14619] EXT4-fs (loop3): Free/Dirty block details
[  234.888425][T14619] EXT4-fs (loop3): free_blocks=2415919104
[  234.894157][T14619] EXT4-fs (loop3): dirty_blocks=912
[  234.899393][T14619] EXT4-fs (loop3): Block reservation details
[  234.905394][T14619] EXT4-fs (loop3): i_reserved_data_blocks=57
[  235.426025][T14645] loop4: detected capacity change from 0 to 512
[  235.437691][T14645] EXT4-fs: Ignoring removed nobh option
[  235.472958][T14645] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4121: iget: bad i_size value: 38620345925642
[  235.516897][T14652] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4124'.
[  235.543043][T14654] lo speed is unknown, defaulting to 1000
[  235.573782][T14645] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4121: couldn't read orphan inode 15 (err -117)
[  235.613451][T14645] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.690449][T14645] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4121'.
[  235.741340][T14645] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4121: bg 0: block 5: invalid block bitmap
[  235.761848][ T8683] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  235.765638][T14645] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  235.786581][T14645] EXT4-fs (loop4): This should not happen!! Data will be lost
[  235.786581][T14645] 
[  235.796264][T14645] EXT4-fs (loop4): Total free blocks count 0
[  235.802287][T14645] EXT4-fs (loop4): Free/Dirty block details
[  235.808213][T14645] EXT4-fs (loop4): free_blocks=0
[  235.813154][T14645] EXT4-fs (loop4): dirty_blocks=16
[  235.818349][T14645] EXT4-fs (loop4): Block reservation details
[  235.824389][T14645] EXT4-fs (loop4): i_reserved_data_blocks=16
[  235.973814][T14663] loop3: detected capacity change from 0 to 2048
[  236.048489][T14663] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  236.063119][T11515] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.174773][T14652] Set syz1 is full, maxelem 65536 reached
[  236.191733][T14666] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:169: inode #12: comm syz.3.4127: inline data xattr refers to an external xattr inode
[  236.296504][T14666] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  236.312237][T14666] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  236.324815][T14666] EXT4-fs (loop3): This should not happen!! Data will be lost
[  236.324815][T14666] 
[  236.334469][T14666] EXT4-fs (loop3): Total free blocks count 0
[  236.340589][T14666] EXT4-fs (loop3): Free/Dirty block details
[  236.346707][T14666] EXT4-fs (loop3): free_blocks=2415919104
[  236.352461][T14666] EXT4-fs (loop3): dirty_blocks=2144
[  236.357779][T14666] EXT4-fs (loop3): Block reservation details
[  236.363854][T14666] EXT4-fs (loop3): i_reserved_data_blocks=134
[  236.442217][T14677] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4131'.
[  236.457938][T14677] 8021q: adding VLAN 0 to HW filter on device bond1
[  236.506234][T14677] bond1: (slave batadv1): Opening slave failed
[  236.853778][T14695] loop4: detected capacity change from 0 to 8192
[  236.901513][T10491] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  236.915801][T14695] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4139'.
[  236.932547][T14695] bridge0: port 3(batadv1) entered blocking state
[  236.939296][T14695] bridge0: port 3(batadv1) entered disabled state
[  236.958301][T14695] batadv1: entered allmulticast mode
[  236.964427][T14695] batadv1: entered promiscuous mode
[  237.048893][T14702] SELinux:  policydb version -1610780925 does not match my version range 15-35
[  237.079013][T14691] netlink: 'syz.1.4137': attribute type 1 has an invalid length.
[  237.097399][T14702] SELinux: failed to load policy
[  237.170993][T14709] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4143'.
[  237.221900][T14712] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4143'.
[  237.252500][T14711] syzkaller0: entered promiscuous mode
[  237.258096][T14711] syzkaller0: entered allmulticast mode
[  237.301650][T14715] loop2: detected capacity change from 0 to 7
[  237.408922][T14723] mmap: gtp (14723): VmData 167489536 exceed data ulimit 3798. Update limits or use boot option ignore_rlimit_data.
[  237.430247][T14719] netlink: '+}[@': attribute type 13 has an invalid length.
[  237.437632][T14719] netlink: '+}[@': attribute type 14 has an invalid length.
[  237.445415][ T8683] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  237.454750][ T8683] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  237.555681][T14742] loop4: detected capacity change from 0 to 512
[  237.586635][T14742] EXT4-fs: Ignoring removed nobh option
[  237.620801][T14742] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4153: iget: bad i_size value: 38620345925642
[  237.683517][T14742] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4153: couldn't read orphan inode 15 (err -117)
[  237.720248][T14742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.743384][T14756] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  237.762770][T14742] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4153: bg 0: block 5: invalid block bitmap
[  237.776153][T14742] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  237.788482][T14742] EXT4-fs (loop4): This should not happen!! Data will be lost
[  237.788482][T14742] 
[  237.798404][T14742] EXT4-fs (loop4): Total free blocks count 0
[  237.804405][T14742] EXT4-fs (loop4): Free/Dirty block details
[  237.810449][T14742] EXT4-fs (loop4): free_blocks=0
[  237.813154][T14759] loop2: detected capacity change from 0 to 7
[  237.815460][T14742] EXT4-fs (loop4): dirty_blocks=16
[  237.826672][T14742] EXT4-fs (loop4): Block reservation details
[  237.832754][T14742] EXT4-fs (loop4): i_reserved_data_blocks=16
[  237.869690][T14762] loop3: detected capacity change from 0 to 512
[  237.885672][T14762] EXT4-fs: Ignoring removed nobh option
[  237.926487][T14762] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.4160: iget: bad i_size value: 38620345925642
[  237.969390][T11515] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.984821][T14762] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4160: couldn't read orphan inode 15 (err -117)
[  238.032542][T14762] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.076765][T14762] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.4160: bg 0: block 5: invalid block bitmap
[  238.104328][T14782] __nla_validate_parse: 5 callbacks suppressed
[  238.104345][T14782] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4167'.
[  238.121688][T14762] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  238.134217][T14762] EXT4-fs (loop3): This should not happen!! Data will be lost
[  238.134217][T14762] 
[  238.144001][T14762] EXT4-fs (loop3): Total free blocks count 0
[  238.150120][T14762] EXT4-fs (loop3): Free/Dirty block details
[  238.156061][T14762] EXT4-fs (loop3): free_blocks=0
[  238.161146][T14762] EXT4-fs (loop3): dirty_blocks=16
[  238.166328][T14762] EXT4-fs (loop3): Block reservation details
[  238.172539][T14762] EXT4-fs (loop3): i_reserved_data_blocks=16
[  238.182198][T14782] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4167'.
[  238.261049][T10491] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.308761][T14798] loop2: detected capacity change from 0 to 7
[  238.343871][T14796] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  238.377741][T14796] syzkaller0: entered promiscuous mode
[  238.383285][T14796] syzkaller0: entered allmulticast mode
[  238.410242][T14796] tipc: Resetting bearer <eth:syzkaller0>
[  238.411205][T14808] 9pnet_fd: Insufficient options for proto=fd
[  238.422877][T14795] tipc: Resetting bearer <eth:syzkaller0>
[  238.524388][T14795] tipc: Disabling bearer <eth:syzkaller0>
[  238.547953][T14813] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4176'.
[  238.559838][T14813] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4176'.
[  239.384335][T14848] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4187'.
[  239.560371][T14852] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  239.613344][T14855] FAULT_INJECTION: forcing a failure.
[  239.613344][T14855] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.626684][T14855] CPU: 1 UID: 0 PID: 14855 Comm: syz.4.4190 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  239.626773][T14855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  239.626789][T14855] Call Trace:
[  239.626796][T14855]  <TASK>
[  239.626804][T14855]  __dump_stack+0x1d/0x30
[  239.626830][T14855]  dump_stack_lvl+0xe8/0x140
[  239.626854][T14855]  dump_stack+0x15/0x1b
[  239.626876][T14855]  should_fail_ex+0x265/0x280
[  239.626916][T14855]  should_fail+0xb/0x20
[  239.626934][T14855]  should_fail_usercopy+0x1a/0x20
[  239.626958][T14855]  _copy_from_iter+0xd2/0xe80
[  239.626986][T14855]  ? __build_skb_around+0x1a0/0x200
[  239.627048][T14855]  ? __alloc_skb+0x223/0x320
[  239.627144][T14855]  netlink_sendmsg+0x471/0x6b0
[  239.627178][T14855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  239.627207][T14855]  __sock_sendmsg+0x145/0x180
[  239.627249][T14855]  ____sys_sendmsg+0x31e/0x4e0
[  239.627281][T14855]  ___sys_sendmsg+0x17b/0x1d0
[  239.627406][T14855]  __x64_sys_sendmsg+0xd4/0x160
[  239.627441][T14855]  x64_sys_call+0x191e/0x2ff0
[  239.627468][T14855]  do_syscall_64+0xd2/0x200
[  239.627542][T14855]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  239.627685][T14855]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  239.627719][T14855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.627754][T14855] RIP: 0033:0x7f96fc61ebe9
[  239.627773][T14855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.627857][T14855] RSP: 002b:00007f96fb07f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  239.627876][T14855] RAX: ffffffffffffffda RBX: 00007f96fc855fa0 RCX: 00007f96fc61ebe9
[  239.627887][T14855] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000009
[  239.627902][T14855] RBP: 00007f96fb07f090 R08: 0000000000000000 R09: 0000000000000000
[  239.627990][T14855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.628005][T14855] R13: 00007f96fc856038 R14: 00007f96fc855fa0 R15: 00007fffe5114188
[  239.628029][T14855]  </TASK>
[  239.904989][T14859] loop4: detected capacity change from 0 to 512
[  239.911583][T14859] EXT4-fs: Ignoring removed nobh option
[  239.922178][T14863] loop2: detected capacity change from 0 to 7
[  239.932549][T14859] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4192: iget: bad i_size value: 38620345925642
[  239.967479][T14859] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4192: couldn't read orphan inode 15 (err -117)
[  239.983104][T14859] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.001409][T14859] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4192'.
[  240.013141][T14859] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4192: bg 0: block 5: invalid block bitmap
[  240.035628][T14859] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  240.048112][T14859] EXT4-fs (loop4): This should not happen!! Data will be lost
[  240.048112][T14859] 
[  240.057879][T14859] EXT4-fs (loop4): Total free blocks count 0
[  240.063899][T14859] EXT4-fs (loop4): Free/Dirty block details
[  240.069832][T14859] EXT4-fs (loop4): free_blocks=0
[  240.074815][T14859] EXT4-fs (loop4): dirty_blocks=16
[  240.080024][T14859] EXT4-fs (loop4): Block reservation details
[  240.086096][T14859] EXT4-fs (loop4): i_reserved_data_blocks=16
[  240.112905][   T29] kauditd_printk_skb: 353 callbacks suppressed
[  240.112939][   T29] audit: type=1326 audit(240.085:14673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.2.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d459ebe9 code=0x7ffc0000
[  240.191701][   T29] audit: type=1326 audit(240.085:14674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.2.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f92d459ebe9 code=0x7ffc0000
[  240.215005][   T29] audit: type=1326 audit(240.085:14675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.2.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d459ebe9 code=0x7ffc0000
[  240.238076][   T29] audit: type=1326 audit(240.085:14676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.2.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92d459ebe9 code=0x7ffc0000
[  240.261195][   T29] audit: type=1326 audit(240.085:14677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.2.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d459ebe9 code=0x7ffc0000
[  240.284372][   T29] audit: type=1326 audit(240.085:14678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.2.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92d459ebe9 code=0x7ffc0000
[  240.307701][   T29] audit: type=1326 audit(240.085:14679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.2.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d459ebe9 code=0x7ffc0000
[  240.330800][   T29] audit: type=1326 audit(240.085:14680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.2.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f92d459ebe9 code=0x7ffc0000
[  240.353854][   T29] audit: type=1326 audit(240.085:14681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.2.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92d459ebe9 code=0x7ffc0000
[  240.376891][   T29] audit: type=1326 audit(240.085:14682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14869 comm="syz.2.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92d459ebe9 code=0x7ffc0000
[  240.420277][T11515] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.449897][T14898] FAULT_INJECTION: forcing a failure.
[  240.449897][T14898] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.463050][T14898] CPU: 1 UID: 0 PID: 14898 Comm: syz.4.4201 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  240.463214][T14898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  240.463230][T14898] Call Trace:
[  240.463238][T14898]  <TASK>
[  240.463246][T14898]  __dump_stack+0x1d/0x30
[  240.463271][T14898]  dump_stack_lvl+0xe8/0x140
[  240.463290][T14898]  dump_stack+0x15/0x1b
[  240.463310][T14898]  should_fail_ex+0x265/0x280
[  240.463330][T14898]  should_fail+0xb/0x20
[  240.463405][T14898]  should_fail_usercopy+0x1a/0x20
[  240.463433][T14898]  strncpy_from_user+0x25/0x230
[  240.463466][T14898]  ? __kmalloc_cache_noprof+0x189/0x320
[  240.463496][T14898]  __se_sys_memfd_create+0x1ff/0x590
[  240.463577][T14898]  __x64_sys_memfd_create+0x31/0x40
[  240.463599][T14898]  x64_sys_call+0x2abe/0x2ff0
[  240.463691][T14898]  do_syscall_64+0xd2/0x200
[  240.463719][T14898]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  240.463750][T14898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.463794][T14898] RIP: 0033:0x7f96fc61ebe9
[  240.463813][T14898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.463832][T14898] RSP: 002b:00007f96fb07ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  240.463850][T14898] RAX: ffffffffffffffda RBX: 0000000000000295 RCX: 00007f96fc61ebe9
[  240.463862][T14898] RDX: 00007f96fb07eef0 RSI: 0000000000000000 RDI: 00007f96fc6a27e8
[  240.463888][T14898] RBP: 0000200000000640 R08: 00007f96fb07ebb7 R09: 00007f96fb07ee40
[  240.463901][T14898] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000240
[  240.463924][T14898] R13: 00007f96fb07eef0 R14: 00007f96fb07eeb0 R15: 0000200000000540
[  240.463948][T14898]  </TASK>
[  240.671009][T14901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4202'.
[  240.693577][T14901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4202'.
[  240.705793][T14905] FAULT_INJECTION: forcing a failure.
[  240.705793][T14905] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.718955][T14905] CPU: 0 UID: 0 PID: 14905 Comm: syz.4.4203 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  240.719006][T14905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  240.719101][T14905] Call Trace:
[  240.719109][T14905]  <TASK>
[  240.719119][T14905]  __dump_stack+0x1d/0x30
[  240.719142][T14905]  dump_stack_lvl+0xe8/0x140
[  240.719162][T14905]  dump_stack+0x15/0x1b
[  240.719186][T14905]  should_fail_ex+0x265/0x280
[  240.719220][T14905]  should_fail+0xb/0x20
[  240.719242][T14905]  should_fail_usercopy+0x1a/0x20
[  240.719270][T14905]  _copy_from_user+0x1c/0xb0
[  240.719305][T14905]  __se_sys_move_pages+0xd4a/0x1360
[  240.719408][T14905]  ? get_pid_task+0x96/0xd0
[  240.719445][T14905]  ? fput+0x8f/0xc0
[  240.719476][T14905]  ? ksys_write+0x192/0x1a0
[  240.719504][T14905]  __x64_sys_move_pages+0x78/0x90
[  240.719582][T14905]  x64_sys_call+0x2f78/0x2ff0
[  240.719638][T14905]  do_syscall_64+0xd2/0x200
[  240.719672][T14905]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  240.719701][T14905]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  240.719733][T14905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.719755][T14905] RIP: 0033:0x7f96fc61ebe9
[  240.719779][T14905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.719799][T14905] RSP: 002b:00007f96fb07f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  240.719822][T14905] RAX: ffffffffffffffda RBX: 00007f96fc855fa0 RCX: 00007f96fc61ebe9
[  240.719836][T14905] RDX: 0000200000000080 RSI: 20000000000000fe RDI: 0000000000000000
[  240.719851][T14905] RBP: 00007f96fb07f090 R08: 00002000000000c0 R09: 0000000000000000
[  240.719980][T14905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.719994][T14905] R13: 00007f96fc856038 R14: 00007f96fc855fa0 R15: 00007fffe5114188
[  240.720030][T14905]  </TASK>
[  240.727491][T14901] loop3: detected capacity change from 0 to 512
[  240.938933][T14908] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4205'.
[  240.948434][T14908] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4205'.
[  240.979796][T14901] EXT4-fs (loop3): orphan cleanup on readonly fs
[  240.986217][T14901] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  241.060076][T14901] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  241.080923][T14919] loop4: detected capacity change from 0 to 512
[  241.105573][T14920] IPv6: NLM_F_CREATE should be specified when creating new route
[  241.115999][T14919] journal_path: Non-blockdev passed as './bus'
[  241.122479][T14919] EXT4-fs: error: could not find journal device path
[  241.134820][T14901] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.4202: attempt to clear invalid blocks 2 len 1
[  241.168458][T14901] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4202: invalid indirect mapped block 1819239214 (level 0)
[  241.213315][T14901] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4202: invalid indirect mapped block 1819239214 (level 1)
[  241.245805][T14901] EXT4-fs (loop3): 1 truncate cleaned up
[  241.260985][T14901] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  241.287710][T14901] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  241.302514][T14915] netlink: 'syz.2.4208': attribute type 1 has an invalid length.
[  241.310716][T14901] EXT4-fs error (device loop3): __ext4_remount:6740: comm syz.3.4202: Abort forced by user
[  241.321915][T14901] EXT4-fs (loop3): Remounting filesystem read-only
[  241.328565][T14901] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  241.385864][T10491] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.574809][T14945] loop3: detected capacity change from 0 to 2048
[  241.599839][T14945] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  241.696077][T14955] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:169: inode #12: comm syz.3.4215: inline data xattr refers to an external xattr inode
[  241.840912][T14955] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  241.862330][T14955] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 768 with error 28
[  241.874778][T14955] EXT4-fs (loop3): This should not happen!! Data will be lost
[  241.874778][T14955] 
[  241.884483][T14955] EXT4-fs (loop3): Total free blocks count 0
[  241.890579][T14955] EXT4-fs (loop3): Free/Dirty block details
[  241.896483][T14955] EXT4-fs (loop3): free_blocks=2415919104
[  241.902384][T14955] EXT4-fs (loop3): dirty_blocks=784
[  241.907676][T14955] EXT4-fs (loop3): Block reservation details
[  241.913678][T14955] EXT4-fs (loop3): i_reserved_data_blocks=49
[  242.201990][T14971] loop2: detected capacity change from 0 to 7
[  242.481956][   T12] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  242.567205][T14985] batadv1: left allmulticast mode
[  242.572507][T14985] batadv1: left promiscuous mode
[  242.577776][T14985] bridge0: port 3(batadv1) entered disabled state
[  242.605772][T14985] bridge_slave_1: left allmulticast mode
[  242.611650][T14985] bridge_slave_1: left promiscuous mode
[  242.617406][T14985] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.635813][T14985] bridge_slave_0: left allmulticast mode
[  242.641583][T14985] bridge_slave_0: left promiscuous mode
[  242.647309][T14985] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.999173][T15002] lo speed is unknown, defaulting to 1000
[  243.169522][T15008] loop0: detected capacity change from 0 to 128
[  243.176190][T15008] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  243.208775][T15008] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  243.334218][T15015] loop4: detected capacity change from 0 to 1024
[  243.359868][T15015] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  243.375317][T15015] FAULT_INJECTION: forcing a failure.
[  243.375317][T15015] name failslab, interval 1, probability 0, space 0, times 0
[  243.388030][T15015] CPU: 1 UID: 0 PID: 15015 Comm: syz.4.4235 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  243.388075][T15015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  243.388108][T15015] Call Trace:
[  243.388115][T15015]  <TASK>
[  243.388122][T15015]  __dump_stack+0x1d/0x30
[  243.388174][T15015]  dump_stack_lvl+0xe8/0x140
[  243.388198][T15015]  dump_stack+0x15/0x1b
[  243.388218][T15015]  should_fail_ex+0x265/0x280
[  243.388380][T15015]  should_failslab+0x8c/0xb0
[  243.388418][T15015]  kmem_cache_alloc_noprof+0x50/0x310
[  243.388451][T15015]  ? __es_insert_extent+0x508/0xee0
[  243.388513][T15015]  __es_insert_extent+0x508/0xee0
[  243.388548][T15015]  ? __blk_flush_plug+0x262/0x2a0
[  243.388572][T15015]  ? read_tsc+0x9/0x20
[  243.388592][T15015]  ? ktime_get+0x1eb/0x210
[  243.388621][T15015]  ? __rcu_read_unlock+0x4f/0x70
[  243.388704][T15015]  ext4_es_cache_extent+0x276/0x370
[  243.388744][T15015]  ext4_find_extent+0x336/0x7a0
[  243.388775][T15015]  ext4_ext_map_blocks+0x11f/0x38a0
[  243.388811][T15015]  ? __account_obj_stock+0x211/0x350
[  243.388908][T15015]  ? prep_new_page+0x5c/0x200
[  243.389009][T15015]  ? __rcu_read_unlock+0x4f/0x70
[  243.389036][T15015]  ext4_map_query_blocks+0xa8/0x480
[  243.389076][T15015]  ext4_da_get_block_prep+0x25b/0xbb0
[  243.389114][T15015]  ? alloc_buffer_head+0x1c3/0x1f0
[  243.389179][T15015]  ? folio_alloc_buffers+0x2e5/0x310
[  243.389205][T15015]  ext4_block_write_begin+0x5e5/0xc00
[  243.389236][T15015]  ? __pfx_ext4_da_get_block_prep+0x10/0x10
[  243.389278][T15015]  ext4_da_write_begin+0x48f/0x6e0
[  243.389371][T15015]  generic_perform_write+0x184/0x490
[  243.389411][T15015]  ext4_buffered_write_iter+0x1ee/0x3c0
[  243.389448][T15015]  ? ext4_file_write_iter+0xfe/0xf00
[  243.389561][T15015]  ext4_file_write_iter+0x383/0xf00
[  243.389591][T15015]  ? 0xffffffff81000000
[  243.389606][T15015]  ? __rcu_read_unlock+0x4f/0x70
[  243.389708][T15015]  ? avc_policy_seqno+0x15/0x30
[  243.389806][T15015]  ? selinux_file_permission+0x1e4/0x320
[  243.389860][T15015]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  243.389890][T15015]  vfs_write+0x52a/0x960
[  243.389952][T15015]  __x64_sys_pwrite64+0xfd/0x150
[  243.390053][T15015]  x64_sys_call+0xc4d/0x2ff0
[  243.390108][T15015]  do_syscall_64+0xd2/0x200
[  243.390235][T15015]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  243.390322][T15015]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  243.390357][T15015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.390377][T15015] RIP: 0033:0x7f96fc61ebe9
[  243.390397][T15015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.390419][T15015] RSP: 002b:00007f96fb07f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  243.390442][T15015] RAX: ffffffffffffffda RBX: 00007f96fc855fa0 RCX: 00007f96fc61ebe9
[  243.390458][T15015] RDX: 000000000000fdef RSI: 0000200000000140 RDI: 0000000000000004
[  243.390474][T15015] RBP: 00007f96fb07f090 R08: 0000000000000000 R09: 0000000000000000
[  243.390532][T15015] R10: 0000000000000e7c R11: 0000000000000246 R12: 0000000000000001
[  243.390545][T15015] R13: 00007f96fc856038 R14: 00007f96fc855fa0 R15: 00007fffe5114188
[  243.390568][T15015]  </TASK>
[  243.531820][T15015] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 3: comm syz.4.4235: lblock 3 mapped to illegal pblock 3 (length 3)
[  243.721920][T15015] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  243.734283][T15015] EXT4-fs (loop4): This should not happen!! Data will be lost
[  243.734283][T15015] 
[  243.766885][ T8694] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:17: lblock 8 mapped to illegal pblock 8 (length 8)
[  243.795501][ T8694] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  243.808070][ T8694] EXT4-fs (loop4): This should not happen!! Data will be lost
[  243.808070][ T8694] 
[  243.823334][T11515] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  243.865785][T15024] FAULT_INJECTION: forcing a failure.
[  243.865785][T15024] name failslab, interval 1, probability 0, space 0, times 0
[  243.878496][T15024] CPU: 1 UID: 0 PID: 15024 Comm: syz.4.4237 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  243.878529][T15024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  243.878547][T15024] Call Trace:
[  243.878554][T15024]  <TASK>
[  243.878563][T15024]  __dump_stack+0x1d/0x30
[  243.878588][T15024]  dump_stack_lvl+0xe8/0x140
[  243.878612][T15024]  dump_stack+0x15/0x1b
[  243.878633][T15024]  should_fail_ex+0x265/0x280
[  243.878731][T15024]  should_failslab+0x8c/0xb0
[  243.878754][T15024]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  243.878789][T15024]  ? alloc_inode+0x9a/0x170
[  243.878879][T15024]  alloc_inode+0x9a/0x170
[  243.878904][T15024]  alloc_anon_inode+0x1e/0x170
[  243.878932][T15024]  aio_setup_ring+0x91/0x760
[  243.878976][T15024]  ioctx_alloc+0x2c4/0x4e0
[  243.879009][T15024]  __se_sys_io_setup+0x6b/0x1b0
[  243.879099][T15024]  __x64_sys_io_setup+0x31/0x40
[  243.879127][T15024]  x64_sys_call+0x2eff/0x2ff0
[  243.879190][T15024]  do_syscall_64+0xd2/0x200
[  243.879224][T15024]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  243.879246][T15024]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  243.879278][T15024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.879362][T15024] RIP: 0033:0x7f96fc61ebe9
[  243.879380][T15024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.879401][T15024] RSP: 002b:00007f96fb07f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  243.879419][T15024] RAX: ffffffffffffffda RBX: 00007f96fc855fa0 RCX: 00007f96fc61ebe9
[  243.879446][T15024] RDX: 0000000000000000 RSI: 0000200000001280 RDI: 0000000000002004
[  243.879457][T15024] RBP: 00007f96fb07f090 R08: 0000000000000000 R09: 0000000000000000
[  243.879470][T15024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.879485][T15024] R13: 00007f96fc856038 R14: 00007f96fc855fa0 R15: 00007fffe5114188
[  243.879508][T15024]  </TASK>
[  244.102922][T15025] __nla_validate_parse: 7 callbacks suppressed
[  244.102944][T15025] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4238'.
[  244.135068][T15027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4238'.
[  244.292099][T15043] loop4: detected capacity change from 0 to 2048
[  244.359864][T15043] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  244.494184][T15062] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:169: inode #12: comm syz.4.4244: inline data xattr refers to an external xattr inode
[  244.511202][T15064] tmpfs: Bad value for 'mpol'
[  244.537235][T15067] FAULT_INJECTION: forcing a failure.
[  244.537235][T15067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.550477][T15067] CPU: 1 UID: 0 PID: 15067 Comm: syz.3.4250 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  244.550511][T15067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  244.550599][T15067] Call Trace:
[  244.550608][T15067]  <TASK>
[  244.550618][T15067]  __dump_stack+0x1d/0x30
[  244.550645][T15067]  dump_stack_lvl+0xe8/0x140
[  244.550668][T15067]  dump_stack+0x15/0x1b
[  244.550684][T15067]  should_fail_ex+0x265/0x280
[  244.550705][T15067]  should_fail+0xb/0x20
[  244.550721][T15067]  should_fail_usercopy+0x1a/0x20
[  244.550745][T15067]  _copy_from_user+0x1c/0xb0
[  244.550843][T15067]  memdup_user+0x5e/0xd0
[  244.550875][T15067]  strndup_user+0x68/0xb0
[  244.550915][T15067]  __se_sys_mount+0x4d/0x2e0
[  244.551082][T15067]  ? __bpf_trace_sys_enter+0x10/0x30
[  244.551145][T15067]  ? __traceiter_sys_enter+0x5c/0x80
[  244.551171][T15067]  ? trace_sys_enter+0xd0/0xf0
[  244.551200][T15067]  __x64_sys_mount+0x67/0x80
[  244.551229][T15067]  x64_sys_call+0x2b4d/0x2ff0
[  244.551326][T15067]  do_syscall_64+0xd2/0x200
[  244.551361][T15067]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  244.551390][T15067]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  244.551418][T15067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.551464][T15067] RIP: 0033:0x7f480dafebe9
[  244.551482][T15067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.551500][T15067] RSP: 002b:00007f480c567038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  244.551518][T15067] RAX: ffffffffffffffda RBX: 00007f480dd35fa0 RCX: 00007f480dafebe9
[  244.551531][T15067] RDX: 0000200000000300 RSI: 00002000000002c0 RDI: 0000000000000000
[  244.551578][T15067] RBP: 00007f480c567090 R08: 00002000000004c0 R09: 0000000000000000
[  244.551594][T15067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.551609][T15067] R13: 00007f480dd36038 R14: 00007f480dd35fa0 R15: 00007fff8310aa38
[  244.551628][T15067]  </TASK>
[  244.785937][T15072] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4252'.
[  244.830222][T15076] loop3: detected capacity change from 0 to 128
[  244.843132][T15076] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  244.848935][T15062] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  244.856400][T15076] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  244.878785][T15062] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 566 with error 28
[  244.878820][T15062] EXT4-fs (loop4): This should not happen!! Data will be lost
[  244.878820][T15062] 
[  244.878836][T15062] EXT4-fs (loop4): Total free blocks count 0
[  244.878850][T15062] EXT4-fs (loop4): Free/Dirty block details
[  244.878894][T15062] EXT4-fs (loop4): free_blocks=2415919104
[  244.878909][T15062] EXT4-fs (loop4): dirty_blocks=576
[  244.878923][T15062] EXT4-fs (loop4): Block reservation details
[  244.878936][T15062] EXT4-fs (loop4): i_reserved_data_blocks=36
[  244.938585][T15072] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4252'.
[  245.117612][   T29] kauditd_printk_skb: 392 callbacks suppressed
[  245.117627][   T29] audit: type=1326 audit(245.095:15075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f96fc615ba7 code=0x7ffc0000
[  245.180423][   T29] audit: type=1326 audit(245.125:15076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f96fc5badb9 code=0x7ffc0000
[  245.203408][   T29] audit: type=1326 audit(245.125:15077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f96fc615ba7 code=0x7ffc0000
[  245.226326][   T29] audit: type=1326 audit(245.125:15078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f96fc5badb9 code=0x7ffc0000
[  245.249582][   T29] audit: type=1326 audit(245.125:15079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  245.272757][   T29] audit: type=1326 audit(245.125:15080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f96fc615ba7 code=0x7ffc0000
[  245.274623][T15100] loop3: detected capacity change from 0 to 164
[  245.295847][   T29] audit: type=1326 audit(245.125:15081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f96fc5badb9 code=0x7ffc0000
[  245.325053][   T29] audit: type=1326 audit(245.125:15082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96fc61ebe9 code=0x7ffc0000
[  245.348839][ T8687] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  245.422664][T15112] loop4: detected capacity change from 0 to 1024
[  245.433858][T15112] EXT4-fs: Ignoring removed bh option
[  245.442689][T15112] EXT4-fs: inline encryption not supported
[  245.449743][T15116] 9pnet_fd: Insufficient options for proto=fd
[  245.455912][   T29] audit: type=1326 audit(245.415:15083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15114 comm="syz.1.4265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  245.479029][   T29] audit: type=1326 audit(245.415:15084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15114 comm="syz.1.4265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  245.480422][T15115] loop1: detected capacity change from 0 to 2048
[  245.507547][T15112] I/O error, dev loop4, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 1
[  245.520555][T15112] EXT4-fs (loop4): unable to read superblock
[  245.527007][T15113] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  245.534557][T15113] batman_adv: batadv0: Removing interface: batadv_slave_0
[  245.542740][T15113] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  245.550172][T15113] batman_adv: batadv0: Removing interface: batadv_slave_1
[  245.580217][T15115] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  245.646806][T15119] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:169: inode #12: comm syz.1.4265: inline data xattr refers to an external xattr inode
[  245.776670][T15119] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  245.820405][T15119] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 682 with max blocks 54 with error 28
[  245.832999][T15119] EXT4-fs (loop1): This should not happen!! Data will be lost
[  245.832999][T15119] 
[  245.842709][T15119] EXT4-fs (loop1): Total free blocks count 0
[  245.848741][T15119] EXT4-fs (loop1): Free/Dirty block details
[  245.854645][T15119] EXT4-fs (loop1): free_blocks=2415919104
[  245.860435][T15119] EXT4-fs (loop1): dirty_blocks=752
[  245.865650][T15119] EXT4-fs (loop1): Block reservation details
[  245.871833][T15119] EXT4-fs (loop1): i_reserved_data_blocks=47
[  246.086437][T15149] loop2: detected capacity change from 0 to 7
[  246.094747][T15131] loop4: detected capacity change from 0 to 32768
[  246.151423][T15153] FAULT_INJECTION: forcing a failure.
[  246.151423][T15153] name failslab, interval 1, probability 0, space 0, times 0
[  246.164270][T15153] CPU: 1 UID: 0 PID: 15153 Comm: syz.3.4278 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  246.164356][T15153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  246.164370][T15153] Call Trace:
[  246.164376][T15153]  <TASK>
[  246.164385][T15153]  __dump_stack+0x1d/0x30
[  246.164409][T15153]  dump_stack_lvl+0xe8/0x140
[  246.164450][T15153]  dump_stack+0x15/0x1b
[  246.164468][T15153]  should_fail_ex+0x265/0x280
[  246.164490][T15153]  should_failslab+0x8c/0xb0
[  246.164516][T15153]  __kmalloc_noprof+0xa5/0x3e0
[  246.164545][T15153]  ? kobject_get_path+0x92/0x1c0
[  246.164600][T15153]  kobject_get_path+0x92/0x1c0
[  246.164635][T15153]  kobject_uevent_env+0x1da/0x570
[  246.164658][T15153]  ? device_pm_check_callbacks+0x683/0x6a0
[  246.164742][T15153]  kobject_uevent+0x1d/0x30
[  246.164764][T15153]  device_del+0x710/0x790
[  246.164791][T15153]  device_unregister+0x15/0x40
[  246.164814][T15153]  bdi_unregister+0x307/0x3a0
[  246.164844][T15153]  __del_gendisk+0x2c3/0x570
[  246.164947][T15153]  del_gendisk+0xac/0xf0
[  246.164972][T15153]  loop_remove+0x26/0x80
[  246.165003][T15153]  loop_control_ioctl+0x3b3/0x3f0
[  246.165035][T15153]  ? __pfx_loop_control_ioctl+0x10/0x10
[  246.165149][T15153]  __se_sys_ioctl+0xce/0x140
[  246.165170][T15153]  __x64_sys_ioctl+0x43/0x50
[  246.165204][T15153]  x64_sys_call+0x1816/0x2ff0
[  246.165251][T15153]  do_syscall_64+0xd2/0x200
[  246.165281][T15153]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  246.165328][T15153]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  246.165356][T15153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.165379][T15153] RIP: 0033:0x7f480dafebe9
[  246.165463][T15153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.165484][T15153] RSP: 002b:00007f480c567038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  246.165504][T15153] RAX: ffffffffffffffda RBX: 00007f480dd35fa0 RCX: 00007f480dafebe9
[  246.165518][T15153] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003
[  246.165531][T15153] RBP: 00007f480c567090 R08: 0000000000000000 R09: 0000000000000000
[  246.165544][T15153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.165606][T15153] R13: 00007f480dd36038 R14: 00007f480dd35fa0 R15: 00007fff8310aa38
[  246.165634][T15153]  </TASK>
[  246.481444][ T8683] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  246.880885][T15195] loop4: detected capacity change from 0 to 1024
[  246.941305][T15195] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.014771][T11515] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.029369][T15209] loop3: detected capacity change from 0 to 128
[  247.036028][T15209] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  247.039606][T15211] loop2: detected capacity change from 0 to 7
[  247.050232][T15209] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  247.098431][T15216] loop2: detected capacity change from 0 to 7
[  247.446498][T15252] loop2: detected capacity change from 0 to 7
[  247.559110][T15258] bond2: entered promiscuous mode
[  247.564208][T15258] bond2: entered allmulticast mode
[  247.578634][T15258] 8021q: adding VLAN 0 to HW filter on device bond2
[  247.603246][T15258] bond2 (unregistering): Released all slaves
[  247.732534][T15261] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  248.096405][T15285] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4317'.
[  248.113943][T15285] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4317'.
[  248.418577][T15299] loop2: detected capacity change from 0 to 7
[  249.319231][T15330] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4332'.
[  249.364332][T15330] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4332'.
[  249.458695][T15339] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4336'.
[  249.470585][T15339] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4336'.
[  249.614230][T15349] loop1: detected capacity change from 0 to 128
[  249.621194][T15349] EXT4-fs: dax option not supported
[  249.686909][T15353] loop1: detected capacity change from 0 to 2048
[  249.730967][T15353] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  249.771950][T15365] FAULT_INJECTION: forcing a failure.
[  249.771950][T15365] name failslab, interval 1, probability 0, space 0, times 0
[  249.784621][T15365] CPU: 0 UID: 0 PID: 15365 Comm: syz.0.4346 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  249.784677][T15365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  249.784693][T15365] Call Trace:
[  249.784700][T15365]  <TASK>
[  249.784707][T15365]  __dump_stack+0x1d/0x30
[  249.784732][T15365]  dump_stack_lvl+0xe8/0x140
[  249.784756][T15365]  dump_stack+0x15/0x1b
[  249.784772][T15365]  should_fail_ex+0x265/0x280
[  249.784792][T15365]  should_failslab+0x8c/0xb0
[  249.784870][T15365]  kmem_cache_alloc_noprof+0x50/0x310
[  249.784897][T15365]  ? alloc_empty_file+0x76/0x200
[  249.784928][T15365]  ? mntput+0x4b/0x80
[  249.785025][T15365]  alloc_empty_file+0x76/0x200
[  249.785063][T15365]  path_openat+0x68/0x2170
[  249.785087][T15365]  ? _parse_integer_limit+0x170/0x190
[  249.785117][T15365]  ? kstrtoull+0x111/0x140
[  249.785219][T15365]  ? kstrtouint+0x76/0xc0
[  249.785246][T15365]  do_filp_open+0x109/0x230
[  249.785282][T15365]  do_sys_openat2+0xa6/0x110
[  249.785399][T15365]  __x64_sys_openat+0xf2/0x120
[  249.785466][T15365]  x64_sys_call+0x2e9c/0x2ff0
[  249.785488][T15365]  do_syscall_64+0xd2/0x200
[  249.785514][T15365]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  249.785539][T15365]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  249.785636][T15365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.785658][T15365] RIP: 0033:0x7f7e32b2ebe9
[  249.785676][T15365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.785697][T15365] RSP: 002b:00007f7e3158f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  249.785716][T15365] RAX: ffffffffffffffda RBX: 00007f7e32d65fa0 RCX: 00007f7e32b2ebe9
[  249.785727][T15365] RDX: 0000000000084d03 RSI: 0000200000000380 RDI: ffffffffffffff9c
[  249.785811][T15365] RBP: 00007f7e3158f090 R08: 0000000000000000 R09: 0000000000000000
[  249.785833][T15365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.785847][T15365] R13: 00007f7e32d66038 R14: 00007f7e32d65fa0 R15: 00007ffc64a8dfd8
[  249.785865][T15365]  </TASK>
[  250.068186][T15371] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4347'.
[  250.129674][   T29] kauditd_printk_skb: 586 callbacks suppressed
[  250.129690][   T29] audit: type=1326 audit(250.095:15671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15352 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe3c4c35ba7 code=0x7ffc0000
[  250.137625][T15371] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4347'.
[  250.159059][   T29] audit: type=1326 audit(250.095:15672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15352 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe3c4bdadb9 code=0x7ffc0000
[  250.190846][   T29] audit: type=1326 audit(250.095:15673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15352 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  250.213832][   T29] audit: type=1326 audit(250.105:15674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15352 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe3c4c35ba7 code=0x7ffc0000
[  250.236749][   T29] audit: type=1326 audit(250.105:15675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15352 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe3c4bdadb9 code=0x7ffc0000
[  250.259722][   T29] audit: type=1326 audit(250.105:15676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15352 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  250.350666][   T29] audit: type=1326 audit(250.145:15677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15352 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe3c4c35ba7 code=0x7ffc0000
[  250.373616][   T29] audit: type=1326 audit(250.145:15678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15352 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe3c4bdadb9 code=0x7ffc0000
[  250.396527][   T29] audit: type=1326 audit(250.145:15679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15352 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3c4c3ebe9 code=0x7ffc0000
[  250.419787][   T29] audit: type=1326 audit(250.165:15680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15352 comm="syz.1.4342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe3c4c35ba7 code=0x7ffc0000
[  250.453747][T10841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  250.470559][T10841] ==================================================================
[  250.478692][T10841] BUG: KCSAN: data-race in munlock_folio / need_mlock_drain
[  250.486019][T10841] 
[  250.488359][T10841] read-write to 0xffff888237c26a48 of 1 bytes by task 15351 on cpu 0:
[  250.496532][T10841]  munlock_folio+0x44/0x120
[  250.501058][T10841]  folio_remove_rmap_ptes+0x197/0x1a0
[  250.506441][T10841]  unmap_page_range+0x155b/0x2680
[  250.511485][T10841]  unmap_vmas+0x23d/0x3a0
[  250.515844][T10841]  exit_mmap+0x1b0/0x6c0
[  250.520118][T10841]  __mmput+0x28/0x1c0
[  250.524114][T10841]  mmput+0x40/0x50
[  250.527857][T10841]  exit_mm+0xe4/0x190
[  250.531865][T10841]  do_exit+0x417/0x15c0
[  250.536406][T10841]  do_group_exit+0xff/0x140
[  250.540935][T10841]  get_signal+0xe59/0xf70
[  250.545312][T10841]  arch_do_signal_or_restart+0x96/0x480
[  250.550872][T10841]  exit_to_user_mode_loop+0x7a/0x100
[  250.556171][T10841]  do_syscall_64+0x1d6/0x200
[  250.560779][T10841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.566682][T10841] 
[  250.569018][T10841] read to 0xffff888237c26a48 of 1 bytes by task 10841 on cpu 1:
[  250.576651][T10841]  need_mlock_drain+0x30/0x50
[  250.581341][T10841]  __lru_add_drain_all+0x220/0x3f0
[  250.586484][T10841]  lru_add_drain_all+0x10/0x20
[  250.591257][T10841]  invalidate_bdev+0x47/0x70
[  250.595861][T10841]  ext4_put_super+0x624/0x7d0
[  250.600551][T10841]  generic_shutdown_super+0xe6/0x210
[  250.605860][T10841]  kill_block_super+0x2a/0x70
[  250.610550][T10841]  ext4_kill_sb+0x42/0x80
[  250.614912][T10841]  deactivate_locked_super+0x72/0x1c0
[  250.620393][T10841]  deactivate_super+0x97/0xa0
[  250.625092][T10841]  cleanup_mnt+0x269/0x2e0
[  250.629520][T10841]  __cleanup_mnt+0x19/0x20
[  250.633948][T10841]  task_work_run+0x131/0x1a0
[  250.638551][T10841]  exit_to_user_mode_loop+0xe4/0x100
[  250.643865][T10841]  do_syscall_64+0x1d6/0x200
[  250.648470][T10841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.654372][T10841] 
[  250.656696][T10841] value changed: 0x0d -> 0x16
[  250.661371][T10841] 
[  250.663699][T10841] Reported by Kernel Concurrency Sanitizer on:
[  250.669851][T10841] CPU: 1 UID: 0 PID: 10841 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  250.679830][T10841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  250.689889][T10841] ==================================================================
[  250.774179][T15388] netlink: 'gtp': attribute type 30 has an invalid length.