last executing test programs:

2.232265171s ago: executing program 1 (id=575):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newsa={0x184, 0x10, 0x1, 0x70bd2b, 0x0, {{@in6=@private1, @in=@private=0xa010100, 0x0, 0xecdf}, {@in=@broadcast, 0x0, 0x32}, @in6=@private0, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x400800}, {0x1000}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x2c}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha256)\x00'}, 0x0, 0x80}}]}, 0x184}}, 0x4050)

2.214996344s ago: executing program 1 (id=576):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000001}}, &(0x7f0000000780)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x2f90, &(0x7f00000002c0)={0x0, 0x204dd8, 0x3850, 0x2, 0x200004}, 0x0, &(0x7f0000000140))
r3 = epoll_create(0xaf2)
epoll_pwait2(r3, &(0x7f0000000280)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000080)={0xe000200f})
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x4)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
getpid()
socket$nl_netfilter(0x10, 0x3, 0xc)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r4 = io_uring_setup(0x6c4, &(0x7f0000000080)={0x0, 0x4075, 0x18, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)

2.08871739s ago: executing program 0 (id=578):
syz_emit_ethernet(0x56, &(0x7f0000000540)={@local, @random="4910075ad2b9", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd708", 0x20, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x8, 0x2, 0x0, 0x0, {[@mss={0x2, 0x4, 0x8}, @fastopen={0x22, 0x5, "76f42c"}]}}}}}}}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x547, &(0x7f0000000f40)="$eJzs3d9rXFkdAPDvnWbStE03WfVBF3Zd3JV20c40G3c3+LCuIPq0IK7vNSbTEDrJlGSy24TFnf4FgogKPumLL4J/gCAFQXwUoaDPCiuKaFdBH7RX7sydJE7uJNPsNNNMPh+4veee++P7PdOcM/fOvcwEcGY9HxFvRMTDNE1fioiZvL6UT9HqTNl2Hzx4dymbkkjTt/6WRJLXdY+V5PNL+W5TEfG1r0R8MzkYd3N759ZivV7byJerzbXb1c3tnWura4srtZXa+vz83KsLry28snB9KO28HBGvf+lP3/v2T778+i8++84fb/zl6reytKbz9fvb8YgmDlvZaXr5/FTPDhvHDPYkytpT7i5cGGyfu48xHwAA+svO8T8SEZ+KiJdiJs4dfjoLAAAAnELpF6bjP0lEWmyyTz0AAABwipTaz8AmpUr+LMB0lEqVSucZ3o/FxVK9sdn8zM3G1vpy51nZ2SiXbq7Wa9fzZ4Vno5xky3Pt8t7yyz3L8xHxdER8d+ZCe7my1Kgvj/rDDwAAADgjLvVc//9zpnP9DwAAAIyZ2VEnAAAAADx2rv8BAABg/Ln+BwAAgLH21TffzKa0+/vXy29vb91qvH1tubZ5q7K2tVRZamzcrqw0Givt7+xbO+p49Ubj9udifetOtVnbbFYvb+/cWGtsrTdvrMbUiTQIAAAAOODpT977fRIRrc9faE+ZyVEnBZyIid1Sks8Lev8fnurM3z+hpIATcW6Abd4/X1zvPAFOt4neij59HRg/5UPWuWEPZ0NyxPq+Y8FvOrPSkPMBAACG78oniu//H30+33LKD6ecTgxnV8/9/3RmVIkAJ659/3/QB3mcLMBYKQ/0BCAwzj7s/f+jpekjJQQAAAzddHtKSpX8473pKJUqlYjL7Z8FKCc3V+u16xHxVET8bqZ8Pluea++ZHHnNAAAAAAAAAAAAAAAAAAAAAAAAAAB0pGkSKQAAADDWIkp/Tn7Z+S7/KzMvTvd+PjCZ/Lv9k8CTEfHOD9/6/p3FZnNjLqv/+2598wd5/cuj+AQDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNx88eHepOw2w+YVhxf3rFyNitij+REy151NRjoiL/0hiYt9+SUScG0L81t2I+HhR/CRLazdkUfxhvAitu0krbSuMH7P5q1AU/9IQ4sNZdi8bf94o6v+leL49L+5/ExH/t3xc/ce/2B3/znXjp+/t7pf1/8sDxnjm/s+qfePfjXhmonj868ZP+ow/LwwY/xtf39npty79UcSV7vtPe8TbH2GvVG2u3a5ubu9cW11bXKmt1Nbn5+deXXht4ZWF69Wbq/Va/m9hjO88+/OHh7X/YuH7X5Jn07/9LxYcr+g96b/37zz46MFm7ca/+kJB/F//ON/iYPxSHufTeTlbf6VbbnXK+z33098+d1j7l/faX36U//+r/Q7a60BHeXbQPx0A4DHY3N65tViv1zbGtpBdpT8BaRynMBlPRBrjW3gvK9wf1gHTNE2zPlWw6l5EDHKcJPpv86vjJFYqzmev0HcEGPXIBAAADNveSf+oMwEAAAAAAAAAAAAAAAAAAICz6yS+Za03Zmu3lAzjK7QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbifwEAAP//g7bY4Q==")
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000003, 0x20000000ec072, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
syz_usb_connect$uac1(0x3, 0xa2, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)={[{@gid}], [], 0x39})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x7}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20009, 0xb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
linkat(r0, &(0x7f00000001c0)='./file0\x00', r0, &(0x7f0000000200)='./file0\x00', 0x800)

1.368126023s ago: executing program 0 (id=591):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x46, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r1, &(0x7f00000005c0)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0xd90}}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x79ca}], 0x1}, 0x0)

1.364277994s ago: executing program 2 (id=593):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x8, &(0x7f0000000400)=ANY=[@ANYRESDEC], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0xc}, 0x94)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f00000001c0)='syzkaller\x00'}, 0x94)
r2 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r1}, 0x8)
close(r2)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f00000007c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98,\xc8\x18E/\x8c\x1a\xe3\xbd\x8ed\xad\x1f^:Y\x89\xdd\x96\x80\xe0z\xd3.\x96\xfe\xa5.l\x9e\xed4:\x14V.\xa7c2\x19\x10\xed\xf7\x94\xb8\x02J\xf9\x17\xe6\xe4}\xce\xb0f1\xa5k\xe4\x83\x03\xba}^\x7f=*R\x86L\x92E\xea\xc2W\x81D5\x84Cg\x10\xeb;d\r\xc5\xa2\x01\xed\xf0\x00\x00\x00\x00\x00\x00\x00\b\xf6\x80\xc6mE\xca\x94x\xbe\xde\xac$#\xf4uo\xa5\x80u*C\xf4Wp\xd3\xa7\xa3\x00r(\x9c\xac\x90\x9eq\x19x\xf4\xe2\xb9>\x01\xba/m\x89\xea\xcf\xd6\x8b\xe7\xaff\xac\xf5k\xe3\x8d\xcd\xdaE\x18\xd0\xc7Zrps\x18\xc1\xb3`%\xef\xa2\xed\xb5\xb1\xb5\xebK\'\x99\x03\xd7p$\xed+\xe8\x06\xfe\xeb)')
syz_io_uring_setup(0x7739, &(0x7f0000000180)={0x0, 0xcc19, 0x130c8, 0x400006, 0x20e}, &(0x7f0000000240), &(0x7f0000000140))
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = fsopen(&(0x7f0000000040)='sysfs\x00', 0x0)
ioperm(0x5, 0xa, 0x100000000000)
fsconfig$FSCONFIG_SET_STRING(r3, 0x6, 0x0, 0x0, 0x0)
r4 = syz_io_uring_setup(0x292, &(0x7f0000000140)={0x0, 0xe359, 0x0, 0x4, 0x289}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000580)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x4})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, &(0x7f0000000040)=0x805, 0x4)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000c00)="883f08434c3ea2b56f7b71161694f7c8bb4c838bf9d058c149cc0624cd34ad724a5f7b85dc60071b909ca51c89319d968e5c69fec7608edf41ba17e0fd06ea16b21cced58139312febb3940dfe136ff7b6e96ef7315b2ff55ba3383b", 0x5c}, {&(0x7f0000002180)="bef37f03700aed65282cb27c46808f21a0448a2c8d0a9abc11fb1100aaa52ecbb3877f8f4ea2454100a9eec9aaddf82fe306ced531ae374c487973acdc9d0a0743bb2a54bde80cafcf58fc516b779d07f51036368abd9796c0bfab7e6d40a5d28dc45b25208aa66f24480c59cd3d583f64143a4468236f3a84c704a3f586bb06b568c3a5f9a218b09f349a831259e5de219935a8f42b4bda1341127d1ed54c3eab18757eb41d6c798ed5b3aafd25d250694c8edc8faffa27f2061729e94c41d0d043d3f5209afb734d6087956c33847d178d05d65ac832950bafa4c0749c8f68affec24358eba83d148690207ae99762f0e27db6768a0806ecfab4e7d58e93d92000474b08c0d363e7eeb46de582fab61a8cd96617e878d09d06a485ec283507d7cc7e358e4835e0962701e343a4f5e5b789ff2e6c2bddae35c043774c616d1acec28130e27cf3d937054250b6910424a98230cc3119324563097664c593909b493f158beee5078a38da9ad40fd6b9e7ff0974bef6a4f4365f2e18e06fe8978b92ba1aeb29a10d29067152d6ac6d686c6a1a2a7001cab2435c752ffeef57120466b1d2fc219bddc1ce44813398090d0854f325a38fccb49538ae8f75ae0c0778acdcaa6f6f67daa7283f7699f550cdec16a957b0ae5d6e0ccdd0fb04dcc63e432a22512e4f0afd0afb8f43c2f9d9eb130da49356cf8d0f75d107f94b84ac3fcd574c81cb4625ddce241858039acf8c0534069da905baa2d825d3a501a7160ddfed22d212ea1fe77bcb1244057767bfdb5da8f68d39936f87ebb9ffa4ed47ddd3d8adcddebad8c8074698d2ccb65ae86f9f0ecac47c201fa948b27759b283aac3182985a0d61e7e5a721585bce554b430e0d46ba29689a2198549da457a3da16d6e7e98c2603be6f5e04ef7c2be67187a9160904c9961ed56a37a1e2e73b774ac28956ee7580d7a829b59c79a758d5e08149ce85db9b9319e807ac3ee733ddb9bccaf18462e353bd8de44075cb2074b6c8de6211393dfa15f6f2de36b1fb0568255d94f5152c60d0e4168530d5ec2a45fdd5fca455a9be5104b0e0c61984617962b822347743c079d4b85b2f77056fda919e629117a404ccfd53c414250dc9f5d4908fbbd43002def38ac6812342b93256df3f82ddb1db5f32a6fd3b8a206d06eda20ec4f79e2d0830d7cd9798d84aacdb556634468c2deb502fb7fa75a4a33096fe65ad3844f830697fc205ddbad39c450f28f9d884fef1b61179b71e41b5b8cfd5e0af9ebcc693840862d1ee96f2358f66eac05ee3dea1bb523c544242c82e63c129172c98d3a245ce6cad4c078dc1d2e5862a0008b53dd8b11be8c2e0528a8472a28d642c0436a781a4ed2c52c25dba4416d0eea236c9b07f72576454a92de27a8d24bb4a008a8d0c1038fd8881cc19c7f49501b050a6a847066436471c60b10b05bece0385db455cd41a46ba64e6b895026b21329d13f4cdbfb600478cea986c455997954e8750f4bd536921dc9b506a0b9a91bb20dfbbf34b145d8726fbd47be214837d827b0826e32cd928d19de136d77bbdc8858a28a07c75e26cd51011a3721aa69469003cd5bfe1a76e750680f0c90608e2628a8d93dfec773e88c27e723057abd70caba2ea51d12d9a4f7b935f4eb438d5a5355f1402b1a65c642fb06c44c67deb74530b387ef7c9e0d9b22f507d70d92e83783d7d33f7d586a3cf446b4f839be7fe5c5f3", 0x4c9}], 0x2}}], 0x1, 0x40000)
io_uring_enter(r4, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)
write$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000300)={'vlan1', 0x32, 0x33}, 0x8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000900000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = fsmount(r3, 0x0, 0x5)
mount_setattr(r7, &(0x7f0000000000)='.\x00', 0x8800, &(0x7f0000000080)={0x4, 0x0, 0x0, {r7}}, 0x20)

1.30937313s ago: executing program 1 (id=594):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001840)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001700)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r1 = socket$pptp(0x18, 0x1, 0x2)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x2a200)
io_uring_setup(0x5b54, &(0x7f0000000040)={0x0, 0x2df0, 0x0, 0x0, 0x2b2})
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r2, 0x80089203, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

1.282068484s ago: executing program 4 (id=595):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000001f)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
fcntl$notify(r1, 0x402, 0x8000003d)
close_range(r0, r1, 0x0)

1.259337397s ago: executing program 3 (id=596):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = syz_io_uring_setup(0x2f90, &(0x7f00000002c0)={0x0, 0x204dd8, 0x3850, 0x2, 0x200004}, 0x0, &(0x7f0000000140))
r3 = epoll_create(0xaf2)
epoll_pwait2(r3, &(0x7f0000000280)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000080)={0xe000200f})
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x4)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
getpid()
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="580000000206030000000000000000000700000705000100070000000900020073797a31000000000c0007800800064000000328050005000200000005000400c3dee6737aa3fa4d010000161126123e377c27ac6769702c706f7274000000006f9a69f8e5b25c30cc4e7817edd47d2d806131271e7592797146a8c58a4b21f5a61aae894f"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00'}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r5 = io_uring_setup(0x6c4, &(0x7f0000000080)={0x0, 0x4075, 0x18, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

1.252909238s ago: executing program 0 (id=597):
r0 = memfd_create(&(0x7f0000000a80)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x5)
fsetxattr$security_selinux(r0, &(0x7f0000000480), &(0x7f0000000200)='system_u:object_r:run_init_exec_t:s0\x00', 0x9, 0x3)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r1, &(0x7f0000000680)=[{{&(0x7f0000000300)={0xa, 0x4e23, 0x1, @remote, 0x8}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000800)='M', 0x1}], 0x1}}, {{&(0x7f0000000200)={0xa, 0x4e20, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000340)="78da", 0x2}], 0x1}}], 0x2, 0x931766f6319eed40)
shutdown(r1, 0x1)
setsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000100)={0x0, 0xa}, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f00000002c0), &(0x7f00000005c0)=r3}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="44000000190a0102"], 0x44}}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r5 = socket(0x2b, 0x80801, 0x1)
setsockopt$inet6_tcp_int(r5, 0x6, 0x22, &(0x7f0000000180)=0x100000001, 0x4)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640), 0x0, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x810)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r6, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})

1.23536049s ago: executing program 4 (id=598):
r0 = open(0x0, 0x60840, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_io_uring_setup(0x10f, &(0x7f0000000380)={0x0, 0x46ee, 0x400, 0xffffdffd, 0x32e}, 0x0, &(0x7f0000000240)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, 0xffffffffffffffff, 0x22, &(0x7f00000000c0)=@un=@file={0x1, './file0\x00'}, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x3516, 0x67f, 0x64, 0x0, 0x0)
pipe(&(0x7f00000007c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r4)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000180)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000024000280040001001c0003800c"], 0x50}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
splice(r3, 0x0, r4, 0x0, 0xfffd, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000140)={0x0, 0x1, 0x6, @remote}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000400)=0x5)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r6, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)

1.052201264s ago: executing program 4 (id=599):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newsa={0x148, 0x10, 0x1, 0x70bd2b, 0x0, {{@in6=@private1, @in=@private=0xa010100, 0x0, 0xecdf}, {@in=@broadcast, 0x0, 0x32}, @in6=@private0, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x400800}, {0x1000}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x2c}, [@algo_crypt={0x58, 0x2, {{'cbc(aes)\x00'}, 0x80, "e0fad3f10cd3a506627800000000074f"}}]}, 0x148}}, 0x4050)

1.029866537s ago: executing program 1 (id=600):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x14, 0x2, [@TCA_HHF_BACKLOG_LIMIT={0x8, 0x1, 0x2}, @TCA_HHF_QUANTUM={0x8, 0x2, 0xffff8001}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

1.00435516s ago: executing program 1 (id=601):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001840)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001700)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x27, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r2}, 0x10)
r3 = socket$pptp(0x18, 0x1, 0x2)
r4 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x2a200)
io_uring_setup(0x5b54, &(0x7f0000000040)={0x0, 0x2df0, 0x0, 0x0, 0x2b2})
ioctl$MON_IOCX_MFETCH(r4, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r4, 0x80089203, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r5 = syz_io_uring_setup(0x494, &(0x7f0000000400)={0x0, 0x2003f73, 0x100, 0x4, 0x1a}, &(0x7f0000000340), &(0x7f0000000600))
io_uring_register$IORING_REGISTER_PBUF_RING(r5, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0xffffffffffffff3a, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r7}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0feffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000801000085000000a500000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r8}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
getgid()
sendmsg$unix(0xffffffffffffffff, 0x0, 0x24048001)

977.666443ms ago: executing program 0 (id=602):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103000000000000000001"], 0x30}, 0x1, 0x0, 0x0, 0x4000064}, 0x40)

947.764457ms ago: executing program 0 (id=603):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x28f42000)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3812a01a57bca069, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='tlb_flush\x00', r2}, 0x18)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYRESDEC=r1, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xc, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, 0x0, 0x4000880)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x14, 0x7, 0x1, 0x701, 0x0, 0x0, {0x0, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x44800}, 0x80)
sendmsg$IPCTNL_MSG_EXP_GET(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="14001f0001020102000000000000000000000005"], 0x14}, 0x1, 0x0, 0x0, 0x40800}, 0x814)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000340), 0xffffffffffffffff)
socket$vsock_stream(0x28, 0x1, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000980)='\xff\x00\x00\x00\x00\x00\x000`\x14\x99\x06\xc0\x7fs\x00\t\x14\x17\xc3\xf5\xc9\v\x85\xe7\x00\x00\x18\x88\x06\x94\x98\xa9\xe7\x1c\x8a\x89\xdc\xcc\xf7L\xbd%\xc3!\x0e\x91S\xb2~8\"\xe2\xed\xbf\x12\x1a\\6p\'p\xef\x1a\n\x99\x12\xe8\'\x1c\x97M\xa5N\xd9\xbeV&\x1c2K?\x95\xd9\"\xbe\x050+\xca\xea\'\xe9)\xfe\xeb\x9c\xb5\xa0F`\xe4D\x10F\x831\xec\\v\xf0\xab_M\b\x03\xc3\n\x89\x01E`\xd35Q2\xecZz\xdc\x065p\x1c\x8f\x9b\x99IGXO\x00\x00\v\xed\xb0\xc5\xd4\xc7,\x1a\xb3}CMOO\x8a\xa8kh\x7f\x05c\xfc\xebb\xc8\xa2\xa9\xbf\xb3\x9b\xafE\xbd\xc5\xdc\xde\xbe_')
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES64=r4], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0x2}, 0x18)

920.355241ms ago: executing program 4 (id=604):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x2000005, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = socket$inet6(0xa, 0x5, 0x0)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e22, 0x2, @private1, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e22, 0x5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f0000000280)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00602000000590000a2bc5603ca00000f7f89000000200000000101ff000000030909000000000000005e00000000000000", 0x48}], 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000e1d61038934d185f9629c72e1e577a97500c01ea8b4e0b01d333a70037e846136ebc1f1ddeb73f169ac047fc4d9aaca4498db23c7b5b05bd74acc2554bf6a0b2d68984d44abcfee3a946d6c7e8dac5d6a840b6ba23aa06f37d6347416ae719bd33d7dc716025c817f95ed775195226410e0966baa5f8dd6caed935790405a1f066e1b2c5d2839b8e15d44e2282b75055e4055959c85f14e4ea6e906c6694289925e24033fb128f402115bd283f3482a60de8490677ecce716af304a1da6ef86d1eed7ffaae5b95d441e1cfb8511781abff82754d931a28f1741d86c712855b19169cce7ad7b187"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r5=>r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYRES16, @ANYRES32, @ANYRESHEX, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08d1ca4eb6b8b4889cdd4e786eb807e04eb88b935d78"], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='mm_collapse_huge_page_swapin\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@fallback=r9, 0x0, 0x0, 0x6, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000180), &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0], <r10=>0x0}, 0x40)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
mount$tmpfs(0x0, &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x224064, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x20)
r11 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000005c0)=ANY=[@ANYRES32=r11, @ANYRES32=r7, @ANYBLOB="2e0000143300000000000f8ebf1beb625c86db5a89431db0e5fc00000000", @ANYRES32=r11, @ANYBLOB, @ANYRES64=r10, @ANYRESHEX=r5, @ANYRES16=r8, @ANYRES16, @ANYRESHEX=r7, @ANYRES16=r2], 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r12 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r12, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={<r13=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r12, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000100)=0x5, r13, 0x0, 0x1, 0x4}}, 0x20)

798.294987ms ago: executing program 1 (id=605):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000001}}, &(0x7f0000000780)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x2f90, &(0x7f00000002c0)={0x0, 0x204dd8, 0x3850, 0x2, 0x200004}, 0x0, &(0x7f0000000140))
r3 = epoll_create(0xaf2)
epoll_pwait2(r3, &(0x7f0000000280)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000080)={0xe000200f})
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x4)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
getpid()
socket$nl_netfilter(0x10, 0x3, 0xc)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r4 = io_uring_setup(0x6c4, &(0x7f0000000080)={0x0, 0x4075, 0x18, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)

776.776859ms ago: executing program 0 (id=606):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kfree\x00', r0, 0x0, 0xffff}, 0x18)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0xfd, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x4}, 0x4202, 0x400000000000002, 0x0, 0x0, 0xa, 0x2000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xb)
signalfd(0xffffffffffffffff, &(0x7f00000003c0)={[0x2]}, 0x8)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff7]}, 0x0, 0x0, 0x8)

432.313594ms ago: executing program 2 (id=607):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x46, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r1, &(0x7f00000005c0)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0xd90}}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x79ca}], 0x1}, 0x0)

415.100416ms ago: executing program 2 (id=608):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000001f)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
fcntl$notify(r1, 0x402, 0x8000003d)
close_range(r0, r1, 0x0)

392.431149ms ago: executing program 3 (id=609):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18020000010000000000000000000000850000004100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0x7, 0x0, &(0x7f00000003c0)="131c8701feaa16", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

392.039629ms ago: executing program 2 (id=610):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x1, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x961}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

325.194598ms ago: executing program 3 (id=611):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0213000005000000000000000000000003"], 0x28}}, 0x0)

320.528428ms ago: executing program 3 (id=612):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001840)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001700)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r2 = socket$pptp(0x18, 0x1, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x2a200)
io_uring_setup(0x5b54, &(0x7f0000000040)={0x0, 0x2df0, 0x0, 0x0, 0x2b2})
ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r3, 0x80089203, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

251.932847ms ago: executing program 2 (id=613):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x97}, 0x18)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0xcf, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x7, 0x6}, 0x1004, 0x0, 0x10000, 0x0, 0x2, 0x80004001, 0x0, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
io_uring_setup(0x68ac, 0x0)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r2, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x8, 0x0, 0x0, 'queue0\x00', 0x3})
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r3, 0x408c5333, &(0x7f0000000500)={0x0, 0xe, 0x1, 'queue0\x00'})
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_bp={0x0, 0x1}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xc, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
ptrace(0x10, r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x4804}, 0x18)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[], 0x0, 0x45, 0x0, 0x1}, 0x28)

123.472454ms ago: executing program 3 (id=614):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18020000010000000000000000000000850000004100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

99.693527ms ago: executing program 3 (id=615):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001840)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001700)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x27, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r2}, 0x10)
r3 = socket$pptp(0x18, 0x1, 0x2)
r4 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x2a200)
io_uring_setup(0x5b54, &(0x7f0000000040)={0x0, 0x2df0, 0x0, 0x0, 0x2b2})
ioctl$MON_IOCX_MFETCH(r4, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r4, 0x80089203, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r5 = syz_io_uring_setup(0x494, &(0x7f0000000400)={0x0, 0x2003f73, 0x100, 0x4, 0x1a}, &(0x7f0000000340), &(0x7f0000000600))
io_uring_register$IORING_REGISTER_PBUF_RING(r5, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0xffffffffffffff3a, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r7}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0feffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000801000085000000a500000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r8}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
getgid()
sendmsg$unix(0xffffffffffffffff, 0x0, 0x24048001)

99.310847ms ago: executing program 2 (id=616):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f0000000300)={{0x2, 0x3, 0x800fffe, 0x0, 0x6}, 0x2, 0x1000, 0x6})
fchdir(0xffffffffffffffff)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00')
syz_clone(0x800211, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x6, 0x5, 0x0, &(0x7f0000048000)=0xfffffffe, 0x3)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
mount(&(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000040)='./cgroup/file0\x00', &(0x7f0000000140)='romfs\x00', 0x3c43, &(0x7f0000000180)='\xef\x00')
unshare(0x22020400)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000380)={{0x1, 0x1, 0x18, r1, {0x0, <r2=>0xee00}}, './file0/../file0\x00'})
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4, &(0x7f00000006c0)={[{@abort}, {@journal_dev={'journal_dev', 0x3d, 0x101}}, {@resgid={'resgid', 0x3d, r2}}], [{@obj_role={'obj_role', 0x3d, '^'}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}]}, 0x1, 0x5d7, &(0x7f0000001200)="$eJzs3c9vVEUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aAAleTIwXY0w8eRD/CyVy5aQnD148GRKihqOJa952H3Tbty0tbV/lfT7JdufN7MvMY/l2ZqczbwOorMHsRy1id0RMp4j+dGXpCwbnn+7+/cnJ7JGiXn/jzxSpmZe/NDWf+7IfnRE9EfHzTyl2dSytd2bu0tnxqanJi83j4dlz08Mzc5f2nzk3fnry9OT50ZdGjxw+dPjIyIE1Xdflgrzj197/sP+zsbe/++afNPL9b2MpjsarzRcuvI71MhiDjX+TtLSo78h6V1aSjvm3Oha+xamzxAaxKvn71xURT0V/dMT9N68/Pn2t1MYBG6qeIupARSXxDxWVjwPyz/aLPwfXShmVAJvhzrH5CYCl8d85PzcYPY25ge13Uyyc1kkRsbaZuVY7IuLWzbFrp26OXYsNmocDil25GhFPF8V/asT/QPTEQCP+ay3xn40LTjSfs/zX11j/4qli8Q+bZz7+e5aN/2gT/+8siP9311j/4P3ke70t8d+71ksCAAAAAACAyrpxLCJeLPr7f+3e+p8oWP/TFxFH16H+wUXHS//+X7u9DtUABe4ci3ilcP1vLV/9O9DRTD3WWA/QlU6dmZo8EBGPR8S+6NqWHY8sU8f+z3d93a5ssLn+L39k9d9qrgVstuN257bWcybGZ8cf9rqBiDtXI54pXP+b7vX/qaD/z34fTD9gHbuev36iXdnK8Q9slPq3EXsL+//7d61Iy9+fY7gxHhjORwVLPfvxFz+0q3+t8e8WE/Dwsv5/+/LxP5AW3q9nZvV1HJzrrLcrW+v4vzu92bjlTHcz76Px2dmLIxHd6XhHltuSP7r6NsOjKI+HPF6y+N/33PLzf0Xj/96IWHSnsEh/te4pzj35b9/v7dpj/A/lyeJ/YlX9/+oTo9cHfmxX/4P1/4caff2+Zo75P5j3VR6m3a35BeHYWVS02e0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdBLSJ2RKoN3UvXakNDEX0R8URsr01dmJl94dSFD85PZGWN7/+v5d/02z9/nPLv/x9YcDy66PhgROyMiC87ehvHQycvTE2UffEAAAAAAAAAAAAAAAAAAACwRfS12f+f+aOj7NYBG66z7AYApSmI/1/KaAew+fT/UF3iH6pL/EN1iX+oLvEP1SX+obrEP1SX+AcAAAAAgEfKzj03fk0RceXl3sYj090s6yq1ZcBGq5XdAKA0bvED1WXpD1SXz/hAWqG8p+1JK525nOmTD3EyAAAAAAAAAAAAAFTO3t32/0NV2f8P1WX/P1RXvv9/T8ntADafz/hArLCTv3D//4pnAQAAAAAAAAAAAADraWbu0tnxqanJixJvbY1mbGaiXq9fzv4XbJX2/M8T+VL4rdKeRYl8r9+DnVXe7yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDVfwEAAP//tsck3w==")
sendmsg$AUDIT_GET_FEATURE(0xffffffffffffffff, 0x0, 0x8d)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r3}, 0x18)

27.871766ms ago: executing program 4 (id=617):
r0 = open(0x0, 0x60840, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_io_uring_setup(0x10f, &(0x7f0000000380)={0x0, 0x46ee, 0x400, 0xffffdffd, 0x32e}, &(0x7f0000000140)=<r2=>0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, 0xffffffffffffffff, 0x22, &(0x7f00000000c0)=@un=@file={0x1, './file0\x00'}, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x3516, 0x67f, 0x64, 0x0, 0x0)
pipe(&(0x7f00000007c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r4)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000180)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000024000280040001001c0003800c"], 0x50}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
splice(r3, 0x0, r4, 0x0, 0xfffd, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000140)={0x0, 0x1, 0x6, @remote}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000400)=0x5)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r6, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)

0s ago: executing program 4 (id=618):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000180)='./file3\x00', 0x1004081, &(0x7f00000002c0)=ANY=[@ANYRES16=0x0, @ANYRESDEC=0x0], 0x10, 0x7f4, &(0x7f0000000d80)="$eJzs3U9oHOfZAPBnFMl2FD5/Id9HPmMcZ2znA5s6ymqVKBU5pJvVSJ5ktSt2V8WmlMTEcjCWk5AQ0pjS1JekLS2lpx7TXEMuubUUWuih7anQHHrpoRDIpSUtLZSWUnDZ2V1r9Wcl/5HlNP39RPadfeeZd953drLPznpnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASKqzpdJkErW8vnQ6Ha4622wsbDG/395P1xRbrDci6fwX+/bFgW7Vgf9dnX1/5+FoHOo+OxT7OsW+uHzP/fc+8T+jI/3lt+jQzToyfNbY4JMk4uudTl08u7Ky/Mpt6Mgu+taPexP7rnuRv1/tPM5n9bzVyBcq81matxrpzPR06ZFTc610Lq9lrTOtdraQVptZpd1opserJ9LJmZmpNJs401iqz89Walm/8vGHy6XSdPr0xGJWabYa9UeenmhVT+W1Wl6fL2LKpdejE/N4Z0d8Jm+n7ayykKbnL6wsT23X1U7Q5JqavWt2nEMP3fvxax/95cJyZ4cc1kjS2zHLk5Pl8uT0YzOPPV4qjZZL5bUVpXXiWkSMRHQibstOy511zyZ1o709ZsOMiKv/vTNv3nCLRnr5P2qRRz2W4nSkkcZI8bj6NxbVmI1mNGKh8/w3Y+vmb8j////IH3+11XoH838/yx9YnX0wivx/uPvs8LD8v6EXO/A3OqzV+vvd3gzWvRpvxOW4GGdjJVZiOV65mTXuWd/qbfwb2dn25iOLeuTRikbksRCVoibt1aQxE9MxHaV4Nk7FXLQijbnIoxZZtOJMtKIdWbFHVaMZWVSiHY1oRhrHoxonIo3JmImZmIo0spiIM9GIpajHfMxGpWjlfFwotvvUun7d/7XnfvTCrz9+pzN9LWhyi4EknQ9znaA/bxG0Id3fQP7vRIz09u5dyUnskn03+Kru0Ds33LqrRf4fvdPdAAAAAG6jpPj2PYmIsXigmJrLa9mX7nS3AAAAgB1U/K75UKcY60w9EEnn+L+0SeSHu943AAAAYGckxTl2SUSMx4Pdqf7pUpt9CQAAAAD8Gyr+/f9wpxiPeLOocPwPAAAAnzHfGHaN/Y/29K6x21rcm/zkT9FsjiVXFk8/lFyqdOIql+7qLtcrvnitxfbcwWR/r5GimB69fE8SEaPV7FDSv/rlP/d2y0+Kx4OrFyAcdq3/ZJsOxNYdKJ7Ft+NIN+bIuW55rj+nu5bxubyWTVQbtScmk96XI+3XXrzwlSiG/836wv4kzl9YWZ54/qWVc0VfrnRauXKpd3n4pL9URPeEii36crW3BeKBzUc8VpyI0VvveHe9pcHx964mO7L1+JPBdb4VR7sxR8e75fja8e/rrHNy4onJqFT2j7Sz0+3Xrg6MvteLydWR7+2PNrmBV+GtONaNOXb8WLfYpBflNb14cWMvyoPb//q2xXX34p0jb57+688bSTa1XS+mbrEXAHfK+eKqP6tZ6O4iC/3jalcnoa3Lu3f3l7yRd7nzq58y+ssP5LrR2JDd05vJ7m/F8W7M8e7nidGDm+SV0ibv6C9fePkXvXf0R9/7/g++fPiXH6zL6zfQi/fiRDemV8R9PxuSYztj/s66rPpuZ4l3h663VSsnr++dGku6Nx+Kyw9fuHT2heUXll8sl6emS4+WSo+VY6z4qNArhvRU5gH4z7bdPXY++Oq10GF34Uke3eao+r5rPymYiOfjpViJc3GyONsgIh7cvNXxgZ8hnNzmqHV84A4vJ7c5tlyNLa+P3XssiSGxUwNb7P++VxR/u00vCADsgqPb5OEk7u3Of/2/ekusi7grSU5uc9y9Npef6N44t390HMNz+aDf98rP3/YtAgCffVnzk2S8/XbSbOaLz07OzExW2qeytNmoPpM289n5LM3r7axZPVWpz2fpYrPRblT7Xx3PZq20tbS42Gi207lGM11stPLTxZ3f096t31vZQqXezqutxVpWaWVptVFvV6rtdDZvVdPFpadqeetU1iwWbi1m1Xwur1baeaOethpLzWo2kaatLBsIzGezejufy7OxNK+ni818odK8EhG1pYUsnc1a1Wa+2G50G+yvK6/PNZoLRbMTG4f/h93e3gDwafDqG5cvnl1ZWX7l5iZ+ez3Bd3qMAMBasjQAAAAAAAAAAAAAAHz6bTxdr1N7QycCjsVNnz746t64lbMPP3sTn3u/+7LsRIO30s7da17TPb2d5c5vnxueeO7JJy+u1iSjg5v3qTcPnPpdFv3RbdHO5v+nbHaq69v7I/b88Lvdmi8MCU5Gd3ikH0bETSx+NdkiZvffiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgO/8KAAD//wifUTs=")

kernel console output (not intermixed with test programs):

  38.465124][ T3317] veth1_vlan: entered promiscuous mode
[   38.487336][ T3321] veth1_vlan: entered promiscuous mode
[   38.504574][ T3317] veth0_macvtap: entered promiscuous mode
[   38.520304][ T3317] veth1_macvtap: entered promiscuous mode
[   38.521442][ T3315] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   38.545337][ T3321] veth0_macvtap: entered promiscuous mode
[   38.552411][ T3321] veth1_macvtap: entered promiscuous mode
[   38.565480][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.590444][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.602704][ T3321] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.615708][ T3316] veth0_vlan: entered promiscuous mode
[   38.631636][   T52] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.642899][ T3321] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.653156][   T52] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.665589][ T3485] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   38.679050][   T52] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.691253][ T3316] veth1_vlan: entered promiscuous mode
[   38.724387][   T52] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.737329][   T52] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.749119][   T52] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.766195][ T3320] veth0_vlan: entered promiscuous mode
[   38.771957][  T827] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.788537][ T3320] veth1_vlan: entered promiscuous mode
[   38.800991][  T827] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.823183][ T3316] veth0_macvtap: entered promiscuous mode
[   38.828177][ T3493] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   38.837920][ T3493] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   38.852718][ T3493] loop1: detected capacity change from 0 to 128
[   38.853370][ T3316] veth1_macvtap: entered promiscuous mode
[   38.860393][ T3493] =======================================================
[   38.860393][ T3493] WARNING: The mand mount option has been deprecated and
[   38.860393][ T3493]          and is ignored by this kernel. Remove the mand
[   38.860393][ T3493]          option from the mount to silence this warning.
[   38.860393][ T3493] =======================================================
[   38.913154][ T3493] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   38.926408][ T3493] ext4 filesystem being mounted at /0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   38.961901][   T29] kauditd_printk_skb: 46 callbacks suppressed
[   38.961917][   T29] audit: type=1400 audit(1768398641.785:118): avc:  denied  { create } for  pid=3488 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   38.963539][ T3493] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2'.
[   38.981774][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.005659][   T29] audit: type=1400 audit(1768398641.785:119): avc:  denied  { write } for  pid=3488 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   39.018384][ T3493] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2'.
[   39.036374][   T29] audit: type=1400 audit(1768398641.835:120): avc:  denied  { add_name } for  pid=3488 comm="syz.1.2" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   39.045891][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.057185][   T29] audit: type=1400 audit(1768398641.835:121): avc:  denied  { create } for  pid=3488 comm="syz.1.2" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   39.085085][   T29] audit: type=1400 audit(1768398641.865:122): avc:  denied  { create } for  pid=3496 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   39.104308][   T29] audit: type=1400 audit(1768398641.865:123): avc:  denied  { write } for  pid=3496 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   39.137070][   T29] audit: type=1400 audit(1768398641.965:124): avc:  denied  { create } for  pid=3500 comm="syz.4.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   39.137116][ T3493] tipc: Started in network mode
[   39.137168][ T3493] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[   39.168446][ T3493] tipc: Enabled bearer <eth:vlan0>, priority 10
[   39.184452][   T52] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.193412][   T52] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.205189][ T3320] veth0_macvtap: entered promiscuous mode
[   39.215878][   T52] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.236570][ T3320] veth1_macvtap: entered promiscuous mode
[   39.243581][   T52] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.266371][ T3320] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.276107][   T29] audit: type=1400 audit(1768398642.105:125): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   39.298976][ T3320] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.315851][   T52] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.330007][   T29] audit: type=1326 audit(1768398642.155:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3500 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f11e8f749 code=0x7ffc0000
[   39.336683][   T52] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.353469][   T29] audit: type=1326 audit(1768398642.155:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3500 comm="syz.4.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f11e8f749 code=0x7ffc0000
[   39.406769][   T52] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.421904][ T3505] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.423191][   T52] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.435833][ T3505] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.480094][ T3505] loop3: detected capacity change from 0 to 128
[   39.514796][ T3505] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   39.527434][ T3505] ext4 filesystem being mounted at /0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   39.584749][ T3505] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4'.
[   39.616597][ T3505] netlink: 43 bytes leftover after parsing attributes in process `syz.3.4'.
[   39.625623][ T3505] tipc: Started in network mode
[   39.630574][ T3505] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[   39.637843][ T3505] tipc: Enabled bearer <eth:vlan0>, priority 10
[   39.696412][ T3519] Driver unsupported XDP return value 0 on prog  (id 12) dev N/A, expect packet loss!
[   39.811581][ T3317] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   39.852706][ T3531] syzkaller1: entered promiscuous mode
[   39.858336][ T3531] syzkaller1: entered allmulticast mode
[   39.978848][ T3522] loop2: detected capacity change from 0 to 764
[   40.003937][ T3522] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   40.023391][ T3500] delete_channel: no stack
[   40.056718][ T3546] loop0: detected capacity change from 0 to 512
[   40.064001][ T3546] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   40.079398][ T3542] syz.1.11 uses obsolete (PF_INET,SOCK_PACKET)
[   40.083483][ T3546] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.099235][ T3546] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   40.115112][ T3546] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #18: comm syz.0.12: corrupted inode contents
[   40.127421][ T3546] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #18: comm syz.0.12: mark_inode_dirty error
[   40.139149][ T3546] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #18: comm syz.0.12: corrupted inode contents
[   40.151139][ T3546] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3000: inode #18: comm syz.0.12: mark_inode_dirty error
[   40.163474][ T3546] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3003: inode #18: comm syz.0.12: mark inode dirty (error -117)
[   40.176666][ T3546] EXT4-fs warning (device loop0): ext4_evict_inode:273: xattr delete (err -117)
[   40.185969][ T3479] tipc: Node number set to 10005162
[   40.211594][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.225130][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   40.291191][ T3554] loop3: detected capacity change from 0 to 512
[   40.301227][ T3554] EXT4-fs: Ignoring removed oldalloc option
[   40.316600][ T3554] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.15: Parent and EA inode have the same ino 15
[   40.334486][ T3554] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   40.347945][ T3554] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.15: Parent and EA inode have the same ino 15
[   40.360722][ T3554] EXT4-fs (loop3): 1 orphan inode deleted
[   40.367726][ T3554] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.381793][ T3551] loop4: detected capacity change from 0 to 512
[   40.394246][ T3551] EXT4-fs: Ignoring removed oldalloc option
[   40.421406][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.424694][ T3551] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.13: Parent and EA inode have the same ino 15
[   40.447213][ T3551] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.13: Parent and EA inode have the same ino 15
[   40.464837][ T3551] EXT4-fs (loop4): 1 orphan inode deleted
[   40.473133][ T3551] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.476755][ T3564] loop0: detected capacity change from 0 to 512
[   40.499588][    C1] hrtimer: interrupt took 26352 ns
[   40.545188][ T3564] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   40.560439][ T3564] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   40.582267][ T3566] nfs: Deprecated parameter 'nointr'
[   40.597317][ T3564] EXT4-fs (loop0): 1 truncate cleaned up
[   40.620293][ T3564] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.659188][ T3571] loop2: detected capacity change from 0 to 2048
[   40.668523][ T3567] Zero length message leads to an empty skb
[   40.675604][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.718565][ T3571] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.764461][ T3479] tipc: Node number set to 10005162
[   40.778405][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.852500][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.908563][ T3582] loop2: detected capacity change from 0 to 512
[   40.918581][ T3584] loop0: detected capacity change from 0 to 512
[   40.936874][ T3584] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   40.948169][ T3582] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   40.965644][ T3582] EXT4-fs (loop2): orphan cleanup on readonly fs
[   40.973562][ T3582] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.22: corrupted inode contents
[   40.986203][ T3582] EXT4-fs (loop2): Remounting filesystem read-only
[   40.992898][ T3582] EXT4-fs (loop2): 1 truncate cleaned up
[   40.997117][ T3584] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.003685][   T53] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   41.021674][   T53] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   41.027853][ T3584] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   41.044018][   T53] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   41.054746][ T3582] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.075324][ T3574] syz.4.19 (3574) used greatest stack depth: 10168 bytes left
[   41.087184][ T3584] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #18: comm syz.0.23: corrupted inode contents
[   41.104828][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.121364][ T3593] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   41.137018][ T3584] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #18: comm syz.0.23: mark_inode_dirty error
[   41.151895][ T3594] netlink: 'syz.4.25': attribute type 13 has an invalid length.
[   41.160853][ T3593] EXT4-fs (loop3): 1 truncate cleaned up
[   41.167267][ T3584] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #18: comm syz.0.23: corrupted inode contents
[   41.168174][ T3593] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.210294][ T3584] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3000: inode #18: comm syz.0.23: mark_inode_dirty error
[   41.222543][ T3584] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3003: inode #18: comm syz.0.23: mark inode dirty (error -117)
[   41.235098][ T3594] gretap0: refused to change device tx_queue_len
[   41.235973][ T3584] EXT4-fs warning (device loop0): ext4_evict_inode:273: xattr delete (err -117)
[   41.243297][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.265159][ T3594] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   41.288526][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.350709][ T3601] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm gtp: invalid indirect mapped block 4294967295 (level 1)
[   41.373911][ T3601] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm gtp: invalid indirect mapped block 4294967295 (level 1)
[   41.387964][ T3601] EXT4-fs (loop3): 2 truncates cleaned up
[   41.403844][ T3602] EXT4-fs: Ignoring removed orlov option
[   41.411546][ T3601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.425524][ T3602] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.439793][ T3601] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.475103][ T3607] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   41.483465][ T3607] EXT4-fs (loop4): orphan cleanup on readonly fs
[   41.496323][ T3607] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.30: corrupted inode contents
[   41.517445][ T3607] EXT4-fs (loop4): Remounting filesystem read-only
[   41.526681][ T3607] EXT4-fs (loop4): 1 truncate cleaned up
[   41.532478][ T3613] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.541395][   T53] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   41.552086][   T53] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   41.563727][   T53] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   41.582177][ T3605] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   41.602381][ T3607] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.624565][ T3613] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.668449][ T3613] ext4 filesystem being mounted at /6/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   41.703790][ T3613] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #18: comm syz.3.31: corrupted inode contents
[   41.716212][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.729149][ T3613] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #18: comm syz.3.31: mark_inode_dirty error
[   41.741671][ T3613] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #18: comm syz.3.31: corrupted inode contents
[   41.754746][ T3613] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3000: inode #18: comm syz.3.31: mark_inode_dirty error
[   41.783535][ T3613] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3003: inode #18: comm syz.3.31: mark inode dirty (error -117)
[   41.801368][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.812033][ T3621] SELinux:  Context system_u:object_r:pam_console_exec_t:s0 is not valid (left unmapped).
[   41.822932][ T3613] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -117)
[   41.852076][ T3617] EXT4-fs: Ignoring removed oldalloc option
[   41.856063][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.884717][ T3617] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.32: Parent and EA inode have the same ino 15
[   41.903246][ T3617] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.32: Parent and EA inode have the same ino 15
[   41.915841][ T3617] EXT4-fs (loop1): 1 orphan inode deleted
[   41.922407][ T3617] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.009003][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.047407][ T3631] netlink: ',&#^%': attribute type 13 has an invalid length.
[   42.092767][ T3631] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   42.143373][ T3624] EXT4-fs: Ignoring removed oldalloc option
[   42.194343][ T3624] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.34: Parent and EA inode have the same ino 15
[   42.226967][ T3624] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.34: Parent and EA inode have the same ino 15
[   42.242357][ T3635] EXT4-fs: Ignoring removed oldalloc option
[   42.253547][ T3624] EXT4-fs (loop2): 1 orphan inode deleted
[   42.262344][ T3624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.300076][ T3635] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.38: Parent and EA inode have the same ino 15
[   42.318174][ T3635] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.38: Parent and EA inode have the same ino 15
[   42.336668][ T3635] EXT4-fs (loop1): 1 orphan inode deleted
[   42.344903][ T3635] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.377526][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.400350][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.419320][ T3646] EXT4-fs: Ignoring removed oldalloc option
[   42.443402][ T3646] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: comm syz.0.41: Parent and EA inode have the same ino 15
[   42.468057][ T3646] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: comm syz.0.41: Parent and EA inode have the same ino 15
[   42.480707][ T3646] EXT4-fs (loop0): 1 orphan inode deleted
[   42.487313][ T3646] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.526618][ T3660] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   42.545844][ T3660] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.558600][ T3660] ext4 filesystem being mounted at /10/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   42.575353][ T3660] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #18: comm syz.2.45: corrupted inode contents
[   42.587416][ T3660] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #18: comm syz.2.45: mark_inode_dirty error
[   42.599405][ T3660] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #18: comm syz.2.45: corrupted inode contents
[   42.599892][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.612462][ T3660] EXT4-fs error (device loop2): ext4_xattr_delete_inode:3000: inode #18: comm syz.2.45: mark_inode_dirty error
[   42.632854][ T3660] EXT4-fs error (device loop2): ext4_xattr_delete_inode:3003: inode #18: comm syz.2.45: mark inode dirty (error -117)
[   42.659196][ T3660] EXT4-fs warning (device loop2): ext4_evict_inode:273: xattr delete (err -117)
[   42.689043][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.710829][ T3669] netlink: 'syz.0.49': attribute type 13 has an invalid length.
[   42.723716][ T3669] gretap0: refused to change device tx_queue_len
[   42.741072][ T3669] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   42.775962][ T3677] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   42.790584][ T3677] EXT4-fs (loop2): orphan cleanup on readonly fs
[   42.800481][ T3677] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.50: corrupted inode contents
[   42.814512][ T3677] EXT4-fs (loop2): Remounting filesystem read-only
[   42.821227][ T3677] EXT4-fs (loop2): 1 truncate cleaned up
[   42.827070][   T52] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   42.837643][   T52] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   42.849837][   T52] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   42.860715][ T3677] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   42.884068][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.919379][ T3682] EXT4-fs: Ignoring removed oldalloc option
[   42.932369][ T3682] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: comm syz.0.51: Parent and EA inode have the same ino 15
[   42.949687][ T3682] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: comm syz.0.51: Parent and EA inode have the same ino 15
[   42.964628][ T3682] EXT4-fs (loop0): 1 orphan inode deleted
[   42.971028][ T3682] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.086063][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.119306][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[   43.152380][ T3697] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   43.176392][ T3697] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.189643][ T3697] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   43.205722][ T3697] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #18: comm syz.4.56: corrupted inode contents
[   43.217666][ T3697] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #18: comm syz.4.56: mark_inode_dirty error
[   43.229285][ T3697] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #18: comm syz.4.56: corrupted inode contents
[   43.247053][ T3697] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3000: inode #18: comm syz.4.56: mark_inode_dirty error
[   43.259557][ T3697] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3003: inode #18: comm syz.4.56: mark inode dirty (error -117)
[   43.272185][ T3697] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -117)
[   43.302470][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.348341][ T3705] FAULT_INJECTION: forcing a failure.
[   43.348341][ T3705] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   43.361543][ T3705] CPU: 0 UID: 0 PID: 3705 Comm: syz.1.59 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   43.361576][ T3705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   43.361601][ T3705] Call Trace:
[   43.361611][ T3705]  <TASK>
[   43.361619][ T3705]  __dump_stack+0x1d/0x30
[   43.361709][ T3705]  dump_stack_lvl+0x95/0xd0
[   43.361730][ T3705]  dump_stack+0x15/0x1b
[   43.361831][ T3705]  should_fail_ex+0x265/0x280
[   43.361862][ T3705]  should_fail+0xb/0x20
[   43.361892][ T3705]  should_fail_usercopy+0x1a/0x20
[   43.361963][ T3705]  _copy_from_user+0x1c/0xb0
[   43.361999][ T3705]  ___sys_sendmsg+0xc1/0x1d0
[   43.362122][ T3705]  __sys_sendmmsg+0x178/0x300
[   43.362227][ T3705]  __x64_sys_sendmmsg+0x57/0x70
[   43.362259][ T3705]  x64_sys_call+0x1e28/0x3000
[   43.362329][ T3705]  do_syscall_64+0xca/0x2b0
[   43.362417][ T3705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.362439][ T3705] RIP: 0033:0x7ffbbdd6f749
[   43.362456][ T3705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.362480][ T3705] RSP: 002b:00007ffbbc7cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   43.362554][ T3705] RAX: ffffffffffffffda RBX: 00007ffbbdfc5fa0 RCX: 00007ffbbdd6f749
[   43.362571][ T3705] RDX: 0000000000000002 RSI: 0000200000000100 RDI: 0000000000000006
[   43.362593][ T3705] RBP: 00007ffbbc7cf090 R08: 0000000000000000 R09: 0000000000000000
[   43.362667][ T3705] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[   43.362680][ T3705] R13: 00007ffbbdfc6038 R14: 00007ffbbdfc5fa0 R15: 00007ffef2079c78
[   43.362700][ T3705]  </TASK>
[   43.533505][ T3708] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   43.575886][ T3708] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.601672][ T3708] ext4 filesystem being mounted at /12/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   43.616667][ T3708] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #18: comm syz.4.58: corrupted inode contents
[   43.628870][ T3708] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #18: comm syz.4.58: mark_inode_dirty error
[   43.640454][ T3708] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #18: comm syz.4.58: corrupted inode contents
[   43.652892][ T3708] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3000: inode #18: comm syz.4.58: mark_inode_dirty error
[   43.665058][ T3708] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3003: inode #18: comm syz.4.58: mark inode dirty (error -117)
[   43.677791][ T3708] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -117)
[   43.700314][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.890765][ T3721] netlink: 16 bytes leftover after parsing attributes in process `syz.2.61'.
[   43.902202][ T3721] bond0: entered promiscuous mode
[   43.907466][ T3721] bond_slave_0: entered promiscuous mode
[   43.913235][ T3721] bond_slave_1: entered promiscuous mode
[   43.921029][ T3721] bond0: left promiscuous mode
[   43.925882][ T3721] bond_slave_0: left promiscuous mode
[   43.931385][ T3721] bond_slave_1: left promiscuous mode
[   43.948461][ T3723] bond1: option mode: invalid value (9)
[   43.955085][ T3723] bond1 (unregistering): Released all slaves
[   44.085334][ T3729] set_capacity_and_notify: 15 callbacks suppressed
[   44.085353][ T3729] loop2: detected capacity change from 0 to 1024
[   44.098681][ T3729] ext4: Unknown parameter 'obj_role'
[   44.104619][ T3729] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   44.272636][   T29] kauditd_printk_skb: 1032 callbacks suppressed
[   44.272680][   T29] audit: type=1326 audit(1768398647.095:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3743 comm="syz.1.67" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x0
[   44.636664][ T3756] loop4: detected capacity change from 0 to 512
[   44.655166][ T3756] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   44.663262][ T3756] EXT4-fs (loop4): orphan cleanup on readonly fs
[   44.671152][ T3756] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.70: corrupted inode contents
[   44.683089][ T3756] EXT4-fs (loop4): Remounting filesystem read-only
[   44.690373][ T3756] EXT4-fs (loop4): 1 truncate cleaned up
[   44.696219][  T264] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   44.706853][  T264] Quota error (device loop4): write_blk: dquota write failed
[   44.714309][  T264] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries
[   44.724356][  T264] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   44.734882][  T264] Quota error (device loop4): write_blk: dquota write failed
[   44.742251][  T264] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list
[   44.752530][  T264] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   44.762711][  T264] Quota error (device loop4): v2_write_file_info: Can't write info structure
[   44.771863][  T264] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   44.782403][ T3756] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   44.804363][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.825156][ T3760] lo speed is unknown, defaulting to 1000
[   44.831097][ T3760] lo speed is unknown, defaulting to 1000
[   44.837259][ T3760] lo speed is unknown, defaulting to 1000
[   44.843489][ T3760] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   44.851694][ T3760] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   44.863191][ T3760] lo speed is unknown, defaulting to 1000
[   44.869865][ T3760] lo speed is unknown, defaulting to 1000
[   44.877253][ T3760] lo speed is unknown, defaulting to 1000
[   44.883356][ T3760] lo speed is unknown, defaulting to 1000
[   44.889486][ T3760] lo speed is unknown, defaulting to 1000
[   44.916810][ T3763] loop4: detected capacity change from 0 to 1024
[   44.923705][ T3763] EXT4-fs: inline encryption not supported
[   44.935757][ T3763] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.953238][ T3763] netlink: 4 bytes leftover after parsing attributes in process `syz.4.72'.
[   44.962398][ T3763] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   44.976125][ T3763] batman_adv: batadv0: Removing interface: batadv_slave_1
[   45.028735][ T3767] loop3: detected capacity change from 0 to 512
[   45.045465][ T3767] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   45.053497][ T3767] EXT4-fs (loop3): orphan cleanup on readonly fs
[   45.061459][ T3767] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.73: corrupted inode contents
[   45.073882][ T3767] EXT4-fs (loop3): Remounting filesystem read-only
[   45.080972][ T3767] EXT4-fs (loop3): 1 truncate cleaned up
[   45.086866][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   45.097499][   T12] Quota error (device loop3): write_blk: dquota write failed
[   45.104918][   T12] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[   45.115000][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   45.125559][   T12] Quota error (device loop3): write_blk: dquota write failed
[   45.138897][   T12] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   45.149781][ T3767] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.150047][ T3771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   45.163860][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.180093][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   45.186293][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   45.216825][ T3771] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   45.228788][ T3771] loop2: detected capacity change from 0 to 128
[   45.237720][ T3771] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   45.250245][ T3771] ext4 filesystem being mounted at /20/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   45.257737][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.284215][ T3771] netlink: 14 bytes leftover after parsing attributes in process `syz.2.75'.
[   45.301343][ T3775] SELinux:  Context system_u: is not valid (left unmapped).
[   45.317405][ T3778] FAULT_INJECTION: forcing a failure.
[   45.317405][ T3778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   45.330566][ T3778] CPU: 0 UID: 0 PID: 3778 Comm: syz.4.74 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.330598][ T3778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   45.330641][ T3778] Call Trace:
[   45.330649][ T3778]  <TASK>
[   45.330663][ T3778]  __dump_stack+0x1d/0x30
[   45.330693][ T3778]  dump_stack_lvl+0x95/0xd0
[   45.330721][ T3778]  dump_stack+0x15/0x1b
[   45.330747][ T3778]  should_fail_ex+0x265/0x280
[   45.330819][ T3778]  should_fail+0xb/0x20
[   45.330844][ T3778]  should_fail_usercopy+0x1a/0x20
[   45.330873][ T3778]  _copy_to_user+0x20/0xa0
[   45.330906][ T3778]  simple_read_from_buffer+0xb5/0x130
[   45.331014][ T3778]  proc_fail_nth_read+0x10e/0x150
[   45.331051][ T3778]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   45.331103][ T3778]  vfs_read+0x1a8/0x770
[   45.331120][ T3778]  ? selinux_ismaclabel+0x27/0x40
[   45.331179][ T3778]  ? rb_next+0x5c/0x80
[   45.331205][ T3778]  ? simple_xattr_list+0x2c9/0x2f0
[   45.331250][ T3778]  ksys_read+0xda/0x1a0
[   45.331275][ T3778]  __x64_sys_read+0x40/0x50
[   45.331300][ T3778]  x64_sys_call+0x2889/0x3000
[   45.331370][ T3778]  do_syscall_64+0xca/0x2b0
[   45.331412][ T3778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.331433][ T3778] RIP: 0033:0x7f9f11e8e15c
[   45.331450][ T3778] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   45.331472][ T3778] RSP: 002b:00007f9f108ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   45.331522][ T3778] RAX: ffffffffffffffda RBX: 00007f9f120e5fa0 RCX: 00007f9f11e8e15c
[   45.331535][ T3778] RDX: 000000000000000f RSI: 00007f9f108ef0a0 RDI: 0000000000000004
[   45.331552][ T3778] RBP: 00007f9f108ef090 R08: 0000000000000000 R09: 0000000000000000
[   45.331578][ T3778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.331590][ T3778] R13: 00007f9f120e6038 R14: 00007f9f120e5fa0 R15: 00007ffd751d77b8
[   45.331609][ T3778]  </TASK>
[   45.530277][ T3771] netlink: 43 bytes leftover after parsing attributes in process `syz.2.75'.
[   45.540391][ T3771] tipc: Started in network mode
[   45.545405][ T3771] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[   45.552619][ T3771] tipc: Enabled bearer <eth:vlan0>, priority 10
[   45.608408][ T3775] netlink: 48 bytes leftover after parsing attributes in process `syz.1.78'.
[   45.638833][ T3775] tipc: Resetting bearer <eth:vlan0>
[   45.648171][ T3775] tipc: Disabling bearer <eth:vlan0>
[   45.687219][ T3791] loop3: detected capacity change from 0 to 512
[   45.705852][ T3791] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   45.717508][ T3784] loop4: detected capacity change from 0 to 512
[   45.727615][ T3784] EXT4-fs: Ignoring removed oldalloc option
[   45.734069][ T3791] EXT4-fs (loop3): orphan cleanup on readonly fs
[   45.767056][ T3784] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.80: Parent and EA inode have the same ino 15
[   45.775391][ T3791] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.82: corrupted inode contents
[   45.797858][ T3784] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.80: Parent and EA inode have the same ino 15
[   45.815573][ T3784] EXT4-fs (loop4): 1 orphan inode deleted
[   45.824841][ T3791] EXT4-fs (loop3): Remounting filesystem read-only
[   45.827773][ T3784] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.831973][ T3791] EXT4-fs (loop3): 1 truncate cleaned up
[   45.849818][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   45.860524][   T31] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   45.872872][   T31] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   45.888272][ T3791] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.916813][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.937838][ T3803] netlink: 'syz.3.84': attribute type 13 has an invalid length.
[   45.949378][ T3803] gretap0: refused to change device tx_queue_len
[   45.956612][ T3803] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   45.989576][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.032407][ T3811] netlink: 28 bytes leftover after parsing attributes in process `syz.4.87'.
[   46.041281][ T3811] netlink: 28 bytes leftover after parsing attributes in process `syz.4.87'.
[   46.050850][ T3812] FAULT_INJECTION: forcing a failure.
[   46.050850][ T3812] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   46.063979][ T3812] CPU: 0 UID: 0 PID: 3812 Comm: syz.3.88 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.064087][ T3812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   46.064100][ T3812] Call Trace:
[   46.064107][ T3812]  <TASK>
[   46.064121][ T3812]  __dump_stack+0x1d/0x30
[   46.064197][ T3812]  dump_stack_lvl+0x95/0xd0
[   46.064225][ T3812]  dump_stack+0x15/0x1b
[   46.064295][ T3812]  should_fail_ex+0x265/0x280
[   46.064330][ T3812]  should_fail+0xb/0x20
[   46.064355][ T3812]  should_fail_usercopy+0x1a/0x20
[   46.064383][ T3812]  _copy_from_user+0x1c/0xb0
[   46.064410][ T3812]  ___sys_sendmsg+0xc1/0x1d0
[   46.064468][ T3812]  __x64_sys_sendmsg+0xd4/0x160
[   46.064511][ T3812]  x64_sys_call+0x17ba/0x3000
[   46.064609][ T3812]  do_syscall_64+0xca/0x2b0
[   46.064649][ T3812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.064682][ T3812] RIP: 0033:0x7f10dfdaf749
[   46.064700][ T3812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.064802][ T3812] RSP: 002b:00007f10de817038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   46.064827][ T3812] RAX: ffffffffffffffda RBX: 00007f10e0005fa0 RCX: 00007f10dfdaf749
[   46.064844][ T3812] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005
[   46.064857][ T3812] RBP: 00007f10de817090 R08: 0000000000000000 R09: 0000000000000000
[   46.064869][ T3812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.064880][ T3812] R13: 00007f10e0006038 R14: 00007f10e0005fa0 R15: 00007ffc1a4362f8
[   46.064932][ T3812]  </TASK>
[   46.237158][ T3320] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   46.250977][ T3813] loop4: detected capacity change from 0 to 128
[   46.288536][ T3817] loop2: detected capacity change from 0 to 512
[   46.301861][ T3817] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.334235][ T3817] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.377922][ T3817] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   46.429546][ T3811] syz.4.87: attempt to access beyond end of device
[   46.429546][ T3811] loop4: rw=2049, sector=169, nr_sectors = 24 limit=128
[   46.443113][ T3811] syz.4.87: attempt to access beyond end of device
[   46.443113][ T3811] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128
[   46.456515][ T3811] syz.4.87: attempt to access beyond end of device
[   46.456515][ T3811] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128
[   46.470146][ T3811] syz.4.87: attempt to access beyond end of device
[   46.470146][ T3811] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128
[   46.483592][ T3811] syz.4.87: attempt to access beyond end of device
[   46.483592][ T3811] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128
[   46.497178][ T3811] syz.4.87: attempt to access beyond end of device
[   46.497178][ T3811] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128
[   46.510718][ T3811] syz.4.87: attempt to access beyond end of device
[   46.510718][ T3811] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[   46.524366][ T3811] syz.4.87: attempt to access beyond end of device
[   46.524366][ T3811] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128
[   46.537958][ T3811] syz.4.87: attempt to access beyond end of device
[   46.537958][ T3811] loop4: rw=2049, sector=313, nr_sectors = 8 limit=128
[   46.551428][ T3811] syz.4.87: attempt to access beyond end of device
[   46.551428][ T3811] loop4: rw=2049, sector=329, nr_sectors = 8 limit=128
[   46.594776][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.634205][ T1040] tipc: Node number set to 10005162
[   46.712614][ T3834] loop4: detected capacity change from 0 to 512
[   46.727236][ T3836] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pid=3836 comm=syz.0.96
[   46.741186][ T3834] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   46.759796][ T3834] EXT4-fs (loop4): 1 truncate cleaned up
[   46.767984][ T3834] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.802063][ T3836] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.823718][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.830366][ T3836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.858186][ T3843] netlink: 'syz.4.97': attribute type 13 has an invalid length.
[   46.868032][ T3836] FAULT_INJECTION: forcing a failure.
[   46.868032][ T3836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   46.881135][ T3836] CPU: 1 UID: 0 PID: 3836 Comm: wÞ£ÿ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.881212][ T3836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   46.881226][ T3836] Call Trace:
[   46.881234][ T3836]  <TASK>
[   46.881243][ T3836]  __dump_stack+0x1d/0x30
[   46.881347][ T3836]  dump_stack_lvl+0x95/0xd0
[   46.881446][ T3836]  dump_stack+0x15/0x1b
[   46.881493][ T3836]  should_fail_ex+0x265/0x280
[   46.881575][ T3836]  should_fail+0xb/0x20
[   46.881596][ T3836]  should_fail_usercopy+0x1a/0x20
[   46.881659][ T3836]  _copy_from_user+0x1c/0xb0
[   46.881689][ T3836]  ___sys_sendmsg+0xc1/0x1d0
[   46.881736][ T3836]  __x64_sys_sendmsg+0xd4/0x160
[   46.881806][ T3836]  x64_sys_call+0x17ba/0x3000
[   46.881833][ T3836]  do_syscall_64+0xca/0x2b0
[   46.881918][ T3836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.881989][ T3836] RIP: 0033:0x7f081cc1f749
[   46.882006][ T3836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.882026][ T3836] RSP: 002b:00007f081b67f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   46.882048][ T3836] RAX: ffffffffffffffda RBX: 00007f081ce75fa0 RCX: 00007f081cc1f749
[   46.882061][ T3836] RDX: 0000000000004000 RSI: 0000200000000000 RDI: 000000000000000d
[   46.882103][ T3836] RBP: 00007f081b67f090 R08: 0000000000000000 R09: 0000000000000000
[   46.882117][ T3836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.882129][ T3836] R13: 00007f081ce76038 R14: 00007f081ce75fa0 R15: 00007ffface586e8
[   46.882150][ T3836]  </TASK>
[   47.053866][ T3843] gretap0: refused to change device tx_queue_len
[   47.061107][ T3843] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   47.119139][ T3845] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.130204][ T3818] delete_channel: no stack
[   47.136480][ T3845] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.98: bg 0: block 112: padding at end of block bitmap is not set
[   47.151018][ T3845] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[   47.163483][ T3845] EXT4-fs (loop1): This should not happen!! Data will be lost
[   47.163483][ T3845] 
[   47.177844][ T3849] sctp: [Deprecated]: syz.4.99 (pid 3849) Use of int in max_burst socket option deprecated.
[   47.177844][ T3849] Use struct sctp_assoc_value instead
[   47.202276][ T3852] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   47.212690][ T3845] syz.1.98 (3845) used greatest stack depth: 9720 bytes left
[   47.224501][ T3852] EXT4-fs (loop0): 1 truncate cleaned up
[   47.308716][ T3862] netlink: 'syz.1.104': attribute type 1 has an invalid length.
[   47.316443][ T3862] netlink: 'syz.1.104': attribute type 4 has an invalid length.
[   47.324227][ T3862] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.104'.
[   47.343328][ T3862] SELinux: failed to load policy
[   47.367770][ T3866] ext4: Unknown parameter 'obj_role'
[   47.448293][ T3875] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   47.474351][ T3826] delete_channel: no stack
[   47.499209][ T3875] EXT4-fs (loop1): 1 truncate cleaned up
[   47.541636][ T3881] EXT4-fs: Ignoring removed oldalloc option
[   47.561006][ T3881] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.108: Parent and EA inode have the same ino 15
[   47.618430][ T3881] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.108: Parent and EA inode have the same ino 15
[   47.634712][ T3881] EXT4-fs (loop3): 1 orphan inode deleted
[   47.741037][ T3893] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   47.763162][ T3893] EXT4-fs (loop2): 1 truncate cleaned up
[   47.785718][ T3898] netlink: 24 bytes leftover after parsing attributes in process `syz.3.115'.
[   47.955712][ T3907] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   47.970042][ T3907] EXT4-fs (loop1): orphan cleanup on readonly fs
[   47.977911][ T3907] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #16: comm syz.1.119: corrupted inode contents
[   47.990098][ T3907] EXT4-fs (loop1): Remounting filesystem read-only
[   47.997747][ T3907] EXT4-fs (loop1): 1 truncate cleaned up
[   48.003689][  T333] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   48.014381][  T333] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   48.025429][  T333] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   48.116822][ T3924] netlink: 24 bytes leftover after parsing attributes in process `syz.2.124'.
[   48.162503][ T3928] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   48.172065][ T3928] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   48.178529][ T3926] vfat: Unknown parameter ''
[   48.192083][ T3928] ext4 filesystem being mounted at /27/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   48.198541][ T3926] netlink: 28 bytes leftover after parsing attributes in process `syz.1.125'.
[   48.240805][ T3928] tipc: Enabling of bearer <eth:vlan0> rejected, already enabled
[   48.249635][ T3869] delete_channel: no stack
[   48.283636][ T3931] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   48.298962][ T3931] EXT4-fs (loop1): 1 truncate cleaned up
[   48.438866][ T3944] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   48.447471][ T3944] EXT4-fs (loop1): orphan cleanup on readonly fs
[   48.455651][ T3944] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #16: comm syz.1.133: corrupted inode contents
[   48.473525][ T3944] EXT4-fs (loop1): Remounting filesystem read-only
[   48.480408][ T3944] EXT4-fs (loop1): 1 truncate cleaned up
[   48.486810][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   48.497410][   T52] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   48.509854][   T52] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   48.588480][ T3956] vfat: Unknown parameter ''
[   48.659686][ T3959] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   48.671616][ T3959] EXT4-fs (loop4): 1 truncate cleaned up
[   48.781769][ T3977] FAULT_INJECTION: forcing a failure.
[   48.781769][ T3977] name failslab, interval 1, probability 0, space 0, times 1
[   48.794493][ T3977] CPU: 1 UID: 0 PID: 3977 Comm: syz.4.146 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.794526][ T3977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   48.794541][ T3977] Call Trace:
[   48.794549][ T3977]  <TASK>
[   48.794559][ T3977]  __dump_stack+0x1d/0x30
[   48.794587][ T3977]  dump_stack_lvl+0x95/0xd0
[   48.794638][ T3977]  dump_stack+0x15/0x1b
[   48.794662][ T3977]  should_fail_ex+0x265/0x280
[   48.794691][ T3977]  should_failslab+0x8c/0xb0
[   48.794776][ T3977]  kmem_cache_alloc_noprof+0x69/0x4b0
[   48.794804][ T3977]  ? getname_flags+0x80/0x3b0
[   48.794837][ T3977]  getname_flags+0x80/0x3b0
[   48.794866][ T3977]  __se_sys_acct+0x6a/0x520
[   48.794978][ T3977]  __x64_sys_acct+0x1f/0x30
[   48.795067][ T3977]  x64_sys_call+0x2923/0x3000
[   48.795099][ T3977]  do_syscall_64+0xca/0x2b0
[   48.795235][ T3977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.795264][ T3977] RIP: 0033:0x7f9f11e8f749
[   48.795284][ T3977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.795366][ T3977] RSP: 002b:00007f9f108ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[   48.795386][ T3977] RAX: ffffffffffffffda RBX: 00007f9f120e5fa0 RCX: 00007f9f11e8f749
[   48.795402][ T3977] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[   48.795417][ T3977] RBP: 00007f9f108ef090 R08: 0000000000000000 R09: 0000000000000000
[   48.795432][ T3977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.795476][ T3977] R13: 00007f9f120e6038 R14: 00007f9f120e5fa0 R15: 00007ffd751d77b8
[   48.795510][ T3977]  </TASK>
[   48.985343][ T3979] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   48.994394][ T3979] EXT4-fs (loop0): orphan cleanup on readonly fs
[   49.020770][ T3979] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #16: comm syz.0.147: corrupted inode contents
[   49.045393][ T3979] EXT4-fs (loop0): Remounting filesystem read-only
[   49.052434][ T3979] EXT4-fs (loop0): 1 truncate cleaned up
[   49.058291][  T264] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   49.069022][  T264] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   49.079887][  T264] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   49.100859][ T3986] set_capacity_and_notify: 18 callbacks suppressed
[   49.100878][ T3986] loop2: detected capacity change from 0 to 2048
[   49.159861][ T3996] 9p: Bad value for 'wfdno'
[   49.164905][ T3996] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   49.203662][ T4002] loop1: detected capacity change from 0 to 512
[   49.211810][ T4002] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   49.223668][ T4002] EXT4-fs (loop1): 1 truncate cleaned up
[   49.334154][   T29] kauditd_printk_skb: 1346 callbacks suppressed
[   49.334172][   T29] audit: type=1400 audit(1768398652.155:2462): avc:  denied  { audit_write } for  pid=4016 comm="syz.2.159" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   49.343970][ T4017] loop2: detected capacity change from 0 to 512
[   49.361733][   T29] audit: type=1107 audit(1768398652.155:2463): pid=4016 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[   49.405136][ T4017] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   49.432657][ T4025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.441499][ T4025] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.454434][ T4025] loop4: detected capacity change from 0 to 128
[   49.483352][ T4025] ext4 filesystem being mounted at /36/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   49.522722][ T4017] EXT4-fs (loop2): 1 truncate cleaned up
[   49.536471][   T29] audit: type=1326 audit(1768398652.365:2464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4014 comm="syz.1.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   49.560144][   T29] audit: type=1326 audit(1768398652.365:2465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4014 comm="syz.1.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   49.583708][   T29] audit: type=1326 audit(1768398652.365:2466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4014 comm="syz.1.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   49.607159][   T29] audit: type=1326 audit(1768398652.365:2467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4014 comm="syz.1.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   49.630563][   T29] audit: type=1326 audit(1768398652.365:2468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4014 comm="syz.1.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   49.654081][   T29] audit: type=1326 audit(1768398652.365:2469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4014 comm="syz.1.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   49.667996][ T4030] tipc: Started in network mode
[   49.677672][   T29] audit: type=1326 audit(1768398652.365:2470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4014 comm="syz.1.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   49.682621][ T4030] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[   49.706154][   T29] audit: type=1326 audit(1768398652.365:2471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4014 comm="syz.1.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   49.713446][ T4030] tipc: Enabled bearer <eth:vlan0>, priority 10
[   49.738164][ T4029] loop3: detected capacity change from 0 to 512
[   49.772615][ T4029] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   49.782502][ T4029] EXT4-fs (loop3): orphan cleanup on readonly fs
[   49.790439][ T4029] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.164: corrupted inode contents
[   49.823746][ T4029] EXT4-fs (loop3): Remounting filesystem read-only
[   49.830584][ T4029] EXT4-fs (loop3): 1 truncate cleaned up
[   49.836360][  T827] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   49.846938][  T827] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   49.859806][  T827] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   49.900226][ T4041] SELinux:  Context system_u:object_r:dpkg_exec_t:s0 is not valid (left unmapped).
[   49.920036][ T4043] FAULT_INJECTION: forcing a failure.
[   49.920036][ T4043] name failslab, interval 1, probability 0, space 0, times 0
[   49.932756][ T4043] CPU: 1 UID: 0 PID: 4043 Comm: syz.2.167 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   49.932788][ T4043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   49.932830][ T4043] Call Trace:
[   49.932838][ T4043]  <TASK>
[   49.932847][ T4043]  __dump_stack+0x1d/0x30
[   49.932875][ T4043]  dump_stack_lvl+0x95/0xd0
[   49.932901][ T4043]  dump_stack+0x15/0x1b
[   49.932924][ T4043]  should_fail_ex+0x265/0x280
[   49.932963][ T4043]  should_failslab+0x8c/0xb0
[   49.932983][ T4043]  kmem_cache_alloc_noprof+0x69/0x4b0
[   49.933063][ T4043]  ? getname_flags+0x80/0x3b0
[   49.933093][ T4043]  getname_flags+0x80/0x3b0
[   49.933121][ T4043]  user_path_at+0x28/0x130
[   49.933239][ T4043]  do_faccessat+0x380/0x800
[   49.933281][ T4043]  __x64_sys_faccessat+0x41/0x50
[   49.933309][ T4043]  x64_sys_call+0x88a/0x3000
[   49.933336][ T4043]  do_syscall_64+0xca/0x2b0
[   49.933506][ T4043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.933527][ T4043] RIP: 0033:0x7f62e068f749
[   49.933604][ T4043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.933621][ T4043] RSP: 002b:00007f62df0f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000010d
[   49.933641][ T4043] RAX: ffffffffffffffda RBX: 00007f62e08e5fa0 RCX: 00007f62e068f749
[   49.933658][ T4043] RDX: 0000000000000005 RSI: 0000200000000000 RDI: 0000000000000003
[   49.933674][ T4043] RBP: 00007f62df0f7090 R08: 0000000000000000 R09: 0000000000000000
[   49.933766][ T4043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.933782][ T4043] R13: 00007f62e08e6038 R14: 00007f62e08e5fa0 R15: 00007ffc26a164e8
[   49.933802][ T4043]  </TASK>
[   50.132867][ T4046] loop3: detected capacity change from 0 to 2048
[   50.298704][ T4058] lo speed is unknown, defaulting to 1000
[   50.304516][ T4058] lo speed is unknown, defaulting to 1000
[   50.310507][ T4058] lo speed is unknown, defaulting to 1000
[   50.321634][ T4058] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   50.333924][ T4058] lo speed is unknown, defaulting to 1000
[   50.340356][ T4058] lo speed is unknown, defaulting to 1000
[   50.350041][ T4058] lo speed is unknown, defaulting to 1000
[   50.361653][ T4061] loop2: detected capacity change from 0 to 128
[   50.369999][ T4061] vfat: Unknown parameter ''
[   50.376214][ T4058] lo speed is unknown, defaulting to 1000
[   50.382521][ T4058] lo speed is unknown, defaulting to 1000
[   50.435038][ T4061] __nla_validate_parse: 9 callbacks suppressed
[   50.435055][ T4061] netlink: 28 bytes leftover after parsing attributes in process `syz.2.174'.
[   50.493360][ T4068] netlink: 48 bytes leftover after parsing attributes in process `syz.2.177'.
[   50.524823][ T4068] tipc: Resetting bearer <eth:vlan0>
[   50.542072][ T4068] tipc: Disabling bearer <eth:vlan0>
[   50.629352][ T4079] loop4: detected capacity change from 0 to 2048
[   50.739288][ T4095] loop4: detected capacity change from 0 to 128
[   50.759821][ T4095] vfat: Unknown parameter ''
[   50.787083][ T4095] netlink: 28 bytes leftover after parsing attributes in process `syz.4.187'.
[   50.804231][   T23] tipc: Node number set to 10005162
[   50.824004][ T4103] FAULT_INJECTION: forcing a failure.
[   50.824004][ T4103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   50.837384][ T4103] CPU: 0 UID: 0 PID: 4103 Comm: syz.4.192 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.837413][ T4103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   50.837440][ T4103] Call Trace:
[   50.837448][ T4103]  <TASK>
[   50.837456][ T4103]  __dump_stack+0x1d/0x30
[   50.837544][ T4103]  dump_stack_lvl+0x95/0xd0
[   50.837570][ T4103]  dump_stack+0x15/0x1b
[   50.837589][ T4103]  should_fail_ex+0x265/0x280
[   50.837611][ T4103]  should_fail+0xb/0x20
[   50.837628][ T4103]  should_fail_usercopy+0x1a/0x20
[   50.837721][ T4103]  _copy_from_user+0x1c/0xb0
[   50.837755][ T4103]  ___sys_sendmsg+0xc1/0x1d0
[   50.837808][ T4103]  __x64_sys_sendmsg+0xd4/0x160
[   50.837918][ T4103]  x64_sys_call+0x17ba/0x3000
[   50.837986][ T4103]  do_syscall_64+0xca/0x2b0
[   50.838026][ T4103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.838053][ T4103] RIP: 0033:0x7f9f11e8f749
[   50.838072][ T4103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.838159][ T4103] RSP: 002b:00007f9f108ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   50.838183][ T4103] RAX: ffffffffffffffda RBX: 00007f9f120e5fa0 RCX: 00007f9f11e8f749
[   50.838199][ T4103] RDX: 0000000000000020 RSI: 0000200000000340 RDI: 0000000000000003
[   50.838211][ T4103] RBP: 00007f9f108ef090 R08: 0000000000000000 R09: 0000000000000000
[   50.838223][ T4103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.838233][ T4103] R13: 00007f9f120e6038 R14: 00007f9f120e5fa0 R15: 00007ffd751d77b8
[   50.838251][ T4103]  </TASK>
[   51.049991][ T4112] loop0: detected capacity change from 0 to 512
[   51.085495][ T4114] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   51.105148][ T4114] EXT4-fs (loop2): orphan cleanup on readonly fs
[   51.137371][ T4112] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   51.145522][ T4112] EXT4-fs (loop0): orphan cleanup on readonly fs
[   51.154826][ T4112] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #16: comm syz.0.196: corrupted inode contents
[   51.185266][ T4106] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   51.194293][ T4114] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.197: corrupted inode contents
[   51.207720][ T4106] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   51.226365][ T4112] EXT4-fs (loop0): Remounting filesystem read-only
[   51.234814][ T4114] EXT4-fs (loop2): Remounting filesystem read-only
[   51.244804][ T4112] EXT4-fs (loop0): 1 truncate cleaned up
[   51.250641][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   51.261234][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   51.263672][ T4114] EXT4-fs (loop2): 1 truncate cleaned up
[   51.272317][   T31] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   51.287832][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   51.298463][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   51.310744][ T4119] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   51.325551][   T31] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   51.359197][ T4125] fido_id[4125]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   51.483402][ T4138] siw: device registration error -23
[   51.512430][ T4136] lo speed is unknown, defaulting to 1000
[   51.562759][ T4148] netlink: 28 bytes leftover after parsing attributes in process `syz.0.207'.
[   51.571762][ T4148] netlink: 28 bytes leftover after parsing attributes in process `syz.0.207'.
[   51.587933][ T4151] EXT4-fs: inline encryption not supported
[   51.710851][ T4159] EXT4-fs: Ignoring removed oldalloc option
[   51.749980][ T4159] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.210: Parent and EA inode have the same ino 15
[   51.771172][ T4159] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.210: Parent and EA inode have the same ino 15
[   51.797182][ T4159] EXT4-fs (loop1): 1 orphan inode deleted
[   52.057148][ T4169] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   52.071482][ T4169] EXT4-fs (loop4): orphan cleanup on readonly fs
[   52.079825][ T4169] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.213: corrupted inode contents
[   52.092882][ T4169] EXT4-fs (loop4): Remounting filesystem read-only
[   52.099724][ T4169] EXT4-fs (loop4): 1 truncate cleaned up
[   52.106584][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   52.117226][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   52.173393][   T31] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   52.221487][ T4175] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   52.249029][ T4175] EXT4-fs (loop1): 1 truncate cleaned up
[   52.406045][ T4185] vfat: Unknown parameter ''
[   52.427762][ T4185] netlink: 28 bytes leftover after parsing attributes in process `syz.1.219'.
[   52.438758][ T4189] netlink: 48 bytes leftover after parsing attributes in process `syz.3.222'.
[   52.459053][ T4190] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   52.470627][ T4189] tipc: Resetting bearer <eth:vlan0>
[   52.505763][ T4189] tipc: Disabling bearer <eth:vlan0>
[   52.527348][ T4148] bio_check_eod: 97 callbacks suppressed
[   52.527363][ T4148] syz.0.207: attempt to access beyond end of device
[   52.527363][ T4148] loop0: rw=2049, sector=169, nr_sectors = 24 limit=128
[   52.592229][ T4148] syz.0.207: attempt to access beyond end of device
[   52.592229][ T4148] loop0: rw=2049, sector=201, nr_sectors = 8 limit=128
[   52.606405][ T4148] syz.0.207: attempt to access beyond end of device
[   52.606405][ T4148] loop0: rw=2049, sector=217, nr_sectors = 8 limit=128
[   52.644089][ T4148] syz.0.207: attempt to access beyond end of device
[   52.644089][ T4148] loop0: rw=2049, sector=233, nr_sectors = 8 limit=128
[   52.660037][ T4197] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   52.672607][ T4148] syz.0.207: attempt to access beyond end of device
[   52.672607][ T4148] loop0: rw=2049, sector=249, nr_sectors = 8 limit=128
[   52.696982][ T4148] syz.0.207: attempt to access beyond end of device
[   52.696982][ T4148] loop0: rw=2049, sector=265, nr_sectors = 8 limit=128
[   52.709408][ T4206] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   52.710905][ T4148] syz.0.207: attempt to access beyond end of device
[   52.710905][ T4148] loop0: rw=2049, sector=281, nr_sectors = 8 limit=128
[   52.720851][ T4197] EXT4-fs (loop3): orphan cleanup on readonly fs
[   52.734025][ T4148] syz.0.207: attempt to access beyond end of device
[   52.734025][ T4148] loop0: rw=2049, sector=297, nr_sectors = 8 limit=128
[   52.753756][ T4148] syz.0.207: attempt to access beyond end of device
[   52.753756][ T4148] loop0: rw=2049, sector=313, nr_sectors = 8 limit=128
[   52.775066][ T4206] EXT4-fs (loop1): 1 truncate cleaned up
[   52.784244][ T4197] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.227: corrupted inode contents
[   52.796261][ T4148] syz.0.207: attempt to access beyond end of device
[   52.796261][ T4148] loop0: rw=2049, sector=329, nr_sectors = 8 limit=128
[   52.822919][ T4197] EXT4-fs (loop3): Remounting filesystem read-only
[   52.829817][ T4197] EXT4-fs (loop3): 1 truncate cleaned up
[   52.835717][   T53] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   52.846439][   T53] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   52.895526][   T53] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   52.939846][ T4218] vfat: Unknown parameter ''
[   52.954873][ T4218] netlink: 28 bytes leftover after parsing attributes in process `syz.4.234'.
[   53.070209][ T4236] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   53.082276][ T4236] EXT4-fs (loop1): 1 truncate cleaned up
[   53.294911][ T4255] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   53.303289][ T4255] EXT4-fs (loop0): orphan cleanup on readonly fs
[   53.311390][ T4255] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #16: comm syz.0.248: corrupted inode contents
[   53.323634][ T4255] EXT4-fs (loop0): Remounting filesystem read-only
[   53.330317][ T4255] EXT4-fs (loop0): 1 truncate cleaned up
[   53.336300][   T12] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   53.346904][   T12] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   53.357597][   T12] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   53.392079][ T4259] vfat: Unknown parameter ''
[   53.400245][ T4259] netlink: 28 bytes leftover after parsing attributes in process `syz.0.249'.
[   53.468431][ T4266] siw: device registration error -23
[   53.540349][ T4273] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   53.551931][ T4273] EXT4-fs (loop0): 1 truncate cleaned up
[   53.855372][ T4293] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   53.863639][ T4293] EXT4-fs (loop3): orphan cleanup on readonly fs
[   53.871552][ T4293] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.260: corrupted inode contents
[   53.883960][ T4293] EXT4-fs (loop3): Remounting filesystem read-only
[   53.891256][ T4293] EXT4-fs (loop3): 1 truncate cleaned up
[   53.897070][   T37] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   53.907652][   T37] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   53.918305][   T37] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   53.951219][ T4297] vfat: Unknown parameter ''
[   53.959884][ T4297] netlink: 28 bytes leftover after parsing attributes in process `syz.3.261'.
[   54.019656][ T4301] siw: device registration error -23
[   54.074049][ T4309] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   54.187764][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[   54.246415][ T4326] set_capacity_and_notify: 21 callbacks suppressed
[   54.246434][ T4326] loop1: detected capacity change from 0 to 512
[   54.266373][ T4326] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   54.274874][ T4326] EXT4-fs (loop1): orphan cleanup on readonly fs
[   54.284407][ T4326] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #16: comm syz.1.274: corrupted inode contents
[   54.299660][ T4326] EXT4-fs (loop1): Remounting filesystem read-only
[   54.306501][ T4326] EXT4-fs (loop1): 1 truncate cleaned up
[   54.312250][  T264] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   54.322820][  T264] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   54.333502][  T264] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   54.398730][ T4333] loop2: detected capacity change from 0 to 1024
[   54.407531][ T4333] EXT4-fs: inline encryption not supported
[   54.430422][ T4333] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   54.447354][ T4333] batman_adv: batadv0: Removing interface: batadv_slave_1
[   54.466965][ T4341] siw: device registration error -23
[   54.512725][ T4345] loop4: detected capacity change from 0 to 764
[   54.521771][ T4345] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   54.619343][ T4355] loop2: detected capacity change from 0 to 128
[   54.641653][ T4355] vfat: Unknown parameter ''
[   54.650947][ T4359] loop4: detected capacity change from 0 to 512
[   54.675861][ T4359] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   54.683987][ T4359] EXT4-fs (loop4): orphan cleanup on readonly fs
[   54.693749][ T4359] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.287: corrupted inode contents
[   54.706208][ T4359] EXT4-fs (loop4): Remounting filesystem read-only
[   54.712814][ T4359] EXT4-fs (loop4): 1 truncate cleaned up
[   54.718780][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   54.729370][   T12] __quota_error: 931 callbacks suppressed
[   54.729389][   T12] Quota error (device loop4): write_blk: dquota write failed
[   54.742574][   T12] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries
[   54.752735][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   54.763329][   T12] Quota error (device loop4): write_blk: dquota write failed
[   54.770758][   T12] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list
[   54.784729][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   54.794919][   T12] Quota error (device loop4): v2_write_file_info: Can't write info structure
[   54.802244][   T29] audit: type=1326 audit(1768398657.625:3355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4356 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f081cc1f749 code=0x7ffc0000
[   54.805485][   T12] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   54.862436][ T4371] loop0: detected capacity change from 0 to 1024
[   54.863414][   T29] audit: type=1326 audit(1768398657.665:3356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4356 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f081cc1f749 code=0x7ffc0000
[   54.892288][   T29] audit: type=1326 audit(1768398657.665:3357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4356 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f081cc1f749 code=0x7ffc0000
[   54.899436][ T4371] EXT4-fs: inline encryption not supported
[   54.915735][   T29] audit: type=1326 audit(1768398657.665:3358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4356 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f081cc1f749 code=0x7ffc0000
[   55.049375][ T4389] loop0: detected capacity change from 0 to 764
[   55.060196][ T4389] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   55.113030][ T4395] loop4: detected capacity change from 0 to 512
[   55.122111][ T4395] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   55.138394][ T4395] EXT4-fs (loop4): 1 truncate cleaned up
[   55.201418][ T4400] siw: device registration error -23
[   55.219776][ T4393] lo speed is unknown, defaulting to 1000
[   55.246699][ T4405] loop4: detected capacity change from 0 to 512
[   55.268151][ T4405] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   55.283151][ T4405] EXT4-fs (loop4): orphan cleanup on readonly fs
[   55.296235][ T4409] loop1: detected capacity change from 0 to 1024
[   55.313860][ T4405] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.301: corrupted inode contents
[   55.314078][ T4409] EXT4-fs: inline encryption not supported
[   55.334139][ T4405] EXT4-fs (loop4): Remounting filesystem read-only
[   55.340920][ T4405] EXT4-fs (loop4): 1 truncate cleaned up
[   55.346872][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   55.357540][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   55.371113][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   55.553599][ T4417] EXT4-fs: Ignoring removed oldalloc option
[   55.572769][ T4417] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.304: Parent and EA inode have the same ino 15
[   55.589740][ T4426] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   55.606023][ T4417] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.304: Parent and EA inode have the same ino 15
[   55.636827][ T4417] EXT4-fs (loop1): 1 orphan inode deleted
[   55.755068][ T4439] EXT4-fs: inline encryption not supported
[   55.770761][ T4439] __nla_validate_parse: 9 callbacks suppressed
[   55.770776][ T4439] netlink: 4 bytes leftover after parsing attributes in process `syz.1.313'.
[   55.825251][ T4444] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   55.835016][ T4444] EXT4-fs (loop1): orphan cleanup on readonly fs
[   55.858551][ T4444] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #16: comm syz.1.314: corrupted inode contents
[   55.872988][ T4444] EXT4-fs (loop1): Remounting filesystem read-only
[   55.884543][ T4444] EXT4-fs (loop1): 1 truncate cleaned up
[   55.892938][  T264] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   55.903565][  T264] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   55.934521][ T4448] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   55.942649][ T4392] delete_channel: no stack
[   55.945959][  T264] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   55.957466][ T4448] EXT4-fs (loop2): orphan cleanup on readonly fs
[   55.968237][ T4448] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.315: corrupted inode contents
[   55.985582][ T4448] EXT4-fs (loop2): Remounting filesystem read-only
[   55.992469][ T4448] EXT4-fs (loop2): 1 truncate cleaned up
[   55.998339][   T37] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   56.008924][   T37] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   56.045335][   T37] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   56.131340][ T4460] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   56.200064][ T4462] netlink: 48 bytes leftover after parsing attributes in process `syz.2.320'.
[   56.214238][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   56.220635][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   56.290095][ T4464] netlink: 24 bytes leftover after parsing attributes in process `syz.1.321'.
[   56.311737][ T4471] EXT4-fs: inline encryption not supported
[   56.353247][ T3490] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   56.421191][ T3490] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   56.467928][ T4487] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[   56.476581][   T23] IPVS: starting estimator thread 0...
[   56.564198][ T4495] IPVS: using max 1728 ests per chain, 86400 per kthread
[   56.605284][ T4506] netlink: 24 bytes leftover after parsing attributes in process `syz.4.336'.
[   56.627963][ T4505] netlink: 48 bytes leftover after parsing attributes in process `syz.1.334'.
[   56.712450][ T4518] EXT4-fs: inline encryption not supported
[   56.754588][ T2968] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   56.767724][ T2968] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   56.837186][ T4526] fido_id[4526]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   56.999777][ T4543] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   57.056659][ T4551] netlink: 48 bytes leftover after parsing attributes in process `syz.2.349'.
[   57.084401][ T4543] EXT4-fs (loop1): orphan cleanup on readonly fs
[   57.120047][ T4543] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #16: comm syz.1.346: corrupted inode contents
[   57.170682][ T4558] netlink: 24 bytes leftover after parsing attributes in process `syz.2.352'.
[   57.181330][ T4543] EXT4-fs (loop1): Remounting filesystem read-only
[   57.194373][ T4543] EXT4-fs (loop1): 1 truncate cleaned up
[   57.237862][  T264] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   57.248521][  T264] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   57.292184][  T264] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   57.340191][ T3423] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   57.368355][ T3423] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   57.456421][ T4575] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   57.501106][ T4575] EXT4-fs (loop4): 1 truncate cleaned up
[   57.580493][ T4582] netlink: 28 bytes leftover after parsing attributes in process `syz.4.361'.
[   57.647002][ T4587] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   57.703360][ T4589] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   57.742236][ T4590] lo speed is unknown, defaulting to 1000
[   57.760232][ T4592] FAULT_INJECTION: forcing a failure.
[   57.760232][ T4592] name failslab, interval 1, probability 0, space 0, times 0
[   57.773080][ T4592] CPU: 0 UID: 0 PID: 4592 Comm: syz.3.364 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   57.773125][ T4592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   57.773141][ T4592] Call Trace:
[   57.773151][ T4592]  <TASK>
[   57.773160][ T4592]  __dump_stack+0x1d/0x30
[   57.773251][ T4592]  dump_stack_lvl+0x95/0xd0
[   57.773280][ T4592]  dump_stack+0x15/0x1b
[   57.773302][ T4592]  should_fail_ex+0x265/0x280
[   57.773377][ T4592]  should_failslab+0x8c/0xb0
[   57.773406][ T4592]  kmem_cache_alloc_noprof+0x69/0x4b0
[   57.773467][ T4592]  ? audit_log_start+0x342/0x720
[   57.773496][ T4592]  audit_log_start+0x342/0x720
[   57.773598][ T4592]  ? kstrtouint+0x76/0xc0
[   57.773622][ T4592]  audit_seccomp+0x48/0x100
[   57.773671][ T4592]  ? __seccomp_filter+0x832/0x1260
[   57.773768][ T4592]  __seccomp_filter+0x843/0x1260
[   57.773795][ T4592]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   57.773823][ T4592]  ? vfs_write+0x7e8/0x960
[   57.773892][ T4592]  __secure_computing+0x82/0x150
[   57.773925][ T4592]  syscall_trace_enter+0xcf/0x1e0
[   57.773956][ T4592]  do_syscall_64+0xa4/0x2b0
[   57.774000][ T4592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.774091][ T4592] RIP: 0033:0x7f10dfdaf749
[   57.774117][ T4592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.774134][ T4592] RSP: 002b:00007f10de817038 EFLAGS: 00000246 ORIG_RAX: 0000000000000145
[   57.774161][ T4592] RAX: ffffffffffffffda RBX: 00007f10e0005fa0 RCX: 00007f10dfdaf749
[   57.774177][ T4592] RDX: 0000000000000001 RSI: 0000000000001000 RDI: 000020000000b000
[   57.774192][ T4592] RBP: 00007f10de817090 R08: 0000000000000000 R09: 0000000000000000
[   57.774208][ T4592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.774277][ T4592] R13: 00007f10e0006038 R14: 00007f10e0005fa0 R15: 00007ffc1a4362f8
[   57.774303][ T4592]  </TASK>
[   58.091255][ T4599] netlink: 24 bytes leftover after parsing attributes in process `syz.1.366'.
[   58.196163][   T10] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   58.275335][   T10] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   58.317610][ T4618] fido_id[4618]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   58.376389][ T4624] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   58.413539][ T4626] EXT4-fs: inline encryption not supported
[   58.437205][ T4584] delete_channel: no stack
[   58.468062][ T4628] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   58.476918][ T4628] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   58.511616][ T4628] ext4 filesystem being mounted at /94/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   58.595570][ T4628] netlink: 14 bytes leftover after parsing attributes in process `syz.1.377'.
[   58.607068][ T4628] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[   58.685181][ T4636] EXT4-fs: inline encryption not supported
[   58.823910][ T4638] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.379: bg 0: block 248: padding at end of block bitmap is not set
[   58.838664][ T4638] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.379: Failed to acquire dquot type 1
[   58.877936][ T4638] EXT4-fs (loop2): 1 truncate cleaned up
[   58.885713][ T4638] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.945272][ T4638] tmpfs: Bad value for 'gid'
[   58.950007][ T4638] tmpfs: Bad value for 'gid'
[   58.957258][ T4656] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   58.970185][ T4656] EXT4-fs (loop4): orphan cleanup on readonly fs
[   58.979154][ T4656] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.384: corrupted inode contents
[   58.991685][ T4656] EXT4-fs (loop4): Remounting filesystem read-only
[   58.999235][ T4656] EXT4-fs (loop4): 1 truncate cleaned up
[   59.005041][  T264] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   59.015649][  T264] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   59.026565][  T264] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   59.080506][ T4660] tipc: Resetting bearer <eth:vlan0>
[   59.091001][ T4660] tipc: Disabling bearer <eth:vlan0>
[   59.183129][ T4664] FAULT_INJECTION: forcing a failure.
[   59.183129][ T4664] name failslab, interval 1, probability 0, space 0, times 0
[   59.195897][ T4664] CPU: 1 UID: 0 PID: 4664 Comm: syz.4.387 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.195925][ T4664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   59.195937][ T4664] Call Trace:
[   59.195944][ T4664]  <TASK>
[   59.195952][ T4664]  __dump_stack+0x1d/0x30
[   59.196006][ T4664]  dump_stack_lvl+0x95/0xd0
[   59.196027][ T4664]  dump_stack+0x15/0x1b
[   59.196052][ T4664]  should_fail_ex+0x265/0x280
[   59.196113][ T4664]  should_failslab+0x8c/0xb0
[   59.196212][ T4664]  kmem_cache_alloc_noprof+0x69/0x4b0
[   59.196236][ T4664]  ? audit_log_start+0x342/0x720
[   59.196264][ T4664]  audit_log_start+0x342/0x720
[   59.196353][ T4664]  ? kstrtouint+0x76/0xc0
[   59.196373][ T4664]  audit_seccomp+0x48/0x100
[   59.196413][ T4664]  ? __seccomp_filter+0x832/0x1260
[   59.196448][ T4664]  __seccomp_filter+0x843/0x1260
[   59.196538][ T4664]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   59.196576][ T4664]  ? vfs_write+0x7e8/0x960
[   59.196600][ T4664]  ? __rcu_read_unlock+0x4f/0x70
[   59.196684][ T4664]  ? __fget_files+0x184/0x1c0
[   59.196719][ T4664]  __secure_computing+0x82/0x150
[   59.196760][ T4664]  syscall_trace_enter+0xcf/0x1e0
[   59.196826][ T4664]  do_syscall_64+0xa4/0x2b0
[   59.196972][ T4664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.196999][ T4664] RIP: 0033:0x7f9f11e8f749
[   59.197014][ T4664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.197102][ T4664] RSP: 002b:00007f9f108eee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   59.197121][ T4664] RAX: ffffffffffffffda RBX: 0000000000000512 RCX: 00007f9f11e8f749
[   59.197137][ T4664] RDX: 00007f9f108eeef0 RSI: 0000000000000000 RDI: 00007f9f11f14960
[   59.197154][ T4664] RBP: 0000200000000380 R08: 00007f9f108eebb7 R09: 00007f9f108eee40
[   59.197170][ T4664] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[   59.197186][ T4664] R13: 00007f9f108eeef0 R14: 00007f9f108eeeb0 R15: 0000200000000340
[   59.197209][ T4664]  </TASK>
[   59.416149][ T4664] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   59.424850][ T4664] EXT4-fs (loop4): orphan cleanup on readonly fs
[   59.432970][ T4664] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.387: corrupted inode contents
[   59.445752][ T4664] EXT4-fs (loop4): Remounting filesystem read-only
[   59.452524][ T4664] EXT4-fs (loop4): 1 truncate cleaned up
[   59.458700][   T52] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   59.469302][   T52] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   59.480640][   T52] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   59.536836][ T4671] set_capacity_and_notify: 24 callbacks suppressed
[   59.536853][ T4671] loop0: detected capacity change from 0 to 512
[   59.570611][ T4671] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   59.579154][ T4671] EXT4-fs (loop0): orphan cleanup on readonly fs
[   59.587071][ T4671] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #16: comm syz.0.389: corrupted inode contents
[   59.599348][ T4671] EXT4-fs (loop0): Remounting filesystem read-only
[   59.606257][ T4671] EXT4-fs (loop0): 1 truncate cleaned up
[   59.611106][ T4638] syz.2.379 (4638) used greatest stack depth: 9088 bytes left
[   59.619730][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   59.630367][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   59.645782][   T52] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   59.743995][ T4680] lo speed is unknown, defaulting to 1000
[   59.776423][   T29] kauditd_printk_skb: 1719 callbacks suppressed
[   59.776442][   T29] audit: type=1326 audit(1768398662.605:5030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4675 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   59.828326][ T4701] FAULT_INJECTION: forcing a failure.
[   59.828326][ T4701] name failslab, interval 1, probability 0, space 0, times 0
[   59.841428][ T4701] CPU: 1 UID: 0 PID: 4701 Comm: syz.4.398 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.841463][ T4701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   59.841480][ T4701] Call Trace:
[   59.841496][ T4701]  <TASK>
[   59.841573][ T4701]  __dump_stack+0x1d/0x30
[   59.841606][ T4701]  dump_stack_lvl+0x95/0xd0
[   59.841629][ T4701]  dump_stack+0x15/0x1b
[   59.841651][ T4701]  should_fail_ex+0x265/0x280
[   59.841681][ T4701]  should_failslab+0x8c/0xb0
[   59.841708][ T4701]  __kmalloc_cache_noprof+0x65/0x4c0
[   59.841753][ T4701]  ? __se_sys_memfd_create+0x1d6/0x6b0
[   59.841788][ T4701]  ? mutex_unlock+0x4f/0x90
[   59.841815][ T4701]  __se_sys_memfd_create+0x1d6/0x6b0
[   59.841768][   T29] audit: type=1326 audit(1768398662.605:5031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4675 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   59.841848][ T4701]  __x64_sys_memfd_create+0x31/0x40
[   59.842097][ T4701]  x64_sys_call+0x28cb/0x3000
[   59.842185][ T4701]  do_syscall_64+0xca/0x2b0
[   59.842427][ T4701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.842514][ T4701] RIP: 0033:0x7f9f11e8f749
[   59.842562][ T4701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.842626][ T4701] RSP: 002b:00007f9f108eee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   59.842687][ T4701] RAX: ffffffffffffffda RBX: 0000000000000512 RCX: 00007f9f11e8f749
[   59.842771][ T4701] RDX: 00007f9f108eeef0 RSI: 0000000000000000 RDI: 00007f9f11f14960
[   59.842814][ T4701] RBP: 0000200000000380 R08: 00007f9f108eebb7 R09: 00007f9f108eee40
[   59.842859][ T4701] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[   59.842895][ T4701] R13: 00007f9f108eeef0 R14: 00007f9f108eeeb0 R15: 0000200000000340
[   59.842960][ T4701]  </TASK>
[   59.869469][ T4698] loop0: detected capacity change from 0 to 764
[   59.872702][   T29] audit: type=1326 audit(1768398662.625:5032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4675 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   59.955230][   T29] audit: type=1326 audit(1768398662.635:5033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4675 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   60.060840][   T29] audit: type=1326 audit(1768398662.635:5034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4675 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   60.084224][ T4698] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   60.107447][   T29] audit: type=1326 audit(1768398662.635:5035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4675 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   60.138679][   T29] audit: type=1326 audit(1768398662.635:5036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4675 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   60.162074][   T29] audit: type=1326 audit(1768398662.635:5037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4675 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   60.185417][   T29] audit: type=1326 audit(1768398662.635:5038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4675 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   60.208736][   T29] audit: type=1326 audit(1768398662.635:5039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4675 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbbdd6f749 code=0x7ffc0000
[   60.247900][ T4705] ip6t_rpfilter: unknown options
[   60.269226][ T4710] bridge: RTM_NEWNEIGH with invalid ether address
[   60.289354][ T4705] sctp: [Deprecated]: syz.4.399 (pid 4705) Use of int in max_burst socket option deprecated.
[   60.289354][ T4705] Use struct sctp_assoc_value instead
[   60.398912][ T4723] loop0: detected capacity change from 0 to 1024
[   60.405942][ T4675] delete_channel: no stack
[   60.411740][ T4723] EXT4-fs: inline encryption not supported
[   60.478156][ T4737] siw: device registration error -23
[   60.529614][ T4740] loop0: detected capacity change from 0 to 512
[   60.550361][ T4740] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   60.559789][ T4740] EXT4-fs (loop0): orphan cleanup on readonly fs
[   60.570410][ T4740] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #16: comm syz.0.412: corrupted inode contents
[   60.594998][ T4740] EXT4-fs (loop0): Remounting filesystem read-only
[   60.601705][ T4740] EXT4-fs (loop0): 1 truncate cleaned up
[   60.608409][  T341] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   60.619186][  T341] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   60.660161][ T4749] syzkaller1: entered promiscuous mode
[   60.665767][ T4749] syzkaller1: entered allmulticast mode
[   60.673312][  T341] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   60.855310][ T4767] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[   60.908844][ T4773] siw: device registration error -23
[   60.921380][ T4774] __nla_validate_parse: 5 callbacks suppressed
[   60.921395][ T4774] netlink: 48 bytes leftover after parsing attributes in process `syz.3.423'.
[   60.963874][ T4778] loop3: detected capacity change from 0 to 512
[   60.985117][ T4778] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   60.993153][ T4778] EXT4-fs (loop3): orphan cleanup on readonly fs
[   61.000952][ T4778] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.425: corrupted inode contents
[   61.013271][ T4778] EXT4-fs (loop3): Remounting filesystem read-only
[   61.020262][ T4778] EXT4-fs (loop3): 1 truncate cleaned up
[   61.026060][  T341] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.036689][  T341] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.048832][  T341] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   61.088263][ T4783] netlink: 28 bytes leftover after parsing attributes in process `syz.3.426'.
[   61.123285][ T4786] loop3: detected capacity change from 0 to 512
[   61.130138][ T4786] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   61.141944][ T4786] EXT4-fs (loop3): 1 truncate cleaned up
[   61.302090][ T3475] IPVS: starting estimator thread 0...
[   61.307755][ T4812] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[   61.333340][ T4815] loop3: detected capacity change from 0 to 512
[   61.347913][ T4815] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.435: bg 0: block 248: padding at end of block bitmap is not set
[   61.363151][ T4815] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.435: Failed to acquire dquot type 1
[   61.375808][ T4815] EXT4-fs (loop3): 1 truncate cleaned up
[   61.382013][ T4815] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.404324][ T4813] IPVS: using max 2352 ests per chain, 117600 per kthread
[   61.425447][ T4821] loop3: detected capacity change from 0 to 512
[   61.446821][ T4821] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   61.459603][ T4821] EXT4-fs (loop3): orphan cleanup on readonly fs
[   61.467651][ T4821] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.437: corrupted inode contents
[   61.479837][ T4821] EXT4-fs (loop3): Remounting filesystem read-only
[   61.487044][ T4821] EXT4-fs (loop3): 1 truncate cleaned up
[   61.492929][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.503592][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.514876][   T12] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   61.564655][ T4827] loop3: detected capacity change from 0 to 764
[   61.588901][ T4827] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   61.632782][ T4832] loop3: detected capacity change from 0 to 512
[   61.640496][ T4832] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   61.652895][ T4832] EXT4-fs (loop3): 1 truncate cleaned up
[   61.708512][ T4838] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   61.889530][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   61.925994][ T4863] FAULT_INJECTION: forcing a failure.
[   61.925994][ T4863] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.939157][ T4863] CPU: 0 UID: 0 PID: 4863 Comm: syz.3.450 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.939186][ T4863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   61.939198][ T4863] Call Trace:
[   61.939207][ T4863]  <TASK>
[   61.939236][ T4863]  __dump_stack+0x1d/0x30
[   61.939268][ T4863]  dump_stack_lvl+0x95/0xd0
[   61.939351][ T4863]  dump_stack+0x15/0x1b
[   61.939372][ T4863]  should_fail_ex+0x265/0x280
[   61.939397][ T4863]  should_fail+0xb/0x20
[   61.939420][ T4863]  should_fail_usercopy+0x1a/0x20
[   61.939531][ T4863]  _copy_from_user+0x1c/0xb0
[   61.939629][ T4863]  ___sys_sendmsg+0xc1/0x1d0
[   61.939759][ T4863]  __x64_sys_sendmsg+0xd4/0x160
[   61.939803][ T4863]  x64_sys_call+0x17ba/0x3000
[   61.939830][ T4863]  do_syscall_64+0xca/0x2b0
[   61.940003][ T4863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.940031][ T4863] RIP: 0033:0x7f10dfdaf749
[   61.940050][ T4863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.940073][ T4863] RSP: 002b:00007f10de817038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.940101][ T4863] RAX: ffffffffffffffda RBX: 00007f10e0005fa0 RCX: 00007f10dfdaf749
[   61.940117][ T4863] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[   61.940131][ T4863] RBP: 00007f10de817090 R08: 0000000000000000 R09: 0000000000000000
[   61.940184][ T4863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.940197][ T4863] R13: 00007f10e0006038 R14: 00007f10e0005fa0 R15: 00007ffc1a4362f8
[   61.940223][ T4863]  </TASK>
[   61.942116][ T4861] syzkaller1: entered promiscuous mode
[   62.106733][ T4861] syzkaller1: entered allmulticast mode
[   62.120067][ T4869] ext4: Unknown parameter 'obj_role'
[   62.200277][ T4871] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   62.218112][ T4871] EXT4-fs (loop2): 1 truncate cleaned up
[   62.274952][ T3403] IPVS: starting estimator thread 0...
[   62.282711][ T4876] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[   62.361174][ T4883] lo speed is unknown, defaulting to 1000
[   62.372872][ T4880] IPVS: using max 2256 ests per chain, 112800 per kthread
[   62.475756][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   62.672724][ T4907] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   62.706894][ T4910] netlink: 28 bytes leftover after parsing attributes in process `syz.0.463'.
[   62.772239][ T4915] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   62.784585][ T4915] EXT4-fs (loop0): 1 truncate cleaned up
[   62.880147][ T4920] ext4: Unknown parameter 'obj_role'
[   62.997534][ T4922] siw: device registration error -23
[   63.135901][ T4882] delete_channel: no stack
[   63.231747][ T4942] netlink: 24 bytes leftover after parsing attributes in process `syz.2.472'.
[   63.546698][ T4962] ext4: Unknown parameter 'obj_role'
[   63.585258][ T4964] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   63.593611][ T4964] EXT4-fs (loop4): orphan cleanup on readonly fs
[   63.601539][ T4964] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #16: comm syz.4.479: corrupted inode contents
[   63.613585][ T4964] EXT4-fs (loop4): Remounting filesystem read-only
[   63.620385][ T4964] EXT4-fs (loop4): 1 truncate cleaned up
[   63.626329][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   63.636934][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   63.648924][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   63.793556][ T4977] lo speed is unknown, defaulting to 1000
[   64.109798][ T4991] netlink: 24 bytes leftover after parsing attributes in process `syz.0.488'.
[   64.155749][ T4995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   64.172633][ T4995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   64.186427][ T4997] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   64.195021][ T4997] EXT4-fs (loop0): orphan cleanup on readonly fs
[   64.203292][ T4997] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #16: comm syz.0.491: corrupted inode contents
[   64.215763][ T4997] EXT4-fs (loop0): Remounting filesystem read-only
[   64.222637][ T4997] EXT4-fs (loop0): 1 truncate cleaned up
[   64.228683][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.239325][   T31] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.249227][ T4995] ext4 filesystem being mounted at /73/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   64.251391][   T31] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   64.283919][ T4995] netlink: 14 bytes leftover after parsing attributes in process `syz.2.489'.
[   64.302957][ T4995] netlink: 43 bytes leftover after parsing attributes in process `syz.2.489'.
[   64.312022][ T4995] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[   64.341592][ T5003] siw: device registration error -23
[   64.524280][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   64.530350][ T3516] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   64.583700][ T4976] delete_channel: no stack
[   64.784791][   T29] kauditd_printk_skb: 3560 callbacks suppressed
[   64.784810][   T29] audit: type=1326 audit(1768398667.615:8568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5009 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f081cc1f749 code=0x7ffc0000
[   64.814829][   T29] audit: type=1326 audit(1768398667.615:8569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5009 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f081cc52005 code=0x7ffc0000
[   64.838176][   T29] audit: type=1326 audit(1768398667.615:8570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5009 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f081cc52005 code=0x7ffc0000
[   64.861681][   T29] audit: type=1326 audit(1768398667.615:8571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5009 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f081cc52005 code=0x7ffc0000
[   64.885150][   T29] audit: type=1326 audit(1768398667.625:8572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5009 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f081cc52005 code=0x7ffc0000
[   64.908483][   T29] audit: type=1326 audit(1768398667.625:8573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5009 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f081cc52005 code=0x7ffc0000
[   64.931933][   T29] audit: type=1326 audit(1768398667.625:8574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5009 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f081cc52005 code=0x7ffc0000
[   64.955296][   T29] audit: type=1326 audit(1768398667.625:8575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5009 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f081cc52005 code=0x7ffc0000
[   64.978681][   T29] audit: type=1326 audit(1768398667.625:8576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5009 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f081cc52005 code=0x7ffc0000
[   65.002022][   T29] audit: type=1326 audit(1768398667.625:8577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5009 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f081cc52005 code=0x7ffc0000
[   65.116885][ T5029] set_capacity_and_notify: 10 callbacks suppressed
[   65.116898][ T5029] loop2: detected capacity change from 0 to 1024
[   65.130495][ T5029] ext4: Unknown parameter 'obj_role'
[   65.390459][ T5045] loop2: detected capacity change from 0 to 764
[   65.401416][ T5045] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   65.507010][ T5055] siw: device registration error -23
[   65.537119][ T5057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.553625][ T5057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   65.588659][ T5057] loop0: detected capacity change from 0 to 128
[   65.610413][ T5066] loop4: detected capacity change from 0 to 1024
[   65.621837][ T5063] lo speed is unknown, defaulting to 1000
[   65.628059][ T5062] netlink: 48 bytes leftover after parsing attributes in process `syz.2.512'.
[   65.628341][ T5066] ext4: Unknown parameter 'obj_role'
[   65.657305][ T5057] ext4 filesystem being mounted at /104/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   65.753960][ T5065] loop3: detected capacity change from 0 to 2048
[   65.769208][ T5057] netlink: 14 bytes leftover after parsing attributes in process `syz.0.510'.
[   65.787345][ T5057] netlink: 43 bytes leftover after parsing attributes in process `syz.0.510'.
[   65.796867][ T5057] tipc: Started in network mode
[   65.801848][ T5057] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[   65.809201][ T5057] tipc: Enabled bearer <eth:vlan0>, priority 10
[   66.331548][ T5050] delete_channel: no stack
[   66.394918][ T5088] loop0: detected capacity change from 0 to 764
[   66.403967][ T5088] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   66.538555][ T5102] syzkaller1: entered promiscuous mode
[   66.544205][ T5102] syzkaller1: entered allmulticast mode
[   66.761513][ T5113] loop3: detected capacity change from 0 to 512
[   66.779784][ T5113] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   66.788656][ T5113] EXT4-fs (loop3): orphan cleanup on readonly fs
[   66.799292][ T5113] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.530: corrupted inode contents
[   66.829213][ T5113] EXT4-fs (loop3): Remounting filesystem read-only
[   66.836005][ T5113] EXT4-fs (loop3): 1 truncate cleaned up
[   66.841836][  T264] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   66.852476][  T264] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   66.870860][  T264] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   66.934193][ T2968] tipc: Node number set to 10005162
[   66.956623][ T5117] lo speed is unknown, defaulting to 1000
[   67.483493][ T5145] netlink: 48 bytes leftover after parsing attributes in process `syz.0.542'.
[   67.525459][ T5155] siw: device registration error -23
[   67.666948][ T5116] delete_channel: no stack
[   67.779122][ T5170] loop0: detected capacity change from 0 to 764
[   67.788301][ T5170] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   67.809220][ T5174] syzkaller1: entered promiscuous mode
[   67.814858][ T5174] syzkaller1: entered allmulticast mode
[   67.834859][ T5176] netlink: 24 bytes leftover after parsing attributes in process `syz.0.552'.
[   67.866113][ T5178] loop0: detected capacity change from 0 to 512
[   67.887382][ T5178] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   67.899208][ T5178] EXT4-fs (loop0): orphan cleanup on readonly fs
[   67.911202][ T5178] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #16: comm syz.0.553: corrupted inode contents
[   67.923483][ T5178] EXT4-fs (loop0): Remounting filesystem read-only
[   67.930694][ T5178] EXT4-fs (loop0): 1 truncate cleaned up
[   67.936651][  T341] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.947306][  T341] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.965335][  T341] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   68.003528][ T5187] siw: device registration error -23
[   68.055155][ T5197] FAULT_INJECTION: forcing a failure.
[   68.055155][ T5197] name failslab, interval 1, probability 0, space 0, times 0
[   68.067989][ T5197] CPU: 0 UID: 0 PID: 5197 Comm: syz.4.558 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.068066][ T5197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   68.068078][ T5197] Call Trace:
[   68.068085][ T5197]  <TASK>
[   68.068092][ T5197]  __dump_stack+0x1d/0x30
[   68.068117][ T5197]  dump_stack_lvl+0x95/0xd0
[   68.068145][ T5197]  dump_stack+0x15/0x1b
[   68.068214][ T5197]  should_fail_ex+0x265/0x280
[   68.068238][ T5197]  should_failslab+0x8c/0xb0
[   68.068260][ T5197]  kmem_cache_alloc_noprof+0x69/0x4b0
[   68.068281][ T5197]  ? getname_flags+0x80/0x3b0
[   68.068318][ T5197]  getname_flags+0x80/0x3b0
[   68.068349][ T5197]  __x64_sys_rename+0x33/0x70
[   68.068395][ T5197]  x64_sys_call+0x24e/0x3000
[   68.068422][ T5197]  do_syscall_64+0xca/0x2b0
[   68.068502][ T5197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.068523][ T5197] RIP: 0033:0x7f9f11e8f749
[   68.068538][ T5197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.068557][ T5197] RSP: 002b:00007f9f108ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   68.068584][ T5197] RAX: ffffffffffffffda RBX: 00007f9f120e5fa0 RCX: 00007f9f11e8f749
[   68.068599][ T5197] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000200000000580
[   68.068611][ T5197] RBP: 00007f9f108ef090 R08: 0000000000000000 R09: 0000000000000000
[   68.068627][ T5197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.068764][ T5197] R13: 00007f9f120e6038 R14: 00007f9f120e5fa0 R15: 00007ffd751d77b8
[   68.068789][ T5197]  </TASK>
[   68.276625][ T5204] netlink: 'syz.3.562': attribute type 13 has an invalid length.
[   68.295719][ T5204] gretap0: refused to change device tx_queue_len
[   68.302895][ T5204] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   68.342689][ T5213] FAULT_INJECTION: forcing a failure.
[   68.342689][ T5213] name failslab, interval 1, probability 0, space 0, times 0
[   68.355516][ T5213] CPU: 0 UID: 0 PID: 5213 Comm: syz.3.565 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.355616][ T5213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   68.355665][ T5213] Call Trace:
[   68.355674][ T5213]  <TASK>
[   68.355684][ T5213]  __dump_stack+0x1d/0x30
[   68.355713][ T5213]  dump_stack_lvl+0x95/0xd0
[   68.355851][ T5213]  dump_stack+0x15/0x1b
[   68.355962][ T5213]  should_fail_ex+0x265/0x280
[   68.355985][ T5213]  should_failslab+0x8c/0xb0
[   68.356006][ T5213]  kmem_cache_alloc_noprof+0x69/0x4b0
[   68.356032][ T5213]  ? getname_flags+0x80/0x3b0
[   68.356065][ T5213]  getname_flags+0x80/0x3b0
[   68.356101][ T5213]  do_sys_openat2+0x60/0x150
[   68.356139][ T5213]  __x64_sys_openat+0xf2/0x120
[   68.356175][ T5213]  x64_sys_call+0x2b07/0x3000
[   68.356208][ T5213]  do_syscall_64+0xca/0x2b0
[   68.356304][ T5213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.356394][ T5213] RIP: 0033:0x7f10dfdaf749
[   68.356409][ T5213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.356466][ T5213] RSP: 002b:00007f10de817038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   68.356486][ T5213] RAX: ffffffffffffffda RBX: 00007f10e0005fa0 RCX: 00007f10dfdaf749
[   68.356498][ T5213] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[   68.356512][ T5213] RBP: 00007f10de817090 R08: 0000000000000000 R09: 0000000000000000
[   68.356591][ T5213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.356605][ T5213] R13: 00007f10e0006038 R14: 00007f10e0005fa0 R15: 00007ffc1a4362f8
[   68.356623][ T5213]  </TASK>
[   68.723962][ T5214] loop4: detected capacity change from 0 to 1024
[   68.751595][ T5210] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[   68.751595][ T5210]    program syz.4.564 not setting count and/or reply_len properly
[   69.153469][ T5257] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   69.203597][ T5259] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.578: bg 0: block 248: padding at end of block bitmap is not set
[   69.218373][ T5259] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.578: Failed to acquire dquot type 1
[   69.230422][ T5259] EXT4-fs (loop0): 1 truncate cleaned up
[   69.236843][ T5259] EXT4-fs mount: 153 callbacks suppressed
[   69.236855][ T5259] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.256490][ T5259] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.282246][ T5259] tmpfs: Bad value for 'gid'
[   69.286930][ T5259] tmpfs: Bad value for 'gid'
[   69.297619][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[   69.338364][ T5265] netlink: 'syz.4.580': attribute type 13 has an invalid length.
[   69.348353][ T5265] gretap0: refused to change device tx_queue_len
[   69.355200][ T5265] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   69.574482][ T5277] netlink: 28 bytes leftover after parsing attributes in process `syz.2.585'.
[   69.707252][ T5291] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   69.729566][ T5291] EXT4-fs (loop4): 1 truncate cleaned up
[   69.740769][ T5291] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.772111][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.789864][ T5295] netlink: 48 bytes leftover after parsing attributes in process `syz.3.589'.
[   69.810344][   T29] kauditd_printk_skb: 3763 callbacks suppressed
[   69.810381][   T29] audit: type=1326 audit(1768398672.635:12327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5294 comm="syz.3.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dfdaf749 code=0x7ffc0000
[   69.852313][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.873061][   T29] audit: type=1326 audit(1768398672.635:12328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5294 comm="syz.3.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dfdaf749 code=0x7ffc0000
[   69.910140][   T29] audit: type=1326 audit(1768398672.695:12329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5294 comm="syz.3.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f10dfdaf749 code=0x7ffc0000
[   69.933770][   T29] audit: type=1326 audit(1768398672.695:12330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5294 comm="syz.3.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dfdaf749 code=0x7ffc0000
[   69.957567][   T29] audit: type=1326 audit(1768398672.695:12331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5294 comm="syz.3.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dfdaf749 code=0x7ffc0000
[   70.042306][   T29] audit: type=1400 audit(1768398672.825:12332): avc:  denied  { bind } for  pid=5304 comm="syz.0.591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   70.061827][   T29] audit: type=1400 audit(1768398672.825:12333): avc:  denied  { setopt } for  pid=5304 comm="syz.0.591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   70.081513][   T29] audit: type=1400 audit(1768398672.825:12334): avc:  denied  { write } for  pid=5304 comm="syz.0.591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   70.100997][   T29] audit: type=1326 audit(1768398672.845:12335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5308 comm="syz.3.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dfdaf749 code=0x7ffc0000
[   70.124508][   T29] audit: type=1326 audit(1768398672.845:12336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5308 comm="syz.3.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10dfdaf749 code=0x7ffc0000
[   70.157993][ T5313] tipc: Resetting bearer <eth:vlan0>
[   70.167735][ T5313] tipc: Disabling bearer <eth:vlan0>
[   70.297658][ T5333] netlink: 28 bytes leftover after parsing attributes in process `syz.0.602'.
[   70.887722][ T5359] set_capacity_and_notify: 3 callbacks suppressed
[   70.887807][ T5359] loop2: detected capacity change from 0 to 512
[   70.905005][ T5359] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   70.916443][ T5359] EXT4-fs (loop2): orphan cleanup on readonly fs
[   70.925471][ T5359] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.610: corrupted inode contents
[   70.939337][ T5359] EXT4-fs (loop2): Remounting filesystem read-only
[   70.946325][ T5359] EXT4-fs (loop2): 1 truncate cleaned up
[   70.952393][   T52] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   70.963096][   T52] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   70.973972][   T52] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   70.990298][ T5359] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   71.014587][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.235633][ T5381] loop2: detected capacity change from 0 to 1024
[   71.242441][ T5381] ext4: Unknown parameter 'obj_role'
[   71.260979][ T3576] ==================================================================
[   71.269122][ T3576] BUG: KCSAN: data-race in shmem_add_to_page_cache / shmem_getattr
[   71.277080][ T3576] 
[   71.279447][ T3576] read-write to 0xffff88811ba58818 of 8 bytes by task 3308 on cpu 1:
[   71.287553][ T3576]  shmem_add_to_page_cache+0x418/0x530
[   71.293049][ T3576]  shmem_get_folio_gfp+0x4e8/0xd50
[   71.298214][ T3576]  shmem_write_begin+0xfc/0x1f0
[   71.303113][ T3576]  generic_perform_write+0x184/0x490
[   71.308436][ T3576]  shmem_file_write_iter+0xc5/0xf0
[   71.313601][ T3576]  vfs_write+0x52a/0x960
[   71.317897][ T3576]  ksys_write+0xda/0x1a0
[   71.322426][ T3576]  __x64_sys_write+0x40/0x50
[   71.327037][ T3576]  x64_sys_call+0x2847/0x3000
[   71.331745][ T3576]  do_syscall_64+0xca/0x2b0
[   71.336312][ T3576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.342235][ T3576] 
[   71.344585][ T3576] read to 0xffff88811ba58818 of 8 bytes by task 3576 on cpu 0:
[   71.352143][ T3576]  shmem_getattr+0x68/0x200
[   71.356677][ T3576]  vfs_getattr_nosec+0x146/0x1e0
[   71.361641][ T3576]  __se_sys_newfstat+0x96/0x2e0
[   71.366524][ T3576]  __x64_sys_newfstat+0x31/0x40
[   71.371426][ T3576]  x64_sys_call+0x2c51/0x3000
[   71.376132][ T3576]  do_syscall_64+0xca/0x2b0
[   71.380671][ T3576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.386596][ T3576] 
[   71.388933][ T3576] value changed: 0x0000000000000000 -> 0x0000000000000001
[   71.396057][ T3576] 
[   71.398396][ T3576] Reported by Kernel Concurrency Sanitizer on:
[   71.404565][ T3576] CPU: 0 UID: 0 PID: 3576 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.413959][ T3576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   71.424057][ T3576] ==================================================================
[   71.473577][ T5385] loop4: detected capacity change from 0 to 764
[   71.497190][ T5385] rock: corrupted directory entry. extent=32, offset=2044, size=237