last executing test programs:

1.825937812s ago: executing program 3 (id=486):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="6700000011008188040f56ecdb4cb9cca7480ef435000000e3bd6efb440009000e002e0010000000ba80013ffa85f59a0000005a8c3774fa0af3dc59a933c1e6a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f", 0x67}], 0x1}, 0x0)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000003040)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r5}, 0x38)
r6 = socket(0x10, 0x3, 0x9)
connect$netlink(r6, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES16=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="18110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000004000000850000000600000018100000d2a58354aee4c7863e7b94ae6e5170ea92c3e41367e582f45b3096f1de98c44bee8fcad13f77c1e09f", @ANYRES32, @ANYBLOB="000000000000000044784000f0ffffff"], &(0x7f0000000200)='GPL\x00', 0x40000, 0x1000, &(0x7f0000000a00)=""/4096, 0x40f00, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0xe, 0xfffffffd, 0x9}, 0x10, 0x0, 0x0, 0x5, &(0x7f00000002c0)=[r1, r1], &(0x7f0000000300)=[{0x2, 0x1, 0xd, 0x7}, {0x2, 0x4, 0x0, 0x7}, {0x0, 0x4, 0x6, 0xc}, {0x3, 0x3, 0x10, 0xa}, {0x1, 0x1, 0xd, 0x5}], 0x10, 0xe}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085"], 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r9 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$selinux_validatetrans(r9, &(0x7f0000000180)=ANY=[@ANYBLOB='system_u:object_r:semanage_t system_u:object_r:fixed_disk_device_t:s0 00'], 0x79)
ioctl$TIOCNOTTY(r0, 0x5422)

1.803805472s ago: executing program 4 (id=487):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001680)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b00000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffc01}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001c80)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES64=r0, @ANYRESHEX, @ANYRESOCT=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='svcsock_tcp_recv_short\x00', r1, 0x0, 0x541}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2123, 0x0)
alarm(0x7ff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x3804402, &(0x7f0000000240)={[{@user_xattr}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@noinit_itable}, {@nomblk_io_submit}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
r2 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x30)
fallocate(r2, 0x0, 0x0, 0x1001f0)

1.762250533s ago: executing program 3 (id=488):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'team_slave_1\x00'})
sendmsg$nl_route(r3, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x8000)

1.701944474s ago: executing program 3 (id=489):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
getpgrp(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='sched_switch\x00', r2}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0xfe8e, 0x12)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r5, 0x0, 0x100000000}, 0x18)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)

1.664124094s ago: executing program 4 (id=492):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x1, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)

1.539237666s ago: executing program 2 (id=495):
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000022020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000c00)=0xc, 0x6, 0x2)

1.453071108s ago: executing program 3 (id=496):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0x1237, &(0x7f00000006c0)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==")
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="f800000016008502000000000000000020010000000000000000000000000002a600000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032"], 0xf8}}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty, 0x1}, 0x1c)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = creat(0x0, 0xd931d3864d39ddd8)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})
syz_open_dev$usbfs(0x0, 0x1ff, 0xa401)
pread64(r2, &(0x7f0000002840)=""/4096, 0x1000, 0x100000001)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x9102000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040000}, 0x200040c0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000040000"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
setreuid(0x0, 0xee01)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_pidfd_open(r5, 0x0)
pidfd_send_signal(r6, 0x2, 0x0, 0x0)

1.28338416s ago: executing program 4 (id=499):
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000022020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000c00)=0xc, 0x6, 0x2)

1.135296813s ago: executing program 1 (id=501):
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00'}, 0x10)
setreuid(0xffffffffffffffff, 0xee01)
syz_clone(0x20100000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.125616443s ago: executing program 1 (id=502):
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000022020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000c00)=0xc, 0x6, 0x2)

1.120687103s ago: executing program 2 (id=503):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001680)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffc01}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001c80)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES64=r0, @ANYRESHEX, @ANYRESOCT=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='svcsock_tcp_recv_short\x00', r1, 0x0, 0x541}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2123, 0x0)
alarm(0x7ff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x3804402, &(0x7f0000000240)={[{@user_xattr}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@noinit_itable}, {@nomblk_io_submit}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
r2 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x30)
fallocate(r2, 0x0, 0x0, 0x1001f0)

963.124135ms ago: executing program 0 (id=506):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000008c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r0, &(0x7f0000000a40)={0x0, 0x300, &(0x7f0000000a00)={&(0x7f0000000900)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="01002abd7000ffdbdf250b"], 0x1c}, 0x1, 0x0, 0x0, 0x20024000}, 0x6000010)

962.350145ms ago: executing program 2 (id=507):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@type_tag={0x2, 0x0, 0x0, 0x12, 0x5}]}, {0x0, [0x2e, 0x61, 0x61, 0x61]}}, &(0x7f0000000880)=""/155, 0x2a, 0x9b, 0x1, 0xffffffff, 0x10000}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000030000000000b700000000008500879190c425f929d0fa00000c000000b7000000000000"], &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0xc, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x18)
pipe2$9p(0x0, 0x4880)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)

904.571166ms ago: executing program 0 (id=508):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f00000000c0)={0x3}, 0xc)

903.927766ms ago: executing program 0 (id=509):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0x7, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r2}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x600, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
r6 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040))
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r7, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x24040000)
unshare(0x2c020400)

821.480967ms ago: executing program 0 (id=510):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x1, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)

820.948077ms ago: executing program 4 (id=511):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001680)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffc01}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001c80)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES64=r0, @ANYRESHEX, @ANYRESOCT=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='svcsock_tcp_recv_short\x00', r1, 0x0, 0x541}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2123, 0x0)
alarm(0x7ff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x3804402, &(0x7f0000000240)={[{@user_xattr}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@noinit_itable}, {@nomblk_io_submit}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x30)

731.651549ms ago: executing program 2 (id=512):
r0 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$selinux_validatetrans(r0, &(0x7f0000000180)=ANY=[@ANYBLOB='system_u:object_r:semanage_t system_u:object_r:fixed_disk_device_t:s0 00'], 0x79)

690.176429ms ago: executing program 4 (id=513):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r0}, 0x10)
setreuid(0xffffffffffffffff, 0xee01)
syz_clone(0x20100000, 0x0, 0x0, 0x0, 0x0, 0x0)

619.137341ms ago: executing program 2 (id=514):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000000000000000070007020000f8ffffffb78ac70000000000e78d3116bb0008000000b70400000201000085000000"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r4 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000880)='./file1\x00', 0x4897, &(0x7f00000008c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0x100ffe}}, {@stripe={'stripe', 0x3d, 0x2}}, {@acl}, {@errors_remount}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2}}]}, 0x3, 0x449, &(0x7f0000000280)="$eJzs3MtPXNUfAPDvnWHor6Ut/Gp9tT7QaiQ+oNCqXbjRaHShiYku6hKBNpVpMQUT25CIxtSlaeLeuDTxL3ClG6OuTNzq3jRpDBurqzF35l4YhhlgcGBo5/NJLpxzH3POd849c8+9hyGAnjWc/kgiDkbEbxExWMuu3WG49uvW8uLU38uLU0lUKm/9mVT3+2t5cSrfNT9uIMuMFCIKnyZxvEm581euzk6WyzOXs/zYwsX3x+avXH3mwsXJ8zPnZy5NnDlz+tT4889NPBv7OxDnQOzLUq+9c/2NqbPX3/3pmySPvyGODhneaOPjlUqHi+uuQ3XppK+LFaEtxYhIm6tU7f+DUYzVxhuMVz5pfeSrh3enhsBOqVQqlYHWm5fyq3oFuAMlW+7bsz4H4I6SX+jT+9982ZWBxx5x88XaDVAa961sqW3pi0K2T6nh/raThiPi7NI/X6ZLrD6HKO1QcQAA8V06/nl68/Hf4WxuaCgi/h8RRyLirog4GhF3R8Q9lYh7I+K+NstvnCRZX37hRpsv2ZZ0/PdCNre1dvyXj/5iqJjlDlXjLyXnLpRnTmbvyUiU9qX58Q3K+P7lXz9vta1+/Jcuafn5WDCrx42+fWuPmZ5cmPwvMde7+XHEsb5m8ScrMwFJRNwfEce2WcaFJ79+oNW2VvFvaQDcgXmmylcRT9Tafyka4s8lG89Pjv0vyjMnx/KzYr2ff7n2ZqvyN2//nZW2/4Gm5/9K/ENJ/XztfPtlXPv9s5b3lNs9//uTt6vp/mzdh5MLC5fHI/qT12uVrl8/sXpsns/3T+MfOdG8/x+J1XfieESkJ/GDEfFQRDyc1f2RiHg0Ik5sEP+PLz323vbj31lp/NNttf9qoj8a1zRPFGd/+HZNoUNr67B5+5+upkayNVv5/NtKvbZ3NgMAAMDtpxARByMpjK6kC4XR0drf8B+NA4Xy3PzCU+fmPrg0XfuOwFCUCvmTrsG656Hj2W19np9oyJ/Knht/UdxfzY9OzZWnux089LiBFv0/9Uex27UDdpzva0Hv0v+hd+n/0Lv0f+hdTfp/J/7nDnAbaHb9/6gL9QB2X0P/N+0HPcT9P/Qu/R96l/4PPWl+f2z+JXkJiXWJKOyJauy9RH417VY1ihHRgdfp8gcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAh/wbAAD//6u41Q8=")
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
getdents64(r4, &(0x7f0000000980)=""/198, 0xfc)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaa230180c20000000800450000b00000000000119078000000000000000000004e20009c907801000000000000f97a4b143b7461fd777b9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649a5eb9e838b7c6874460a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424dbcfd56f1375461caaa2f19935e6996c7096ffeeb83000000000000649a3bfb81f39cb307b3472eb9cdb042d2643fcbb2c5a57df67d544af6e8dafe09"], 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x66, 0x0, 0x0, 0x4, 0x0, @local, @rand_addr=0x3}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r8, &(0x7f0000006c80)=[{{&(0x7f00000006c0)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10, 0x0, 0x0, &(0x7f0000000b40)=[@ip_retopts={{0x10}}], 0x10}}], 0x1, 0x2400c870)

593.131861ms ago: executing program 4 (id=515):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
syz_genetlink_get_family_id$ethtool(0x0, r1)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYBLOB="070000000000000000000500000098000180140402007308092fa327252b0c797a5f74756e0000000000000000000c000380df8333d6c7fb2862bdbcc5f4086e80d9bc558e"], 0x38}}, 0x0)
sendfile(r1, r0, 0x0, 0x7ffff000)

580.041231ms ago: executing program 3 (id=516):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
getpgrp(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='sched_switch\x00', r2}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0xfe8e, 0x12)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)

525.415292ms ago: executing program 1 (id=517):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
sendmmsg$inet6(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x38, r3, 0x1, 0x0, 0x1, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0xc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x38}}, 0x4000) (fail_nth: 4)

518.007092ms ago: executing program 0 (id=518):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r1, &(0x7f0000000300)={0x2, 0x4e24, @remote}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004d00), 0x0, 0x40f1d)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008000000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000200000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000500)='mm_page_alloc\x00', r5}, 0x18)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1c, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x18)
r9 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x20280, 0x0)
ioctl$IMADDTIMER(r9, 0x80044940, &(0x7f0000000080)=0x14)
unshare(0x62040200)
close(r9)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x20, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[@ANYRES32=0x0], 0x70}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
socket$inet6(0xa, 0x3, 0x87)

204.097967ms ago: executing program 2 (id=519):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x200000000000035a, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)

159.220648ms ago: executing program 1 (id=520):
pipe(&(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRES32=r0], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x7f, <r3=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
fsetxattr$security_selinux(r1, &(0x7f00000000c0), &(0x7f00000005c0)='system_u:object_r:utempter_exec_t:s0\x00', 0x25, 0x3)

158.357948ms ago: executing program 1 (id=521):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x4080)
ioctl$IOC_PR_PREEMPT(r0, 0x401870cb, &(0x7f0000000040)={0x8, 0xe2, 0x4, 0x8})
r1 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020662a, &(0x7f0000000080)={0x6, 0x3, 0x0, 0x2, 0x3, 0x0, [{0x2493, 0x80000000, 0x1000, '\x00', 0x80d}, {0x1, 0x6, 0x1, '\x00', 0x2e00}, {0x10000, 0x1, 0x4, '\x00', 0x1208}]})
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000180)=0x4)
r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)=@generic={&(0x7f0000000200)='./file0\x00', 0x0, 0x10}, 0x18)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300), 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@map=r4, r2, 0x17, 0x0, r3, @void, @value=r5}, 0x20)
sendmsg$nl_route(r2, &(0x7f0000000480)={&(0x7f0000000340), 0xc, &(0x7f0000000440)={&(0x7f0000000380)=@ipv6_deladdrlabel={0xac, 0x49, 0x8, 0x70bd26, 0x25dfdbfb, {0xa, 0x0, 0xef, 0x0, 0x0, 0xb}, [@IFAL_ADDRESS={0x14, 0x1, @local}, @IFAL_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @IFAL_LABEL={0x8, 0x2, 0xb}, @IFAL_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x1c}}, @IFAL_LABEL={0x8}, @IFAL_LABEL={0x8, 0x2, 0xb}, @IFAL_ADDRESS={0x14, 0x1, @mcast2}, @IFAL_ADDRESS={0x14, 0x1, @private0}, @IFAL_ADDRESS={0x14, 0x1, @remote}]}, 0xac}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
r6 = io_uring_setup(0x2ede, &(0x7f00000004c0)={0x0, 0xd5bb, 0x200, 0x2, 0x2e5, 0x0, r4})
io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f0000000540)=[r0, r4, r3, r4, 0xffffffffffffffff, r2, r0], 0x7)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000840)={'ip_vti0\x00', &(0x7f0000000780)={'ip_vti0\x00', <r7=>0x0, 0x8, 0x700, 0x4, 0x3, {{0x1c, 0x4, 0x1, 0x7, 0x70, 0x68, 0x0, 0x7, 0x4, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x3d}, {[@timestamp_addr={0x44, 0xc, 0x3d, 0x1, 0x2, [{@multicast1, 0x9}]}, @timestamp_addr={0x44, 0x24, 0x89, 0x1, 0x0, [{@multicast1, 0x2}, {@broadcast, 0x9}, {@empty, 0x7fff}, {@rand_addr=0x64010102, 0x80000000}]}, @end, @timestamp={0x44, 0x18, 0x30, 0x0, 0x1, [0x7f, 0x0, 0x40, 0xcf3, 0xc9e]}, @lsrr={0x83, 0xb, 0x6d, [@local, @multicast2]}, @lsrr={0x83, 0x7, 0xfb, [@private=0xa010100]}]}}}}})
r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000900), 0x121000, 0xc000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x15, &(0x7f0000000580)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffff65}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @call={0x85, 0x0, 0x0, 0xcc}], &(0x7f0000000640)='syzkaller\x00', 0x8, 0xcc, &(0x7f0000000680)=""/204, 0x82100, 0xc, '\x00', r7, 0x0, r2, 0x8, &(0x7f0000000880)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000008c0)={0x5, 0x9, 0x8ef}, 0x10, 0x0, 0x0, 0xa, &(0x7f0000000940)=[r2, r4, r8, r2, r2, r4, r4, r4], &(0x7f0000000980)=[{0x1, 0x3, 0x10, 0x7}, {0x1, 0x4, 0x1, 0x7}, {0x1, 0x1, 0x4}, {0x4, 0x3, 0xb, 0x1}, {0x4, 0x5, 0x0, 0x1}, {0x3, 0x3, 0x9, 0x7}, {0x2, 0x5, 0x9, 0x5}, {0x1, 0x1, 0x7, 0x1}, {0x5, 0x2, 0x5, 0x6}, {0x4, 0x5, 0x3, 0x4}], 0x10, 0x2}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000b00)={{0x1, 0x1, 0x18, r2, {0xee00, <r9=>0xffffffffffffffff}}, './file0\x00'})
fstat(r2, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
setregid(r9, r10)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r8, 0x5760, 0x0)
r11 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000c00), 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000bc0), r11)
openat$cgroup(r1, &(0x7f0000000c40)='syz0\x00', 0x200002, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000d40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x1c, 0x0, 0x2, 0x70bd25, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x3924}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000804}, 0x4008885)
ioctl$BTRFS_IOC_START_SYNC(r8, 0x80089418, &(0x7f0000000d80))
mkdir(&(0x7f0000000dc0)='./file0/file0\x00', 0x80)
prctl$PR_SET_NAME(0xf, &(0x7f0000000e00)='\x8c.\x00')
write$binfmt_aout(r4, &(0x7f0000000e40)={{0x107, 0x9, 0x8, 0x2f, 0x2a4, 0x1, 0x50, 0x8a4}, "37dac2023898cba444dd77ea3e396c1d1fb40934bf84f3a05537231d4f18cc52c924a7a80806de6e45635d176dccc39dc631d89c8067b1fd44a5d7b3024813a324d20bd8d5fcabbf67ac3a1b7d527e459bdff3fd5bdfc09418599262a909f93f8b3004debde540bcfef63fee9bbcd980b1ac0066f94c5f06874b03a87ddcc52dc45c24c134f8c8a9ca00e6b8b610c4f7b98924b8ea4e307f", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x6b8)
syz_open_procfs(0x0, &(0x7f0000001580)='attr/prev\x00')

142.924638ms ago: executing program 1 (id=522):
socket$nl_generic(0x10, 0x3, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)

91.449838ms ago: executing program 0 (id=523):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x6, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)=@base={0x12, 0x6, 0x8, 0x2}, 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)

0s ago: executing program 3 (id=524):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWSET={0x34, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x9}]}], {0x14}}, 0x5c}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.10.36' (ED25519) to the list of known hosts.
[   21.357477][   T29] audit: type=1400 audit(1751570556.097:62): avc:  denied  { mounton } for  pid=3260 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   21.358343][ T3260] cgroup: Unknown subsys name 'net'
[   21.380242][   T29] audit: type=1400 audit(1751570556.097:63): avc:  denied  { mount } for  pid=3260 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.407632][   T29] audit: type=1400 audit(1751570556.127:64): avc:  denied  { unmount } for  pid=3260 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.560549][ T3260] cgroup: Unknown subsys name 'cpuset'
[   21.566771][ T3260] cgroup: Unknown subsys name 'rlimit'
[   21.735505][   T29] audit: type=1400 audit(1751570556.477:65): avc:  denied  { setattr } for  pid=3260 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   21.759921][   T29] audit: type=1400 audit(1751570556.477:66): avc:  denied  { create } for  pid=3260 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   21.780442][   T29] audit: type=1400 audit(1751570556.477:67): avc:  denied  { write } for  pid=3260 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   21.800818][   T29] audit: type=1400 audit(1751570556.477:68): avc:  denied  { read } for  pid=3260 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   21.821116][   T29] audit: type=1400 audit(1751570556.487:69): avc:  denied  { mounton } for  pid=3260 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   21.827787][ T3292] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   21.845980][   T29] audit: type=1400 audit(1751570556.487:70): avc:  denied  { mount } for  pid=3260 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   21.877779][   T29] audit: type=1400 audit(1751570556.607:71): avc:  denied  { relabelto } for  pid=3292 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   21.907668][ T3260] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   22.980679][ T3301] chnl_net:caif_netlink_parms(): no params data found
[   23.061274][ T3301] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.068517][ T3301] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.075813][ T3301] bridge_slave_0: entered allmulticast mode
[   23.082382][ T3301] bridge_slave_0: entered promiscuous mode
[   23.100259][ T3301] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.107422][ T3301] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.114948][ T3301] bridge_slave_1: entered allmulticast mode
[   23.121249][ T3301] bridge_slave_1: entered promiscuous mode
[   23.154806][ T3301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   23.172761][ T3301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   23.197218][ T3301] team0: Port device team_slave_0 added
[   23.206466][ T3301] team0: Port device team_slave_1 added
[   23.248927][ T3309] chnl_net:caif_netlink_parms(): no params data found
[   23.257765][ T3301] batman_adv: batadv0: Adding interface: batadv_slave_0
[   23.264822][ T3301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   23.290831][ T3301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   23.314356][ T3301] batman_adv: batadv0: Adding interface: batadv_slave_1
[   23.321372][ T3301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   23.347327][ T3301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   23.375604][ T3315] chnl_net:caif_netlink_parms(): no params data found
[   23.397735][ T3302] chnl_net:caif_netlink_parms(): no params data found
[   23.406398][ T3308] chnl_net:caif_netlink_parms(): no params data found
[   23.449181][ T3301] hsr_slave_0: entered promiscuous mode
[   23.455347][ T3301] hsr_slave_1: entered promiscuous mode
[   23.472298][ T3309] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.479549][ T3309] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.486702][ T3309] bridge_slave_0: entered allmulticast mode
[   23.493082][ T3309] bridge_slave_0: entered promiscuous mode
[   23.500031][ T3309] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.507087][ T3309] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.514302][ T3309] bridge_slave_1: entered allmulticast mode
[   23.520900][ T3309] bridge_slave_1: entered promiscuous mode
[   23.573925][ T3309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   23.592247][ T3302] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.599440][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.606873][ T3302] bridge_slave_0: entered allmulticast mode
[   23.613217][ T3302] bridge_slave_0: entered promiscuous mode
[   23.621203][ T3309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   23.630322][ T3315] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.637362][ T3315] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.644790][ T3315] bridge_slave_0: entered allmulticast mode
[   23.651334][ T3315] bridge_slave_0: entered promiscuous mode
[   23.659824][ T3315] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.666974][ T3315] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.674312][ T3315] bridge_slave_1: entered allmulticast mode
[   23.680829][ T3315] bridge_slave_1: entered promiscuous mode
[   23.695891][ T3302] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.702988][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.710402][ T3302] bridge_slave_1: entered allmulticast mode
[   23.716881][ T3302] bridge_slave_1: entered promiscuous mode
[   23.734900][ T3308] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.741987][ T3308] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.749273][ T3308] bridge_slave_0: entered allmulticast mode
[   23.756249][ T3308] bridge_slave_0: entered promiscuous mode
[   23.778157][ T3308] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.785285][ T3308] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.792539][ T3308] bridge_slave_1: entered allmulticast mode
[   23.798940][ T3308] bridge_slave_1: entered promiscuous mode
[   23.810033][ T3309] team0: Port device team_slave_0 added
[   23.816789][ T3302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   23.829274][ T3302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   23.839479][ T3315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   23.853567][ T3309] team0: Port device team_slave_1 added
[   23.871738][ T3315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   23.886895][ T3308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   23.912233][ T3308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   23.924687][ T3302] team0: Port device team_slave_0 added
[   23.931687][ T3302] team0: Port device team_slave_1 added
[   23.942305][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_0
[   23.949259][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   23.975410][ T3309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   24.002980][ T3315] team0: Port device team_slave_0 added
[   24.008986][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_1
[   24.016088][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   24.042168][ T3309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   24.058469][ T3308] team0: Port device team_slave_0 added
[   24.065071][ T3308] team0: Port device team_slave_1 added
[   24.076589][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_0
[   24.083599][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   24.109660][ T3302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   24.122028][ T3315] team0: Port device team_slave_1 added
[   24.141224][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_1
[   24.148261][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   24.174537][ T3302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   24.205499][ T3308] batman_adv: batadv0: Adding interface: batadv_slave_0
[   24.212538][ T3308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   24.238489][ T3308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   24.257728][ T3309] hsr_slave_0: entered promiscuous mode
[   24.263833][ T3309] hsr_slave_1: entered promiscuous mode
[   24.269591][ T3309] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   24.277208][ T3309] Cannot create hsr debugfs directory
[   24.288763][ T3308] batman_adv: batadv0: Adding interface: batadv_slave_1
[   24.295745][ T3308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   24.321738][ T3308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   24.337652][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_0
[   24.344691][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   24.371331][ T3315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   24.395263][ T3302] hsr_slave_0: entered promiscuous mode
[   24.401288][ T3302] hsr_slave_1: entered promiscuous mode
[   24.407037][ T3302] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   24.414762][ T3302] Cannot create hsr debugfs directory
[   24.425621][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_1
[   24.432631][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   24.458864][ T3315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   24.486747][ T3308] hsr_slave_0: entered promiscuous mode
[   24.492914][ T3308] hsr_slave_1: entered promiscuous mode
[   24.498710][ T3308] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   24.506296][ T3308] Cannot create hsr debugfs directory
[   24.528692][ T3301] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   24.556528][ T3301] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   24.566588][ T3315] hsr_slave_0: entered promiscuous mode
[   24.572813][ T3315] hsr_slave_1: entered promiscuous mode
[   24.578766][ T3315] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   24.586401][ T3315] Cannot create hsr debugfs directory
[   24.596535][ T3301] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   24.617737][ T3301] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   24.731040][ T3309] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   24.739802][ T3309] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   24.749151][ T3309] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   24.757979][ T3309] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   24.785638][ T3308] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   24.794585][ T3308] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   24.811708][ T3308] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   24.823008][ T3308] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   24.847416][ T3302] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   24.856220][ T3302] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   24.871172][ T3302] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   24.885708][ T3301] 8021q: adding VLAN 0 to HW filter on device bond0
[   24.893033][ T3302] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   24.921089][ T3301] 8021q: adding VLAN 0 to HW filter on device team0
[   24.935664][ T3315] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   24.949683][ T3315] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   24.959635][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.966801][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.980907][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.988047][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.996178][ T3315] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   25.005476][ T3315] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   25.020597][ T3309] 8021q: adding VLAN 0 to HW filter on device bond0
[   25.050409][ T3309] 8021q: adding VLAN 0 to HW filter on device team0
[   25.062241][ T3308] 8021q: adding VLAN 0 to HW filter on device bond0
[   25.075437][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.082586][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.099209][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.106319][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.125513][ T3308] 8021q: adding VLAN 0 to HW filter on device team0
[   25.143450][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.150651][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.179368][ T3315] 8021q: adding VLAN 0 to HW filter on device bond0
[   25.199442][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.206573][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.226623][ T3302] 8021q: adding VLAN 0 to HW filter on device bond0
[   25.239377][ T3301] 8021q: adding VLAN 0 to HW filter on device batadv0
[   25.261720][ T3315] 8021q: adding VLAN 0 to HW filter on device team0
[   25.283990][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.291194][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.299878][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.307265][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.317719][ T3302] 8021q: adding VLAN 0 to HW filter on device team0
[   25.330753][ T3309] 8021q: adding VLAN 0 to HW filter on device batadv0
[   25.343583][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.350904][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.365848][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.373080][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.388679][ T3315] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   25.399511][ T3315] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   25.511856][ T3308] 8021q: adding VLAN 0 to HW filter on device batadv0
[   25.528828][ T3315] 8021q: adding VLAN 0 to HW filter on device batadv0
[   25.564217][ T3301] veth0_vlan: entered promiscuous mode
[   25.578024][ T3302] 8021q: adding VLAN 0 to HW filter on device batadv0
[   25.590501][ T3301] veth1_vlan: entered promiscuous mode
[   25.629507][ T3301] veth0_macvtap: entered promiscuous mode
[   25.641864][ T3301] veth1_macvtap: entered promiscuous mode
[   25.672952][ T3309] veth0_vlan: entered promiscuous mode
[   25.683969][ T3301] batman_adv: batadv0: Interface activated: batadv_slave_0
[   25.696338][ T3309] veth1_vlan: entered promiscuous mode
[   25.712577][ T3301] batman_adv: batadv0: Interface activated: batadv_slave_1
[   25.729120][ T3301] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   25.737928][ T3301] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   25.746674][ T3301] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   25.755408][ T3301] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   25.771989][ T3308] veth0_vlan: entered promiscuous mode
[   25.790334][ T3302] veth0_vlan: entered promiscuous mode
[   25.798612][ T3315] veth0_vlan: entered promiscuous mode
[   25.809702][ T3309] veth0_macvtap: entered promiscuous mode
[   25.817013][ T3308] veth1_vlan: entered promiscuous mode
[   25.825763][ T3315] veth1_vlan: entered promiscuous mode
[   25.837447][ T3309] veth1_macvtap: entered promiscuous mode
[   25.844587][ T3302] veth1_vlan: entered promiscuous mode
[   25.858522][ T3302] veth0_macvtap: entered promiscuous mode
[   25.865809][ T3315] veth0_macvtap: entered promiscuous mode
[   25.881265][ T3315] veth1_macvtap: entered promiscuous mode
[   25.888300][ T3302] veth1_macvtap: entered promiscuous mode
[   25.896960][ T3301] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   25.902635][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_0
[   25.927824][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_1
[   25.937513][ T3308] veth0_macvtap: entered promiscuous mode
[   25.945431][ T3308] veth1_macvtap: entered promiscuous mode
[   25.952786][ T3302] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   25.961649][ T3302] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   25.970527][ T3302] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   25.979213][ T3302] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   25.992560][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_0
[   26.012907][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_0
[   26.027993][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_0
[   26.047116][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_1
[   26.057795][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_1
[   26.068764][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_1
[   26.079049][ T3315] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   26.087966][ T3315] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   26.096881][ T3315] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   26.105801][ T3315] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   26.120884][ T3309] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   26.129646][ T3309] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   26.138469][ T3309] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   26.147276][ T3309] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   26.161874][ T3308] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   26.170689][ T3308] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   26.179578][ T3308] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   26.188384][ T3308] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   26.214006][ T3474] loop4: detected capacity change from 0 to 256
[   26.232867][ T3474] FAT-fs (loop4): Directory bread(block 64) failed
[   26.239446][ T3474] FAT-fs (loop4): Directory bread(block 65) failed
[   26.282130][ T3474] FAT-fs (loop4): Directory bread(block 66) failed
[   26.295321][ T3474] FAT-fs (loop4): Directory bread(block 67) failed
[   26.354146][ T3474] FAT-fs (loop4): Directory bread(block 68) failed
[   26.365770][ T3474] FAT-fs (loop4): Directory bread(block 69) failed
[   26.380263][ T3474] FAT-fs (loop4): Directory bread(block 70) failed
[   26.390860][   T29] kauditd_printk_skb: 32 callbacks suppressed
[   26.390874][   T29] audit: type=1326 audit(1751570561.137:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3490 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856a98e929 code=0x7ffc0000
[   26.423412][ T3474] FAT-fs (loop4): Directory bread(block 71) failed
[   26.430025][ T3486] loop1: detected capacity change from 0 to 512
[   26.430112][ T3474] FAT-fs (loop4): Directory bread(block 72) failed
[   26.443802][ T3474] FAT-fs (loop4): Directory bread(block 73) failed
[   26.449811][ T3493] loop2: detected capacity change from 0 to 128
[   26.451883][ T3489] IPv6: Can't replace route, no match found
[   26.501405][   T29] audit: type=1326 audit(1751570561.137:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3490 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856a98e929 code=0x7ffc0000
[   26.524807][   T29] audit: type=1326 audit(1751570561.137:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3490 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f856a98e929 code=0x7ffc0000
[   26.548028][   T29] audit: type=1326 audit(1751570561.137:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3490 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856a98e929 code=0x7ffc0000
[   26.571171][   T29] audit: type=1326 audit(1751570561.137:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3490 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856a98e929 code=0x7ffc0000
[   26.594284][   T29] audit: type=1326 audit(1751570561.137:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3490 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f856a98e929 code=0x7ffc0000
[   26.618068][   T29] audit: type=1326 audit(1751570561.137:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3490 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856a98e929 code=0x7ffc0000
[   26.641584][   T29] audit: type=1326 audit(1751570561.137:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3490 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856a98e929 code=0x7ffc0000
[   26.665153][   T29] audit: type=1326 audit(1751570561.137:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3490 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f856a98e929 code=0x7ffc0000
[   26.688569][   T29] audit: type=1326 audit(1751570561.137:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3490 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856a98e929 code=0x7ffc0000
[   26.758980][ T3493] syz.2.3: attempt to access beyond end of device
[   26.758980][ T3493] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128
[   26.772466][ T3493] syz.2.3: attempt to access beyond end of device
[   26.772466][ T3493] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[   26.787150][ T3493] syz.2.3: attempt to access beyond end of device
[   26.787150][ T3493] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[   26.802761][ T3493] syz.2.3: attempt to access beyond end of device
[   26.802761][ T3493] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[   26.821075][ T3493] syz.2.3: attempt to access beyond end of device
[   26.821075][ T3493] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128
[   26.834702][ T3493] syz.2.3: attempt to access beyond end of device
[   26.834702][ T3493] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[   26.848425][ T3493] syz.2.3: attempt to access beyond end of device
[   26.848425][ T3493] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128
[   26.867284][ T3506] Illegal XDP return value 4294967294 on prog  (id 15) dev N/A, expect packet loss!
[   26.885812][ T3506] loop1: detected capacity change from 0 to 2048
[   26.905774][ T3493] syz.2.3: attempt to access beyond end of device
[   26.905774][ T3493] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[   26.920473][ T3493] syz.2.3: attempt to access beyond end of device
[   26.920473][ T3493] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[   26.935201][ T3493] syz.2.3: attempt to access beyond end of device
[   26.935201][ T3493] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128
[   26.952866][ T3506] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   26.956043][ T3501] loop0: detected capacity change from 0 to 1024
[   26.976480][ T3501] EXT4-fs: Ignoring removed nomblk_io_submit option
[   27.006218][ T3501] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   27.019010][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   27.040726][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   27.136073][ T3527] loop0: detected capacity change from 0 to 2048
[   27.173391][ T3527] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   27.183851][ T3525] loop4: detected capacity change from 0 to 8192
[   27.202340][ T3525] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   27.229025][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   27.349523][ T3533] loop0: detected capacity change from 0 to 512
[   27.363911][ T3533] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   27.377162][ T3533] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   27.397779][ T3533] EXT4-fs (loop0): 1 truncate cleaned up
[   27.403900][ T3533] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   27.630363][    C1] hrtimer: interrupt took 27216 ns
[   27.735452][ T3560] syz.3.23 uses obsolete (PF_INET,SOCK_PACKET)
[   27.764695][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   27.807220][ T3560] loop3: detected capacity change from 0 to 2048
[   27.937221][ T3562] netlink: 240 bytes leftover after parsing attributes in process `syz.2.25'.
[   27.985075][ T3556] program syz.3.23 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   28.190719][ T3556] syz.3.23 (3556) used greatest stack depth: 10824 bytes left
[   28.455743][ T3573] loop1: detected capacity change from 0 to 1024
[   28.462915][ T3573] EXT4-fs: Ignoring removed nomblk_io_submit option
[   28.494177][ T3573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   28.520387][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   28.662980][ T3590] loop0: detected capacity change from 0 to 1024
[   28.679789][ T3590] EXT4-fs: Ignoring removed orlov option
[   28.714787][ T3590] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   28.740971][ T3592] mmap: syz.2.32 (3592) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   28.868502][ T3600] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   28.887292][ T3600] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   29.015125][ T3606] loop2: detected capacity change from 0 to 1024
[   29.020061][ T3598] syz.0.33 (3598) used greatest stack depth: 10784 bytes left
[   29.022346][ T3606] EXT4-fs: Ignoring removed nomblk_io_submit option
[   29.062260][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   29.062609][ T3606] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   29.084344][ T3608] loop1: detected capacity change from 0 to 1024
[   29.115744][ T3612] loop3: detected capacity change from 0 to 2048
[   29.122633][ T3608] EXT4-fs: Ignoring removed nomblk_io_submit option
[   29.160873][ T3614] netlink: 96 bytes leftover after parsing attributes in process `syz.0.41'.
[   29.171749][ T3614] vhci_hcd: invalid port number 236
[   29.177603][ T3608] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   29.178125][ T3612] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   29.223986][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   29.243552][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   29.323636][ T3625] loop2: detected capacity change from 0 to 1024
[   29.341365][ T3628] af_packet: tpacket_rcv: packet too big, clamped from 122 to 4294967286. macoff=82
[   29.357104][ T3625] EXT4-fs: Ignoring removed nomblk_io_submit option
[   29.401422][ T3628] loop4: detected capacity change from 0 to 164
[   29.434009][ T3628] process 'syz.4.46' launched '/dev/fd/4' with NULL argv: empty string added
[   29.448785][ T3625] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   29.551051][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   29.581626][ T3638] loop0: detected capacity change from 0 to 1024
[   29.629069][ T3638] EXT4-fs: Ignoring removed nomblk_io_submit option
[   29.634642][ T3640] loop1: detected capacity change from 0 to 1024
[   29.635225][ T3640] EXT4-fs: Ignoring removed orlov option
[   29.639783][ T3640] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   29.668031][ T3638] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   29.778384][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   29.830466][ T3652] loop0: detected capacity change from 0 to 2048
[   29.852258][ T3652] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   29.924172][ T3658] loop2: detected capacity change from 0 to 1024
[   29.954714][ T3650] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm GPL: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   30.004757][ T3658] EXT4-fs: Ignoring removed nomblk_io_submit option
[   30.084127][ T3658] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   30.093387][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.155769][ T3665] loop1: detected capacity change from 0 to 512
[   30.169240][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.185663][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.212602][ T3665] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   30.240394][ T3667] loop2: detected capacity change from 0 to 256
[   30.267261][ T3671] loop3: detected capacity change from 0 to 2048
[   30.276164][ T3665] EXT4-fs (loop1): mount failed
[   30.314314][ T3671] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   30.403836][ T3677] loop1: detected capacity change from 0 to 1024
[   30.422661][ T3677] EXT4-fs: Ignoring removed nomblk_io_submit option
[   30.463952][ T3677] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   30.478139][ T3684] loop2: detected capacity change from 0 to 1024
[   30.505978][ T3684] EXT4-fs: Ignoring removed nomblk_io_submit option
[   30.525600][ T3684] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   30.557709][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.608124][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.657442][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.667813][ T3691] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   30.678021][ T3691] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   30.739236][ T3693] FAULT_INJECTION: forcing a failure.
[   30.739236][ T3693] name failslab, interval 1, probability 0, space 0, times 1
[   30.752678][ T3693] CPU: 0 UID: 0 PID: 3693 Comm: syz.2.65 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   30.752705][ T3693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   30.752718][ T3693] Call Trace:
[   30.752723][ T3693]  <TASK>
[   30.752728][ T3693]  __dump_stack+0x1d/0x30
[   30.752752][ T3693]  dump_stack_lvl+0xe8/0x140
[   30.752772][ T3693]  dump_stack+0x15/0x1b
[   30.752789][ T3693]  should_fail_ex+0x265/0x280
[   30.752815][ T3693]  ? __pfx_cgroup_show_path+0x10/0x10
[   30.752841][ T3693]  ? cgroup_show_path+0x6a/0x2b0
[   30.752885][ T3693]  should_failslab+0x8c/0xb0
[   30.752919][ T3693]  __kmalloc_cache_noprof+0x4c/0x320
[   30.752941][ T3693]  ? __pfx_cgroup_show_path+0x10/0x10
[   30.752994][ T3693]  cgroup_show_path+0x6a/0x2b0
[   30.753095][ T3693]  ? kernfs_sop_show_path+0xa4/0xf0
[   30.753120][ T3693]  ? __pfx_cgroup_show_path+0x10/0x10
[   30.753148][ T3693]  kernfs_sop_show_path+0xb3/0xf0
[   30.753211][ T3693]  ? __pfx_kernfs_sop_show_path+0x10/0x10
[   30.753235][ T3693]  show_path+0x5a/0x80
[   30.753260][ T3693]  show_mountinfo+0xdf/0x620
[   30.753282][ T3693]  m_show+0x3e/0x50
[   30.753305][ T3693]  traverse+0x144/0x3a0
[   30.753330][ T3693]  seq_lseek+0xb5/0x170
[   30.753355][ T3693]  __x64_sys_lseek+0xe8/0x160
[   30.753389][ T3693]  x64_sys_call+0x2d2a/0x2fb0
[   30.753410][ T3693]  do_syscall_64+0xd2/0x200
[   30.753430][ T3693]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   30.753473][ T3693]  ? clear_bhb_loop+0x40/0x90
[   30.753494][ T3693]  ? clear_bhb_loop+0x40/0x90
[   30.753560][ T3693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   30.753576][ T3693] RIP: 0033:0x7f75c675e929
[   30.753592][ T3693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   30.753636][ T3693] RSP: 002b:00007f75c4dc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008
[   30.753655][ T3693] RAX: ffffffffffffffda RBX: 00007f75c6985fa0 RCX: 00007f75c675e929
[   30.753666][ T3693] RDX: 0000000000000000 RSI: 0000000000010001 RDI: 0000000000000007
[   30.753678][ T3693] RBP: 00007f75c4dc7090 R08: 0000000000000000 R09: 0000000000000000
[   30.753691][ T3693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   30.753703][ T3693] R13: 0000000000000000 R14: 00007f75c6985fa0 R15: 00007ffe1d1436e8
[   30.753722][ T3693]  </TASK>
[   31.016420][ T3700] loop4: detected capacity change from 0 to 1024
[   31.024470][ T3700] EXT4-fs: Ignoring removed nomblk_io_submit option
[   31.042465][ T3700] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.101401][ T3708] =======================================================
[   31.101401][ T3708] WARNING: The mand mount option has been deprecated and
[   31.101401][ T3708]          and is ignored by this kernel. Remove the mand
[   31.101401][ T3708]          option from the mount to silence this warning.
[   31.101401][ T3708] =======================================================
[   31.112865][ T3710] loop0: detected capacity change from 0 to 1024
[   31.137436][ T3708] cgroup: noprefix used incorrectly
[   31.152693][ T3711] loop1: detected capacity change from 0 to 512
[   31.159508][ T3711] EXT4-fs: Ignoring removed oldalloc option
[   31.160951][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.170554][ T3710] EXT4-fs: Ignoring removed orlov option
[   31.190457][ T3711] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.69: Parent and EA inode have the same ino 15
[   31.209607][ T3711] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   31.223123][ T3711] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.69: Parent and EA inode have the same ino 15
[   31.235690][ T3711] EXT4-fs (loop1): 1 orphan inode deleted
[   31.242121][ T3711] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.256604][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.267370][ T3710] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   31.289564][ T3717] loop2: detected capacity change from 0 to 1024
[   31.300124][ T3717] EXT4-fs: Ignoring removed nomblk_io_submit option
[   31.325529][ T3717] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.348387][ T3724] loop4: detected capacity change from 0 to 512
[   31.366186][ T3725] loop3: detected capacity change from 0 to 8192
[   31.379325][ T3725] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   31.391201][ T3724] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   31.404437][ T3724] EXT4-fs (loop4): 1 truncate cleaned up
[   31.416863][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.426986][ T3724] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.588998][ T3732] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm GPL: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   31.652490][ T3740] loop3: detected capacity change from 0 to 256
[   31.658876][   T29] kauditd_printk_skb: 528 callbacks suppressed
[   31.658888][   T29] audit: type=1400 audit(1751570566.397:641): avc:  denied  { create } for  pid=3741 comm="syz.2.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   31.688944][   T29] audit: type=1400 audit(1751570566.397:642): avc:  denied  { setopt } for  pid=3741 comm="syz.2.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   31.711550][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.735563][ T3744] loop2: detected capacity change from 0 to 512
[   31.742843][ T3744] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   31.755747][ T3746] FAULT_INJECTION: forcing a failure.
[   31.755747][ T3746] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   31.768980][ T3746] CPU: 0 UID: 0 PID: 3746 Comm: syz.4.85 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   31.769046][ T3746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   31.769056][ T3746] Call Trace:
[   31.769062][ T3746]  <TASK>
[   31.769069][ T3746]  __dump_stack+0x1d/0x30
[   31.769097][ T3746]  dump_stack_lvl+0xe8/0x140
[   31.769113][ T3746]  dump_stack+0x15/0x1b
[   31.769128][ T3746]  should_fail_ex+0x265/0x280
[   31.769173][ T3746]  should_fail+0xb/0x20
[   31.769197][ T3746]  should_fail_usercopy+0x1a/0x20
[   31.769223][ T3746]  _copy_from_user+0x1c/0xb0
[   31.769259][ T3746]  do_tcp_setsockopt+0x41c/0x1670
[   31.769289][ T3746]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[   31.769311][ T3746]  tcp_setsockopt+0x51/0xb0
[   31.769401][ T3746]  sock_common_setsockopt+0x69/0x80
[   31.769422][ T3746]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   31.769462][ T3746]  smc_setsockopt+0x183/0x750
[   31.769484][ T3746]  ? __pfx_smc_setsockopt+0x10/0x10
[   31.769505][ T3746]  __sys_setsockopt+0x184/0x200
[   31.769532][ T3746]  __x64_sys_setsockopt+0x64/0x80
[   31.769618][ T3746]  x64_sys_call+0x2bd5/0x2fb0
[   31.769639][ T3746]  do_syscall_64+0xd2/0x200
[   31.769655][ T3746]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   31.769676][ T3746]  ? clear_bhb_loop+0x40/0x90
[   31.769697][ T3746]  ? clear_bhb_loop+0x40/0x90
[   31.769775][ T3746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   31.769796][ T3746] RIP: 0033:0x7f7f23f3e929
[   31.769811][ T3746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   31.769825][ T3746] RSP: 002b:00007f7f225a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   31.769842][ T3746] RAX: ffffffffffffffda RBX: 00007f7f24165fa0 RCX: 00007f7f23f3e929
[   31.769853][ T3746] RDX: 0000000000000003 RSI: 0000000000000006 RDI: 0000000000000003
[   31.769863][ T3746] RBP: 00007f7f225a7090 R08: 0000000000000004 R09: 0000000000000000
[   31.769883][ T3746] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   31.769896][ T3746] R13: 0000000000000000 R14: 00007f7f24165fa0 R15: 00007ffed01f90b8
[   31.769913][ T3746]  </TASK>
[   31.986995][ T3744] EXT4-fs (loop2): 1 truncate cleaned up
[   32.010426][ T3744] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.073070][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.091362][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.134524][ T3764] netlink: 24 bytes leftover after parsing attributes in process `syz.1.92'.
[   32.143497][   T29] audit: type=1400 audit(1751570566.877:643): avc:  denied  { read } for  pid=3763 comm="syz.1.92" dev="nsfs" ino=4026532647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   32.164592][   T29] audit: type=1400 audit(1751570566.877:644): avc:  denied  { open } for  pid=3763 comm="syz.1.92" path="net:[4026532647]" dev="nsfs" ino=4026532647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   32.187717][   T29] audit: type=1400 audit(1751570566.877:645): avc:  denied  { ioctl } for  pid=3763 comm="syz.1.92" path="socket:[5373]" dev="sockfs" ino=5373 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   32.222086][ T3764] netlink: 48 bytes leftover after parsing attributes in process `syz.1.92'.
[   32.279728][   T29] audit: type=1326 audit(1751570566.977:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3770 comm="syz.3.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   32.302931][   T29] audit: type=1326 audit(1751570566.977:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3770 comm="syz.3.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   32.309518][ T3781] loop0: detected capacity change from 0 to 1024
[   32.326112][   T29] audit: type=1326 audit(1751570566.977:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3770 comm="syz.3.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   32.326138][   T29] audit: type=1326 audit(1751570566.977:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3770 comm="syz.3.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   32.378875][   T29] audit: type=1326 audit(1751570566.977:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3770 comm="syz.3.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   32.410319][ T3781] EXT4-fs: Ignoring removed orlov option
[   32.422840][ T3784] loop3: detected capacity change from 0 to 128
[   32.465241][ T3781] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.493682][ T3784] bio_check_eod: 55 callbacks suppressed
[   32.493697][ T3784] syz.3.99: attempt to access beyond end of device
[   32.493697][ T3784] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[   32.514301][ T3784] syz.3.99: attempt to access beyond end of device
[   32.514301][ T3784] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128
[   32.527690][ T3784] syz.3.99: attempt to access beyond end of device
[   32.527690][ T3784] loop3: rw=2049, sector=185, nr_sectors = 8 limit=128
[   32.541155][ T3784] syz.3.99: attempt to access beyond end of device
[   32.541155][ T3784] loop3: rw=2049, sector=201, nr_sectors = 8 limit=128
[   32.554757][ T3784] syz.3.99: attempt to access beyond end of device
[   32.554757][ T3784] loop3: rw=2049, sector=217, nr_sectors = 8 limit=128
[   32.568648][ T3784] syz.3.99: attempt to access beyond end of device
[   32.568648][ T3784] loop3: rw=2049, sector=233, nr_sectors = 8 limit=128
[   32.570143][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.583394][ T3784] syz.3.99: attempt to access beyond end of device
[   32.583394][ T3784] loop3: rw=2049, sector=249, nr_sectors = 8 limit=128
[   32.605285][ T3784] syz.3.99: attempt to access beyond end of device
[   32.605285][ T3784] loop3: rw=2049, sector=265, nr_sectors = 8 limit=128
[   32.618825][ T3784] syz.3.99: attempt to access beyond end of device
[   32.618825][ T3784] loop3: rw=2049, sector=281, nr_sectors = 8 limit=128
[   32.632135][ T3784] syz.3.99: attempt to access beyond end of device
[   32.632135][ T3784] loop3: rw=2049, sector=297, nr_sectors = 8 limit=128
[   32.791214][ T3803] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   32.823399][ T3803] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   32.855694][ T3795] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm GPL: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   32.972665][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.041881][ T3815] loop3: detected capacity change from 0 to 1024
[   33.066783][ T3815] EXT4-fs: Ignoring removed nomblk_io_submit option
[   33.101109][ T3817] loop0: detected capacity change from 0 to 8192
[   33.176532][ T3817] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   33.204844][ T3815] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.218862][ T3825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.114'.
[   33.271027][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.319502][ T3834] 9pnet_virtio: no channels available for device 127.0.0.1
[   33.332496][ T3839] loop3: detected capacity change from 0 to 1024
[   33.339175][ T3839] EXT4-fs: Ignoring removed orlov option
[   33.354412][ T3834] loop4: detected capacity change from 0 to 2048
[   33.361778][ T3834] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   33.399552][ T3839] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.613320][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.673425][ T3847] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   33.683112][ T3847] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   33.713839][ T3849] FAULT_INJECTION: forcing a failure.
[   33.713839][ T3849] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   33.726975][ T3849] CPU: 1 UID: 0 PID: 3849 Comm: syz.1.121 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   33.727059][ T3849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   33.727069][ T3849] Call Trace:
[   33.727075][ T3849]  <TASK>
[   33.727083][ T3849]  __dump_stack+0x1d/0x30
[   33.727102][ T3849]  dump_stack_lvl+0xe8/0x140
[   33.727120][ T3849]  dump_stack+0x15/0x1b
[   33.727168][ T3849]  should_fail_ex+0x265/0x280
[   33.727193][ T3849]  should_fail+0xb/0x20
[   33.727331][ T3849]  should_fail_usercopy+0x1a/0x20
[   33.727359][ T3849]  _copy_from_user+0x1c/0xb0
[   33.727376][ T3849]  ____sys_sendmsg+0x1c5/0x4e0
[   33.727472][ T3849]  ___sys_sendmsg+0x17b/0x1d0
[   33.727509][ T3849]  __x64_sys_sendmsg+0xd4/0x160
[   33.727537][ T3849]  x64_sys_call+0x2999/0x2fb0
[   33.727593][ T3849]  do_syscall_64+0xd2/0x200
[   33.727608][ T3849]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   33.727630][ T3849]  ? clear_bhb_loop+0x40/0x90
[   33.727758][ T3849]  ? clear_bhb_loop+0x40/0x90
[   33.727777][ T3849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   33.727794][ T3849] RIP: 0033:0x7f9fb1e8e929
[   33.727856][ T3849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   33.727871][ T3849] RSP: 002b:00007f9fb04f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   33.727890][ T3849] RAX: ffffffffffffffda RBX: 00007f9fb20b5fa0 RCX: 00007f9fb1e8e929
[   33.727902][ T3849] RDX: 0000000000000004 RSI: 0000200000001000 RDI: 0000000000000006
[   33.727914][ T3849] RBP: 00007f9fb04f7090 R08: 0000000000000000 R09: 0000000000000000
[   33.727996][ T3849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   33.728008][ T3849] R13: 0000000000000000 R14: 00007f9fb20b5fa0 R15: 00007ffd17e03ae8
[   33.728026][ T3849]  </TASK>
[   33.952126][ T3825] syz.2.114 (3825) used greatest stack depth: 10192 bytes left
[   33.986091][ T3854] 9pnet_fd: Insufficient options for proto=fd
[   34.094298][ T3866] loop3: detected capacity change from 0 to 1024
[   34.096129][ T3870] loop2: detected capacity change from 0 to 1024
[   34.119252][ T3866] EXT4-fs: Ignoring removed orlov option
[   34.126504][ T3870] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.157560][ T3866] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.190042][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.209538][ T3883] netlink: 24 bytes leftover after parsing attributes in process `syz.2.135'.
[   34.257163][ T3883] netlink: 48 bytes leftover after parsing attributes in process `syz.2.135'.
[   34.276501][ T3887] loop4: detected capacity change from 0 to 256
[   34.320187][ T3887] FAT-fs (loop4): Directory bread(block 64) failed
[   34.328942][ T3887] FAT-fs (loop4): Directory bread(block 65) failed
[   34.363029][ T3887] FAT-fs (loop4): Directory bread(block 66) failed
[   34.390020][ T3887] FAT-fs (loop4): Directory bread(block 67) failed
[   34.396795][ T3887] FAT-fs (loop4): Directory bread(block 68) failed
[   34.420388][ T3887] FAT-fs (loop4): Directory bread(block 69) failed
[   34.431416][ T3889] loop2: detected capacity change from 0 to 8192
[   34.448218][ T3887] FAT-fs (loop4): Directory bread(block 70) failed
[   34.451036][ T3889] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   34.462967][ T3887] FAT-fs (loop4): Directory bread(block 71) failed
[   34.507756][ T3887] FAT-fs (loop4): Directory bread(block 72) failed
[   34.517737][ T3887] FAT-fs (loop4): Directory bread(block 73) failed
[   34.529344][ T3891] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm GPL: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   34.546483][ T3887] capability: warning: `syz.4.136' uses deprecated v2 capabilities in a way that may be insecure
[   34.655934][ T3901] loop4: detected capacity change from 0 to 2048
[   34.685026][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.693444][ T3901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.762275][ T3912] loop3: detected capacity change from 0 to 512
[   34.782082][ T3912] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   34.798466][ T3912] EXT4-fs (loop3): mount failed
[   34.825860][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.892662][ T3920] loop4: detected capacity change from 0 to 8192
[   34.902952][ T3920] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   35.146475][ T3944] loop0: detected capacity change from 0 to 512
[   35.153556][ T3944] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   35.164952][ T3944] EXT4-fs (loop0): 1 truncate cleaned up
[   35.171177][ T3944] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.226026][ T3947] loop2: detected capacity change from 0 to 512
[   35.248111][ T3947] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   35.261631][ T3947] EXT4-fs (loop2): 1 truncate cleaned up
[   35.268081][ T3947] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.290804][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.377891][ T3952] 9pnet_virtio: no channels available for device 127.0.0.1
[   35.395109][ T3952] loop0: detected capacity change from 0 to 2048
[   35.405087][ T3952] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   35.436125][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.479997][ T3961] loop0: detected capacity change from 0 to 1024
[   35.486894][ T3961] EXT4-fs: Ignoring removed nomblk_io_submit option
[   35.501567][ T3961] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.524475][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.566347][ T3968] loop0: detected capacity change from 0 to 1024
[   35.575577][ T3968] EXT4-fs: Ignoring removed nomblk_io_submit option
[   35.604515][ T3968] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.628315][ T3974] loop2: detected capacity change from 0 to 1024
[   35.635408][ T3974] EXT4-fs: Ignoring removed nomblk_io_submit option
[   35.657623][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.661514][ T3974] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.689119][ T3980] loop1: detected capacity change from 0 to 2048
[   35.711554][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.734243][ T3980] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.780589][ T3984] loop0: detected capacity change from 0 to 512
[   35.814414][ T3984] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   35.930387][ T3984] EXT4-fs (loop0): 1 truncate cleaned up
[   35.936490][ T3984] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.975467][ T4001] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   35.988434][ T3999] netlink: 8 bytes leftover after parsing attributes in process `syz.3.176'.
[   36.054450][ T4001] netlink: 40 bytes leftover after parsing attributes in process `syz.4.177'.
[   36.193149][ T4005] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4005 comm=syz.4.179
[   36.208558][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.282159][ T4009] loop4: detected capacity change from 0 to 1024
[   36.312627][ T4011] loop0: detected capacity change from 0 to 512
[   36.312652][ T4009] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.332003][ T4011] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   36.343156][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.353786][ T4011] EXT4-fs (loop0): orphan cleanup on readonly fs
[   36.360901][ T4011] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.182: bad orphan inode 458763
[   36.373634][ T4011] EXT4-fs (loop0): Remounting filesystem read-only
[   36.381625][ T4011] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   36.570405][ T4025] loop4: detected capacity change from 0 to 1024
[   36.592361][ T4025] EXT4-fs: Ignoring removed orlov option
[   36.604664][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.627787][ T4025] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.658546][ T4033] loop1: detected capacity change from 0 to 128
[   36.799665][   T29] kauditd_printk_skb: 817 callbacks suppressed
[   36.799677][   T29] audit: type=1400 audit(1751570571.537:1463): avc:  denied  { block_suspend } for  pid=4037 comm="syz.3.191" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   36.888322][ T4044] xt_CT: You must specify a L4 protocol and not use inversions on it
[   36.897352][ T4044] openvswitch: netlink: Message has 6 unknown bytes.
[   36.908017][ T4044] netlink: 8 bytes leftover after parsing attributes in process `syz.1.193'.
[   36.921831][ T4044] bridge0: port 3(macvlan2) entered blocking state
[   36.928396][ T4044] bridge0: port 3(macvlan2) entered disabled state
[   36.935901][ T4044] macvlan2: entered allmulticast mode
[   36.941357][ T4044] bridge0: entered allmulticast mode
[   36.948891][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.968054][ T4044] macvlan2: left allmulticast mode
[   36.973349][ T4044] bridge0: left allmulticast mode
[   36.981081][ T4048] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   36.990789][ T4048] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   37.047586][ T4053] loop4: detected capacity change from 0 to 2048
[   37.149857][ T4053] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.177212][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.214089][   T29] audit: type=1400 audit(1751570571.957:1464): avc:  denied  { write } for  pid=4065 comm="syz.0.202" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   37.342637][   T29] audit: type=1400 audit(1751570571.997:1465): avc:  denied  { ioctl } for  pid=4050 comm="syz.2.196" path="/dev/mISDNtimer" dev="devtmpfs" ino=249 ioctlcmd=0x4940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   37.367548][   T29] audit: type=1400 audit(1751570572.087:1466): avc:  denied  { bind } for  pid=4065 comm="syz.0.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   37.394223][ T4066] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.414767][ T4064] loop1: detected capacity change from 0 to 2048
[   37.474144][ T4066] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.563956][ T4064] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.578801][ T4066] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.583396][   T29] audit: type=1326 audit(1751570572.317:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb1e8e929 code=0x7ffc0000
[   37.612782][   T29] audit: type=1326 audit(1751570572.317:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fb1e8e929 code=0x7ffc0000
[   37.636685][   T29] audit: type=1326 audit(1751570572.317:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9fb1e8e929 code=0x7ffc0000
[   37.660031][   T29] audit: type=1326 audit(1751570572.317:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9fb1e8e963 code=0x7ffc0000
[   37.683181][   T29] audit: type=1326 audit(1751570572.317:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9fb1e8d3df code=0x7ffc0000
[   37.706360][   T29] audit: type=1326 audit(1751570572.317:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.1.201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f9fb1e8e9b7 code=0x7ffc0000
[   37.784226][ T4066] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.796300][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.840605][ T4066] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   37.851945][ T4066] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   37.888773][ T4066] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   37.960909][ T4066] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   37.996109][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.040356][ T4087] loop4: detected capacity change from 0 to 512
[   38.055536][ T4087] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   38.073434][ T4087] EXT4-fs (loop4): 1 truncate cleaned up
[   38.099859][ T4087] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.217635][ T4093] loop0: detected capacity change from 0 to 8192
[   38.237020][ T4093] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   38.239464][ T4097] loop3: detected capacity change from 0 to 8192
[   38.292234][ T4101] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4101 comm=syz.1.214
[   38.322097][ T4097] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   38.370875][ T4105] loop1: detected capacity change from 0 to 1024
[   38.380915][ T4105] EXT4-fs: Ignoring removed nomblk_io_submit option
[   38.401507][ T4105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.422041][ T4098] tipc: Started in network mode
[   38.426991][ T4098] tipc: Node identity ac14140f, cluster identity 4711
[   38.434052][ T4098] tipc: New replicast peer: 255.255.255.255
[   38.435155][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.440245][ T4098] tipc: Enabled bearer <udp:syz2>, priority 10
[   38.469656][ T4113] loop1: detected capacity change from 0 to 1024
[   38.477278][ T4113] EXT4-fs: Ignoring removed nomblk_io_submit option
[   38.491449][ T4113] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.515293][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.526713][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.719799][ T4128] loop1: detected capacity change from 0 to 1024
[   38.728721][ T4128] EXT4-fs: Ignoring removed orlov option
[   38.745079][ T4128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.838443][ T4132] loop2: detected capacity change from 0 to 1024
[   38.853163][ T4132] EXT4-fs: Ignoring removed nobh option
[   38.858776][ T4132] EXT4-fs: Ignoring removed bh option
[   38.865401][ T4132] EXT4-fs (loop2): stripe (32769) is not aligned with cluster size (16), stripe is disabled
[   38.884377][ T4132] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.938614][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.988486][ T4133] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm GPL: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   39.029862][ T4141] __nla_validate_parse: 6 callbacks suppressed
[   39.029876][ T4141] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   39.045106][ T4141] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   39.064893][ T4139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.079349][ T4139] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.119196][ T4145] loop0: detected capacity change from 0 to 1024
[   39.140425][ T4145] EXT4-fs: Ignoring removed nomblk_io_submit option
[   39.154608][ T4147] loop4: detected capacity change from 0 to 1024
[   39.164531][ T4145] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.165831][ T4147] EXT4-fs: Ignoring removed nomblk_io_submit option
[   39.201416][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.201663][ T4147] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.234653][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.261580][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.291962][ T4157] loop1: detected capacity change from 0 to 1024
[   39.305490][ T4157] EXT4-fs: Ignoring removed nomblk_io_submit option
[   39.343446][ T4157] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.402936][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.415902][ T4170] loop3: detected capacity change from 0 to 256
[   39.459826][ T4172] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   39.472454][ T4172] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   39.488538][ T4174] xt_CT: No such helper "pptp"
[   39.514576][ T4178] loop3: detected capacity change from 0 to 512
[   39.534963][ T4180] loop0: detected capacity change from 0 to 2048
[   39.547292][ T4182] FAULT_INJECTION: forcing a failure.
[   39.547292][ T4182] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   39.552118][ T4180] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.560425][ T4182] CPU: 0 UID: 0 PID: 4182 Comm: syz.1.240 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   39.560453][ T4182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   39.560472][ T4182] Call Trace:
[   39.560478][ T4182]  <TASK>
[   39.560487][ T4182]  __dump_stack+0x1d/0x30
[   39.560509][ T4182]  dump_stack_lvl+0xe8/0x140
[   39.560528][ T4182]  dump_stack+0x15/0x1b
[   39.560543][ T4182]  should_fail_ex+0x265/0x280
[   39.560571][ T4182]  should_fail+0xb/0x20
[   39.560600][ T4182]  should_fail_usercopy+0x1a/0x20
[   39.560629][ T4182]  _copy_from_iter+0xcf/0xe40
[   39.560709][ T4182]  ? __build_skb_around+0x1a0/0x200
[   39.560766][ T4182]  ? __alloc_skb+0x223/0x320
[   39.560793][ T4182]  netlink_sendmsg+0x471/0x6b0
[   39.560814][ T4182]  ? __pfx_netlink_sendmsg+0x10/0x10
[   39.560833][ T4182]  __sock_sendmsg+0x145/0x180
[   39.560900][ T4182]  ____sys_sendmsg+0x31e/0x4e0
[   39.561006][ T4182]  ___sys_sendmsg+0x17b/0x1d0
[   39.561070][ T4182]  __x64_sys_sendmsg+0xd4/0x160
[   39.561102][ T4182]  x64_sys_call+0x2999/0x2fb0
[   39.561122][ T4182]  do_syscall_64+0xd2/0x200
[   39.561140][ T4182]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   39.561233][ T4182]  ? clear_bhb_loop+0x40/0x90
[   39.561253][ T4182]  ? clear_bhb_loop+0x40/0x90
[   39.561278][ T4182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.561298][ T4182] RIP: 0033:0x7f9fb1e8e929
[   39.561313][ T4182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.561364][ T4182] RSP: 002b:00007f9fb04f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   39.561384][ T4182] RAX: ffffffffffffffda RBX: 00007f9fb20b5fa0 RCX: 00007f9fb1e8e929
[   39.561429][ T4182] RDX: 0000000024040084 RSI: 0000200000006040 RDI: 0000000000000006
[   39.561442][ T4182] RBP: 00007f9fb04f7090 R08: 0000000000000000 R09: 0000000000000000
[   39.561454][ T4182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.561466][ T4182] R13: 0000000000000000 R14: 00007f9fb20b5fa0 R15: 00007ffd17e03ae8
[   39.561484][ T4182]  </TASK>
[   39.620067][ T4178] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.623182][ T3352] tipc: Node number set to 2886997007
[   39.629504][ T4178] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.648145][ T4188] netlink: 24 bytes leftover after parsing attributes in process `syz.1.241'.
[   39.759764][ T4194] loop4: detected capacity change from 0 to 1024
[   39.779351][ T4190] loop2: detected capacity change from 0 to 128
[   39.817430][ T4194] EXT4-fs: Ignoring removed nomblk_io_submit option
[   39.848269][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.891766][ T4194] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.991968][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.015796][ T4211] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   40.030342][ T4211] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   40.051736][ T4215] loop0: detected capacity change from 0 to 1024
[   40.070535][ T4215] EXT4-fs: Ignoring removed orlov option
[   40.091038][ T4215] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.129193][ T4219] loop1: detected capacity change from 0 to 1024
[   40.174311][ T4219] EXT4-fs: Ignoring removed orlov option
[   40.189336][ T4219] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.240470][ T4227] netlink: 24 bytes leftover after parsing attributes in process `syz.4.254'.
[   40.352301][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.436803][ T4234] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm GPL: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   40.548451][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.561371][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.734100][ T4253] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   40.743653][ T4253] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   41.011006][ T4266] loop1: detected capacity change from 0 to 8192
[   41.027081][ T4266] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   41.045947][ T4268] loop2: detected capacity change from 0 to 1024
[   41.059005][ T4268] EXT4-fs: Ignoring removed orlov option
[   41.072354][ T4268] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.284916][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.334551][ T4283] netlink: 8 bytes leftover after parsing attributes in process `syz.2.276'.
[   41.350704][ T4283] ip6gre1: entered allmulticast mode
[   41.367823][ T4285] loop3: detected capacity change from 0 to 512
[   41.375926][ T4285] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   41.390566][ T4285] EXT4-fs (loop3): orphan cleanup on readonly fs
[   41.397011][ T4285] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.277: bad orphan inode 458763
[   41.408757][ T4285] EXT4-fs (loop3): Remounting filesystem read-only
[   41.415495][ T4287] loop4: detected capacity change from 0 to 512
[   41.423312][ T4287] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   41.423418][ T4289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   41.440959][ T4287] EXT4-fs (loop4): orphan cleanup on readonly fs
[   41.442676][ T4285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   41.447957][ T4287] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.278: bad orphan inode 458763
[   41.459993][ T4289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   41.480802][ T4287] EXT4-fs (loop4): Remounting filesystem read-only
[   41.487762][ T4287] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   41.556058][ T4295] loop0: detected capacity change from 0 to 1024
[   41.563607][ T4295] EXT4-fs: Ignoring removed nomblk_io_submit option
[   41.581624][ T4295] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.609776][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.924661][ T4304] loop1: detected capacity change from 0 to 2048
[   41.933736][ T4306] loop0: detected capacity change from 0 to 2048
[   41.953372][ T4304] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.955190][ T4306] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.993147][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.027147][ T4312] loop0: detected capacity change from 0 to 512
[   42.038356][ T4312] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   42.049616][ T4312] EXT4-fs (loop0): 1 truncate cleaned up
[   42.056526][ T4312] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.203196][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.247768][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.258922][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.290515][ T4320] loop4: detected capacity change from 0 to 1024
[   42.297761][ T4320] EXT4-fs: Ignoring removed nomblk_io_submit option
[   42.315393][ T4320] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.408942][ T4326] loop4: detected capacity change from 0 to 1024
[   42.416099][ T4326] EXT4-fs: Ignoring removed orlov option
[   42.737837][   T29] kauditd_printk_skb: 594 callbacks suppressed
[   42.737853][   T29] audit: type=1326 audit(1751570577.477:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f23f3e929 code=0x7ffc0000
[   42.744289][ T4337] loop4: detected capacity change from 0 to 1024
[   42.746247][ T4337] EXT4-fs: Ignoring removed nomblk_io_submit option
[   42.775267][   T29] audit: type=1326 audit(1751570577.477:2062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f7f23f3e929 code=0x7ffc0000
[   42.804225][   T29] audit: type=1326 audit(1751570577.477:2063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f23f3e929 code=0x7ffc0000
[   42.827724][   T29] audit: type=1326 audit(1751570577.477:2064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f23f3e929 code=0x7ffc0000
[   42.851059][   T29] audit: type=1326 audit(1751570577.477:2065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f7f23f3e929 code=0x7ffc0000
[   42.874364][   T29] audit: type=1326 audit(1751570577.477:2066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f23f3e929 code=0x7ffc0000
[   42.897699][   T29] audit: type=1326 audit(1751570577.477:2067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7f23f3e929 code=0x7ffc0000
[   42.921202][   T29] audit: type=1326 audit(1751570577.477:2068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f23f3e929 code=0x7ffc0000
[   42.944597][   T29] audit: type=1326 audit(1751570577.477:2069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7f23f3e929 code=0x7ffc0000
[   42.967993][   T29] audit: type=1326 audit(1751570577.477:2070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7f23f3e963 code=0x7ffc0000
[   43.020918][ T4342] loop1: detected capacity change from 0 to 1024
[   43.044046][ T4343] loop4: detected capacity change from 0 to 512
[   43.053813][ T4343] EXT4-fs: Ignoring removed orlov option
[   43.075596][ T4343] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   43.089571][ T4343] EXT4-fs (loop4): orphan cleanup on readonly fs
[   43.098098][ T4343] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.295: bg 0: block 248: padding at end of block bitmap is not set
[   43.113776][ T4343] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.295: Failed to acquire dquot type 1
[   43.145087][ T4343] EXT4-fs (loop4): 1 truncate cleaned up
[   43.160420][ T4343] netlink: 16 bytes leftover after parsing attributes in process `syz.4.295'.
[   43.284155][ T4343] syz.4.295 (4343) used greatest stack depth: 9304 bytes left
[   43.364342][ T4347] tipc: Started in network mode
[   43.369332][ T4347] tipc: Node identity ac14140f, cluster identity 4711
[   43.377552][ T4347] tipc: New replicast peer: 255.255.255.255
[   43.383685][ T4347] tipc: Enabled bearer <udp:syz2>, priority 10
[   43.594920][ T4364] loop4: detected capacity change from 0 to 1024
[   43.601941][ T4364] EXT4-fs: Ignoring removed nomblk_io_submit option
[   43.727224][ T4373] loop1: detected capacity change from 0 to 1024
[   43.742596][ T4375] loop3: detected capacity change from 0 to 2048
[   43.749871][ T4373] EXT4-fs: Ignoring removed nomblk_io_submit option
[   43.778496][ T4377] loop4: detected capacity change from 0 to 1024
[   43.793951][ T4377] EXT4-fs: Ignoring removed nomblk_io_submit option
[   43.974565][ T4390] loop4: detected capacity change from 0 to 1024
[   43.981923][ T4390] EXT4-fs: Ignoring removed orlov option
[   44.095152][ T4394] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4394 comm=syz.1.307
[   44.287445][ T4401] loop1: detected capacity change from 0 to 1024
[   44.412990][ T4405] loop2: detected capacity change from 0 to 1024
[   44.442040][ T4405] EXT4-fs: Ignoring removed nobh option
[   44.454044][ T4405] EXT4-fs: Ignoring removed bh option
[   44.479845][ T4405] EXT4-fs (loop2): stripe (32769) is not aligned with cluster size (16), stripe is disabled
[   44.497848][ T4407] loop1: detected capacity change from 0 to 512
[   44.509973][   T10] tipc: Node number set to 2886997007
[   44.518061][ T4407] EXT4-fs (loop1): orphan cleanup on readonly fs
[   44.552398][ T4407] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.314: bg 0: block 248: padding at end of block bitmap is not set
[   44.623144][ T4414] netlink: 'syz.2.316': attribute type 13 has an invalid length.
[   44.641167][ T4416] __nla_validate_parse: 2 callbacks suppressed
[   44.641181][ T4416] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   44.657740][ T4407] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.314: Failed to acquire dquot type 1
[   44.682184][ T4416] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   44.713063][ T4407] EXT4-fs (loop1): 1 truncate cleaned up
[   44.737273][ T4414] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   44.773048][ T4417] loop2: detected capacity change from 0 to 512
[   44.801863][ T4417] ext4 filesystem being mounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   44.804956][ T4421] loop3: detected capacity change from 0 to 1024
[   44.812826][ T4424] EXT4-fs error (device loop1): ext4_lookup:1791: inode #2: comm syz.1.314: deleted inode referenced: 12
[   44.826114][ T4421] EXT4-fs: Ignoring removed nomblk_io_submit option
[   44.878473][ T4427] netlink: 'syz.1.314': attribute type 3 has an invalid length.
[   44.886424][ T4427] netlink: 'syz.1.314': attribute type 3 has an invalid length.
[   44.912502][ T4414] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.316: corrupted inode contents
[   44.940110][ T4414] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.316: mark_inode_dirty error
[   44.962620][ T4427] netlink: 16 bytes leftover after parsing attributes in process `syz.1.314'.
[   44.980448][ T4414] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.316: corrupted inode contents
[   45.021113][ T4417] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.316: corrupted inode contents
[   45.040280][ T4417] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.316: mark_inode_dirty error
[   45.094797][ T4417] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.316: corrupted inode contents
[   45.116627][ T4434] FAULT_INJECTION: forcing a failure.
[   45.116627][ T4434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   45.120437][ T4417] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.316: mark_inode_dirty error
[   45.129731][ T4434] CPU: 0 UID: 0 PID: 4434 Comm: syz.4.322 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   45.129758][ T4434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   45.129770][ T4434] Call Trace:
[   45.129796][ T4434]  <TASK>
[   45.129804][ T4434]  __dump_stack+0x1d/0x30
[   45.129825][ T4434]  dump_stack_lvl+0xe8/0x140
[   45.129844][ T4434]  dump_stack+0x15/0x1b
[   45.129859][ T4434]  should_fail_ex+0x265/0x280
[   45.129946][ T4434]  should_fail+0xb/0x20
[   45.129971][ T4434]  should_fail_usercopy+0x1a/0x20
[   45.129998][ T4434]  _copy_from_iter+0xcf/0xe40
[   45.130088][ T4434]  ? __build_skb_around+0x1a0/0x200
[   45.130115][ T4434]  ? __alloc_skb+0x223/0x320
[   45.130187][ T4434]  netlink_sendmsg+0x471/0x6b0
[   45.130218][ T4434]  ? __pfx_netlink_sendmsg+0x10/0x10
[   45.130236][ T4434]  __sock_sendmsg+0x145/0x180
[   45.130295][ T4434]  ____sys_sendmsg+0x31e/0x4e0
[   45.130327][ T4434]  ___sys_sendmsg+0x17b/0x1d0
[   45.130367][ T4434]  __x64_sys_sendmsg+0xd4/0x160
[   45.130491][ T4434]  x64_sys_call+0x2999/0x2fb0
[   45.130511][ T4434]  do_syscall_64+0xd2/0x200
[   45.130579][ T4434]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   45.130619][ T4434]  ? clear_bhb_loop+0x40/0x90
[   45.130638][ T4434]  ? clear_bhb_loop+0x40/0x90
[   45.130658][ T4434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.130678][ T4434] RIP: 0033:0x7f7f23f3e929
[   45.130772][ T4434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.130848][ T4434] RSP: 002b:00007f7f225a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   45.130867][ T4434] RAX: ffffffffffffffda RBX: 00007f7f24165fa0 RCX: 00007f7f23f3e929
[   45.130879][ T4434] RDX: 0000000024040084 RSI: 0000200000006040 RDI: 0000000000000003
[   45.130891][ T4434] RBP: 00007f7f225a7090 R08: 0000000000000000 R09: 0000000000000000
[   45.130977][ T4434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.130989][ T4434] R13: 0000000000000000 R14: 00007f7f24165fa0 R15: 00007ffed01f90b8
[   45.131006][ T4434]  </TASK>
[   45.339176][ T4437] loop4: detected capacity change from 0 to 1024
[   45.378238][ T4417] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.316: corrupted inode contents
[   45.428248][ T4417] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.316: mark_inode_dirty error
[   45.600966][ T4445] loop2: detected capacity change from 0 to 1024
[   45.611792][ T4449] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4449 comm=syz.4.325
[   45.627977][ T4445] EXT4-fs: Ignoring removed nomblk_io_submit option
[   45.773886][ T4455] loop2: detected capacity change from 0 to 128
[   45.787867][ T4453] loop1: detected capacity change from 0 to 8192
[   45.814346][ T4453] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   45.839379][ T4460] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   45.865313][ T4457] loop3: detected capacity change from 0 to 128
[   45.898660][ T4464] netlink: 4 bytes leftover after parsing attributes in process `syz.2.331'.
[   45.942736][ T4467] bio_check_eod: 206 callbacks suppressed
[   45.942751][ T4467] syz.3.329: attempt to access beyond end of device
[   45.942751][ T4467] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[   46.042199][ T4467] syz.3.329: attempt to access beyond end of device
[   46.042199][ T4467] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128
[   46.085689][ T4467] syz.3.329: attempt to access beyond end of device
[   46.085689][ T4467] loop3: rw=2049, sector=185, nr_sectors = 8 limit=128
[   46.099692][ T4467] syz.3.329: attempt to access beyond end of device
[   46.099692][ T4467] loop3: rw=2049, sector=201, nr_sectors = 8 limit=128
[   46.113936][ T4467] syz.3.329: attempt to access beyond end of device
[   46.113936][ T4467] loop3: rw=2049, sector=217, nr_sectors = 8 limit=128
[   46.133931][ T4467] syz.3.329: attempt to access beyond end of device
[   46.133931][ T4467] loop3: rw=2049, sector=233, nr_sectors = 8 limit=128
[   46.147627][ T4467] syz.3.329: attempt to access beyond end of device
[   46.147627][ T4467] loop3: rw=2049, sector=249, nr_sectors = 8 limit=128
[   46.182134][ T4467] syz.3.329: attempt to access beyond end of device
[   46.182134][ T4467] loop3: rw=2049, sector=265, nr_sectors = 8 limit=128
[   46.197824][ T4467] syz.3.329: attempt to access beyond end of device
[   46.197824][ T4467] loop3: rw=2049, sector=281, nr_sectors = 8 limit=128
[   46.237575][ T4467] syz.3.329: attempt to access beyond end of device
[   46.237575][ T4467] loop3: rw=2049, sector=297, nr_sectors = 8 limit=128
[   46.257401][ T4477] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4477 comm=syz.1.336
[   46.456408][ T4489] loop1: detected capacity change from 0 to 2048
[   46.664977][ T4496] loop0: detected capacity change from 0 to 1024
[   46.672186][ T4496] EXT4-fs: Ignoring removed orlov option
[   46.695573][ T4498] loop3: detected capacity change from 0 to 1024
[   46.702842][ T4498] EXT4-fs: Ignoring removed nomblk_io_submit option
[   46.789147][ T4509] Zero length message leads to an empty skb
[   46.827070][ T4513] loop3: detected capacity change from 0 to 1024
[   46.834746][ T4513] EXT4-fs: Ignoring removed nomblk_io_submit option
[   46.847906][ T4515] loop4: detected capacity change from 0 to 128
[   46.936261][ T4521] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   46.945139][ T4521] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   47.377438][ T4542] loop4: detected capacity change from 0 to 256
[   47.401283][ T4539] loop2: detected capacity change from 0 to 2048
[   47.430426][ T4527] tipc: Started in network mode
[   47.435340][ T4527] tipc: Node identity ac14140f, cluster identity 4711
[   47.435474][ T4547] loop1: detected capacity change from 0 to 1024
[   47.450596][ T4547] EXT4-fs: Ignoring removed orlov option
[   47.459755][ T4527] tipc: New replicast peer: 255.255.255.255
[   47.466038][ T4527] tipc: Enabled bearer <udp:syz2>, priority 10
[   47.491230][ T4550] loop3: detected capacity change from 0 to 1024
[   47.513112][ T4550] EXT4-fs: Ignoring removed orlov option
[   47.541597][ T4555] loop4: detected capacity change from 0 to 1024
[   47.548677][ T4555] EXT4-fs: Ignoring removed nomblk_io_submit option
[   47.578056][ T4558] loop2: detected capacity change from 0 to 1024
[   47.586838][ T4560] loop0: detected capacity change from 0 to 1024
[   47.597644][ T4558] EXT4-fs: Ignoring removed nomblk_io_submit option
[   47.604814][ T4560] EXT4-fs: Ignoring removed orlov option
[   47.697546][ T4562] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm GPL: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   47.821293][ T4572] loop4: detected capacity change from 0 to 2048
[   47.836247][   T29] kauditd_printk_skb: 517 callbacks suppressed
[   47.836262][   T29] audit: type=1326 audit(1751570582.577:2584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4577 comm="syz.2.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75c675e929 code=0x7ffc0000
[   47.930692][   T29] audit: type=1326 audit(1751570582.577:2585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4577 comm="syz.2.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f75c675e929 code=0x7ffc0000
[   47.954212][   T29] audit: type=1326 audit(1751570582.577:2586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4577 comm="syz.2.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75c675e929 code=0x7ffc0000
[   47.977792][   T29] audit: type=1326 audit(1751570582.577:2587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4577 comm="syz.2.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f75c675e929 code=0x7ffc0000
[   48.000959][   T29] audit: type=1326 audit(1751570582.577:2588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4577 comm="syz.2.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75c675e929 code=0x7ffc0000
[   48.024494][   T29] audit: type=1326 audit(1751570582.577:2589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4577 comm="syz.2.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f75c675e929 code=0x7ffc0000
[   48.047818][   T29] audit: type=1326 audit(1751570582.577:2590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4577 comm="syz.2.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75c675e929 code=0x7ffc0000
[   48.071160][   T29] audit: type=1326 audit(1751570582.577:2591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4577 comm="syz.2.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f75c675e929 code=0x7ffc0000
[   48.094698][   T29] audit: type=1326 audit(1751570582.577:2592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4577 comm="syz.2.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75c675e929 code=0x7ffc0000
[   48.118145][   T29] audit: type=1326 audit(1751570582.577:2593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4577 comm="syz.2.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75c675e929 code=0x7ffc0000
[   48.318472][ T4592] loop0: detected capacity change from 0 to 2048
[   48.386567][ T4599] netlink: 8 bytes leftover after parsing attributes in process `syz.2.375'.
[   48.468419][ T4603] loop3: detected capacity change from 0 to 1024
[   48.483944][ T4603] EXT4-fs: Ignoring removed orlov option
[   48.524231][ T4606] loop0: detected capacity change from 0 to 256
[   48.580024][ T3391] tipc: Node number set to 2886997007
[   48.726209][ T4621] loop1: detected capacity change from 0 to 2048
[   48.918619][ T4635] netlink: 'syz.1.391': attribute type 13 has an invalid length.
[   48.953090][ T4635] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   48.974286][ T4637] loop1: detected capacity change from 0 to 512
[   48.992296][ T4637] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   49.016849][ T4635] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.391: corrupted inode contents
[   49.029037][ T4635] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.391: mark_inode_dirty error
[   49.040691][ T4635] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.391: corrupted inode contents
[   49.053112][ T4635] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.391: mark_inode_dirty error
[   49.065339][ T4633] tipc: Started in network mode
[   49.070337][ T4633] tipc: Node identity ac14140f, cluster identity 4711
[   49.077317][ T4633] tipc: New replicast peer: 255.255.255.255
[   49.083501][ T4633] tipc: Enabled bearer <udp:syz2>, priority 10
[   49.142769][ T4641] loop3: detected capacity change from 0 to 256
[   49.176571][ T4645] loop1: detected capacity change from 0 to 1024
[   49.185524][ T4645] EXT4-fs: Ignoring removed orlov option
[   49.409922][ T4653] loop3: detected capacity change from 0 to 1024
[   49.435119][ T4653] EXT4-fs: Ignoring removed nomblk_io_submit option
[   49.482836][ T4656] loop0: detected capacity change from 0 to 2048
[   49.540232][ T4660] loop3: detected capacity change from 0 to 1024
[   49.556081][ T4660] EXT4-fs: Ignoring removed orlov option
[   49.647676][ T4670] loop1: detected capacity change from 0 to 1024
[   49.677494][ T4668] loop0: detected capacity change from 0 to 128
[   49.687777][ T4672] netlink: 'syz.2.403': attribute type 13 has an invalid length.
[   49.707133][ T4670] EXT4-fs: Ignoring removed orlov option
[   49.750350][ T4672] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   49.782249][ T4672] loop2: detected capacity change from 0 to 512
[   49.802072][ T4672] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   49.839523][ T4672] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.403: corrupted inode contents
[   49.859406][ T4672] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.403: mark_inode_dirty error
[   49.872616][ T4672] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.403: corrupted inode contents
[   49.946822][ T4672] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.403: mark_inode_dirty error
[   50.068483][ T4684] loop3: detected capacity change from 0 to 512
[   50.084584][ T4684] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   50.121484][ T4684] EXT4-fs (loop3): 1 truncate cleaned up
[   50.134148][ T4681] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm GPL: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   50.200132][ T3391] tipc: Node number set to 2886997007
[   50.448708][ T4702] loop4: detected capacity change from 0 to 1024
[   50.510347][ T4702] EXT4-fs: Ignoring removed nomblk_io_submit option
[   50.552833][ T4707] loop0: detected capacity change from 0 to 8192
[   50.585580][ T4707] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   50.640065][ T4713] loop2: detected capacity change from 0 to 2048
[   50.649523][ T4715] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   50.658849][ T4715] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   50.774512][ T4734] loop4: detected capacity change from 0 to 512
[   50.785926][ T4734] EXT4-fs (loop4): orphan cleanup on readonly fs
[   50.794098][ T4734] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.421: bg 0: block 248: padding at end of block bitmap is not set
[   50.808847][ T4734] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.421: Failed to acquire dquot type 1
[   50.822248][ T4734] EXT4-fs (loop4): 1 truncate cleaned up
[   50.831594][ T4738] loop3: detected capacity change from 0 to 512
[   50.839616][ T4738] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   50.869079][ T4738] EXT4-fs (loop3): 1 truncate cleaned up
[   50.880480][ T4744] EXT4-fs error (device loop4): ext4_lookup:1791: inode #2: comm syz.4.421: deleted inode referenced: 12
[   50.897714][ T4742] loop1: detected capacity change from 0 to 128
[   50.932377][ T4744] netlink: 'syz.4.421': attribute type 3 has an invalid length.
[   50.940114][ T4744] netlink: 'syz.4.421': attribute type 3 has an invalid length.
[   50.966710][ T4744] netlink: 16 bytes leftover after parsing attributes in process `syz.4.421'.
[   51.013155][ T1597] bio_check_eod: 212 callbacks suppressed
[   51.013167][ T1597] kworker/u8:6: attempt to access beyond end of device
[   51.013167][ T1597] loop1: rw=1, sector=145, nr_sectors = 16 limit=128
[   51.044826][ T1597] kworker/u8:6: attempt to access beyond end of device
[   51.044826][ T1597] loop1: rw=1, sector=169, nr_sectors = 8 limit=128
[   51.058713][ T1597] kworker/u8:6: attempt to access beyond end of device
[   51.058713][ T1597] loop1: rw=1, sector=185, nr_sectors = 8 limit=128
[   51.061914][ T4749] loop3: detected capacity change from 0 to 2048
[   51.078744][ T1597] kworker/u8:6: attempt to access beyond end of device
[   51.078744][ T1597] loop1: rw=1, sector=201, nr_sectors = 8 limit=128
[   51.098877][ T1597] kworker/u8:6: attempt to access beyond end of device
[   51.098877][ T1597] loop1: rw=1, sector=217, nr_sectors = 8 limit=128
[   51.113608][ T1597] kworker/u8:6: attempt to access beyond end of device
[   51.113608][ T1597] loop1: rw=1, sector=233, nr_sectors = 8 limit=128
[   51.127533][ T1597] kworker/u8:6: attempt to access beyond end of device
[   51.127533][ T1597] loop1: rw=1, sector=249, nr_sectors = 8 limit=128
[   51.151566][ T1597] kworker/u8:6: attempt to access beyond end of device
[   51.151566][ T1597] loop1: rw=1, sector=265, nr_sectors = 8 limit=128
[   51.165099][ T1597] kworker/u8:6: attempt to access beyond end of device
[   51.165099][ T1597] loop1: rw=1, sector=281, nr_sectors = 8 limit=128
[   51.178557][ T1597] kworker/u8:6: attempt to access beyond end of device
[   51.178557][ T1597] loop1: rw=1, sector=297, nr_sectors = 8 limit=128
[   51.216379][ T4753] loop1: detected capacity change from 0 to 128
[   51.225859][ T4755] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   51.235107][ T4755] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   51.313202][ T4761] netlink: 'syz.3.431': attribute type 21 has an invalid length.
[   51.323238][ T4761] netlink: 132 bytes leftover after parsing attributes in process `syz.3.431'.
[   51.337078][ T4761] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[   51.343789][ T4761] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   51.351569][ T4761] vhci_hcd vhci_hcd.0: Device attached
[   51.364085][ T4763] vhci_hcd: connection closed
[   51.364314][ T1597] vhci_hcd: stop threads
[   51.373426][ T1597] vhci_hcd: release socket
[   51.378149][ T1597] vhci_hcd: disconnect device
[   51.482609][ T4777] loop2: detected capacity change from 0 to 256
[   51.662616][ T4788] loop4: detected capacity change from 0 to 128
[   51.813344][ T4793] loop4: detected capacity change from 0 to 2048
[   51.918849][ T4795] loop2: detected capacity change from 0 to 8192
[   51.951235][ T4795] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   52.008026][ T4804] FAULT_INJECTION: forcing a failure.
[   52.008026][ T4804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.021737][ T4804] CPU: 1 UID: 0 PID: 4804 Comm: syz.3.450 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   52.021762][ T4804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   52.021773][ T4804] Call Trace:
[   52.021811][ T4804]  <TASK>
[   52.021817][ T4804]  __dump_stack+0x1d/0x30
[   52.021835][ T4804]  dump_stack_lvl+0xe8/0x140
[   52.021915][ T4804]  dump_stack+0x15/0x1b
[   52.021931][ T4804]  should_fail_ex+0x265/0x280
[   52.021960][ T4804]  should_fail+0xb/0x20
[   52.021983][ T4804]  should_fail_usercopy+0x1a/0x20
[   52.022131][ T4804]  _copy_to_user+0x20/0xa0
[   52.022152][ T4804]  simple_read_from_buffer+0xb5/0x130
[   52.022181][ T4804]  proc_fail_nth_read+0x100/0x140
[   52.022282][ T4804]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   52.022309][ T4804]  vfs_read+0x1a0/0x6f0
[   52.022341][ T4804]  ? __sys_setsockopt+0x18e/0x200
[   52.022364][ T4804]  ? __rcu_read_unlock+0x4f/0x70
[   52.022390][ T4804]  ? __fget_files+0x184/0x1c0
[   52.022408][ T4804]  ksys_read+0xda/0x1a0
[   52.022439][ T4804]  __x64_sys_read+0x40/0x50
[   52.022468][ T4804]  x64_sys_call+0x2d77/0x2fb0
[   52.022487][ T4804]  do_syscall_64+0xd2/0x200
[   52.022572][ T4804]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   52.022595][ T4804]  ? clear_bhb_loop+0x40/0x90
[   52.022611][ T4804]  ? clear_bhb_loop+0x40/0x90
[   52.022628][ T4804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.022695][ T4804] RIP: 0033:0x7f7e804ed33c
[   52.022710][ T4804] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   52.022724][ T4804] RSP: 002b:00007f7e7eb57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   52.022824][ T4804] RAX: ffffffffffffffda RBX: 00007f7e80715fa0 RCX: 00007f7e804ed33c
[   52.022835][ T4804] RDX: 000000000000000f RSI: 00007f7e7eb570a0 RDI: 0000000000000004
[   52.022845][ T4804] RBP: 00007f7e7eb57090 R08: 0000000000000000 R09: 0000000000000000
[   52.022915][ T4804] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[   52.022926][ T4804] R13: 0000000000000000 R14: 00007f7e80715fa0 R15: 00007ffe1bfe2148
[   52.022944][ T4804]  </TASK>
[   52.057915][ T4810] loop1: detected capacity change from 0 to 2048
[   52.304402][ T4821] loop0: detected capacity change from 0 to 128
[   52.367178][ T4819] loop1: detected capacity change from 0 to 1024
[   52.374728][ T4819] EXT4-fs: Ignoring removed nomblk_io_submit option
[   52.530762][ T4834] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4834 comm=syz.1.457
[   52.564828][ T4833] loop0: detected capacity change from 0 to 8192
[   52.576352][ T4833] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   52.644519][ T4836] loop1: detected capacity change from 0 to 1024
[   52.654312][ T4836] EXT4-fs: Ignoring removed nomblk_io_submit option
[   52.686937][ T4844] loop4: detected capacity change from 0 to 256
[   52.721261][ T4846] netlink: 'syz.1.462': attribute type 13 has an invalid length.
[   52.751041][ T4846] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   52.785142][ T4846] loop1: detected capacity change from 0 to 512
[   52.809655][ T4846] ext4 filesystem being mounted at /121/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   52.823155][ T4846] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.462: corrupted inode contents
[   52.845658][ T4846] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.462: mark_inode_dirty error
[   52.864356][ T4846] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.462: corrupted inode contents
[   52.864443][ T4859] loop2: detected capacity change from 0 to 128
[   52.878244][ T4846] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.462: corrupted inode contents
[   52.896545][ T4846] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.462: mark_inode_dirty error
[   52.909179][ T4846] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.462: corrupted inode contents
[   52.921889][ T4846] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.462: mark_inode_dirty error
[   52.933510][ T4846] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.462: corrupted inode contents
[   52.955666][ T4846] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.462: mark_inode_dirty error
[   53.023518][ T4864] loop2: detected capacity change from 0 to 1024
[   53.037115][ T4864] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.047672][ T4866] loop1: detected capacity change from 0 to 512
[   53.065220][ T4866] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   53.095985][ T4866] EXT4-fs (loop1): 1 truncate cleaned up
[   53.119979][   T29] kauditd_printk_skb: 621 callbacks suppressed
[   53.119993][   T29] audit: type=1326 audit(1751570587.857:3213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4873 comm="syz.3.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   53.121890][ T4875] loop3: detected capacity change from 0 to 1024
[   53.126201][   T29] audit: type=1326 audit(1751570587.857:3214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4873 comm="syz.3.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   53.179429][   T29] audit: type=1326 audit(1751570587.857:3215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4873 comm="syz.3.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   53.203110][   T29] audit: type=1326 audit(1751570587.857:3216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4873 comm="syz.3.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   53.226509][   T29] audit: type=1326 audit(1751570587.857:3217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4873 comm="syz.3.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   53.249783][   T29] audit: type=1326 audit(1751570587.857:3218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4873 comm="syz.3.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   53.273144][   T29] audit: type=1326 audit(1751570587.857:3219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4873 comm="syz.3.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   53.296531][   T29] audit: type=1326 audit(1751570587.857:3220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4873 comm="syz.3.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   53.320142][   T29] audit: type=1326 audit(1751570587.857:3221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4873 comm="syz.3.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7e804ee929 code=0x7ffc0000
[   53.323604][ T4875] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.343499][   T29] audit: type=1326 audit(1751570587.857:3222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4873 comm="syz.3.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7e804ee963 code=0x7ffc0000
[   53.480747][ T4883] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   53.530743][ T4883] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   53.551982][ T4889] SELinux:  Context system_u:object_r:utempter_exec_t:s0 is not valid (left unmapped).
[   53.566082][ T4891] loop0: detected capacity change from 0 to 128
[   53.649521][ T4897] netlink: 8 bytes leftover after parsing attributes in process `syz.2.474'.
[   53.682236][ T4899] loop4: detected capacity change from 0 to 512
[   53.724370][ T4899] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   53.778391][ T4899] EXT4-fs (loop4): orphan cleanup on readonly fs
[   53.784974][ T4899] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.482: bad orphan inode 458763
[   53.816692][ T4903] loop1: detected capacity change from 0 to 8192
[   53.861314][ T4896] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4896 comm=syz.3.481
[   53.876059][ T4903] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   53.889240][ T4899] EXT4-fs (loop4): Remounting filesystem read-only
[   53.952531][ T4907] loop0: detected capacity change from 0 to 8192
[   53.968827][ T4907] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   54.212386][ T4912] netlink: 'syz.3.486': attribute type 46 has an invalid length.
[   54.220203][ T4912] netlink: 55 bytes leftover after parsing attributes in process `syz.3.486'.
[   54.275962][ T4919] loop4: detected capacity change from 0 to 1024
[   54.293661][ T4919] EXT4-fs: Ignoring removed nomblk_io_submit option
[   54.656202][ T4941] loop3: detected capacity change from 0 to 8192
[   54.673574][ T4941] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   54.694097][ T4943] loop1: detected capacity change from 0 to 1024
[   54.712117][ T4943] EXT4-fs: Ignoring removed nomblk_io_submit option
[   54.766018][ T4945] loop0: detected capacity change from 0 to 512
[   54.790126][ T4945] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   54.848841][ T4945] EXT4-fs (loop0): orphan cleanup on readonly fs
[   54.855273][ T4945] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.498: bad orphan inode 458763
[   54.889709][ T4945] EXT4-fs (loop0): Remounting filesystem read-only
[   54.932701][ T4962] loop2: detected capacity change from 0 to 1024
[   54.955959][ T4962] EXT4-fs: Ignoring removed nomblk_io_submit option
[   55.066908][ T4973] loop2: detected capacity change from 0 to 128
[   55.227939][ T4982] loop4: detected capacity change from 0 to 1024
[   55.240319][ T4982] EXT4-fs: Ignoring removed nomblk_io_submit option
[   55.378846][ T4991] loop2: detected capacity change from 0 to 512
[   55.396541][ T4991] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   55.426764][ T4991] EXT4-fs (loop2): orphan cleanup on readonly fs
[   55.433248][ T4991] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.514: bad orphan inode 458763
[   55.470360][ T4994] loop4: detected capacity change from 0 to 1024
[   55.477104][ T4994] EXT4-fs: Ignoring removed orlov option
[   55.516967][ T4998] FAULT_INJECTION: forcing a failure.
[   55.516967][ T4998] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.530167][ T4998] CPU: 0 UID: 0 PID: 4998 Comm: syz.1.517 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   55.530190][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.530201][ T4998] Call Trace:
[   55.530208][ T4998]  <TASK>
[   55.530216][ T4998]  __dump_stack+0x1d/0x30
[   55.530238][ T4998]  dump_stack_lvl+0xe8/0x140
[   55.530311][ T4998]  dump_stack+0x15/0x1b
[   55.530328][ T4998]  should_fail_ex+0x265/0x280
[   55.530358][ T4998]  should_fail+0xb/0x20
[   55.530383][ T4998]  should_fail_usercopy+0x1a/0x20
[   55.530452][ T4998]  _copy_from_iter+0xcf/0xe40
[   55.530481][ T4998]  ? __build_skb_around+0x1a0/0x200
[   55.530523][ T4998]  ? __alloc_skb+0x223/0x320
[   55.530623][ T4998]  netlink_sendmsg+0x471/0x6b0
[   55.530644][ T4998]  ? __pfx_netlink_sendmsg+0x10/0x10
[   55.530664][ T4998]  __sock_sendmsg+0x145/0x180
[   55.530687][ T4998]  ____sys_sendmsg+0x31e/0x4e0
[   55.530777][ T4998]  ___sys_sendmsg+0x17b/0x1d0
[   55.530814][ T4998]  __x64_sys_sendmsg+0xd4/0x160
[   55.530884][ T4998]  x64_sys_call+0x2999/0x2fb0
[   55.530905][ T4998]  do_syscall_64+0xd2/0x200
[   55.530963][ T4998]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.530986][ T4998]  ? clear_bhb_loop+0x40/0x90
[   55.531007][ T4998]  ? clear_bhb_loop+0x40/0x90
[   55.531027][ T4998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.531079][ T4998] RIP: 0033:0x7f9fb1e8e929
[   55.531094][ T4998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.531110][ T4998] RSP: 002b:00007f9fb04f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.531125][ T4998] RAX: ffffffffffffffda RBX: 00007f9fb20b5fa0 RCX: 00007f9fb1e8e929
[   55.531136][ T4998] RDX: 0000000000004000 RSI: 00002000000000c0 RDI: 0000000000000006
[   55.531153][ T4998] RBP: 00007f9fb04f7090 R08: 0000000000000000 R09: 0000000000000000
[   55.531166][ T4998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.531183][ T4998] R13: 0000000000000000 R14: 00007f9fb20b5fa0 R15: 00007ffd17e03ae8
[   55.531201][ T4998]  </TASK>
[   55.755715][ T4991] EXT4-fs (loop2): Remounting filesystem read-only
[   55.951025][ T4994] ==================================================================
[   55.959164][ T4994] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[   55.967524][ T4994] 
[   55.969855][ T4994] write to 0xffff888106b05300 of 4 bytes by task 5007 on cpu 0:
[   55.977495][ T4994]  writeback_single_inode+0x14a/0x3e0
[   55.982875][ T4994]  sync_inode_metadata+0x5b/0x90
[   55.987806][ T4994]  generic_buffers_fsync_noflush+0xd9/0x120
[   55.993698][ T4994]  ext4_sync_file+0x1ab/0x690
[   55.998381][ T4994]  vfs_fsync_range+0x10a/0x130
[   56.003141][ T4994]  ext4_buffered_write_iter+0x34f/0x3c0
[   56.008682][ T4994]  ext4_file_write_iter+0x383/0xf00
[   56.013943][ T4994]  iter_file_splice_write+0x5ef/0x970
[   56.019317][ T4994]  direct_splice_actor+0x153/0x2a0
[   56.024438][ T4994]  splice_direct_to_actor+0x30f/0x680
[   56.029811][ T4994]  do_splice_direct+0xda/0x150
[   56.034587][ T4994]  do_sendfile+0x380/0x650
[   56.038996][ T4994]  __x64_sys_sendfile64+0x105/0x150
[   56.044194][ T4994]  x64_sys_call+0xb39/0x2fb0
[   56.048784][ T4994]  do_syscall_64+0xd2/0x200
[   56.053279][ T4994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.059181][ T4994] 
[   56.061495][ T4994] read to 0xffff888106b05300 of 4 bytes by task 4994 on cpu 1:
[   56.069030][ T4994]  __mark_inode_dirty+0x52/0x760
[   56.073966][ T4994]  ext4_write_inline_data_end+0x3e5/0x5f0
[   56.079860][ T4994]  ext4_write_end+0x4cd/0x730
[   56.084531][ T4994]  generic_perform_write+0x312/0x490
[   56.089806][ T4994]  ext4_buffered_write_iter+0x1ee/0x3c0
[   56.095354][ T4994]  ext4_file_write_iter+0x383/0xf00
[   56.100548][ T4994]  iter_file_splice_write+0x5ef/0x970
[   56.105920][ T4994]  direct_splice_actor+0x153/0x2a0
[   56.111043][ T4994]  splice_direct_to_actor+0x30f/0x680
[   56.116413][ T4994]  do_splice_direct+0xda/0x150
[   56.121173][ T4994]  do_sendfile+0x380/0x650
[   56.125582][ T4994]  __x64_sys_sendfile64+0x105/0x150
[   56.130775][ T4994]  x64_sys_call+0xb39/0x2fb0
[   56.135363][ T4994]  do_syscall_64+0xd2/0x200
[   56.139859][ T4994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.145830][ T4994] 
[   56.148140][ T4994] value changed: 0x00000038 -> 0x00000002
[   56.153842][ T4994] 
[   56.156155][ T4994] Reported by Kernel Concurrency Sanitizer on:
[   56.162296][ T4994] CPU: 1 UID: 0 PID: 4994 Comm: syz.4.515 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   56.174619][ T4994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   56.184672][ T4994] ==================================================================
[   56.282250][ T5016] loop2: detected capacity change from 0 to 1024
[   56.293014][ T5016] EXT4-fs: Ignoring removed nomblk_io_submit option