last executing test programs:

40.313228663s ago: executing program 0 (id=1600):
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0xa, 0x3, 0x87)
sendmsg$kcm(r0, &(0x7f0000000580)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f00000004c0), 0x3e}, 0x0)

40.293925475s ago: executing program 0 (id=1603):
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r1, 0x0, 0xb}, 0x18)
socket$kcm(0x29, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)

40.238690649s ago: executing program 0 (id=1605):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000a00), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x3, 0x4, 0x2}]})

40.22706001s ago: executing program 0 (id=1606):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002000)=ANY=[@ANYBLOB="757466383d312c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e39352c000f3556feecb6412e00c80bdee16891f8bf67c9f201996782a86d4bab33b4f23383380e4ccafc9da9def41b05c1dfb2cfa24e43aedf5536d3bce06ddda97c586bc37fab5366b1ab6fee95cc224e56e681e82dd4dbbde3785fdd0fc4e7df753a0e2658aa5e88e1d38366c7908a7b2b678ee4b4bfc7aafa2101c157745926241af5ac30189eced78c1611b972d03bfef046f4adcada230ef0ac02ede79fb7d92a8354670c01cb80361c1fde2cef3204a182323c318e10ef11cb24c435d589b17a396377800f"], 0x1, 0x21b, &(0x7f0000000300)="$eJzs2j+LHGUcB/DfnJHEC5dd8R8JiA9aqM2Q3doihyQgLiiaFaIgmXizuuy4e+wsBytirtLWl2AtlnaCpLS5xldgYXfNlSnEkWRjcnesxSHein4+zXzhmS88D8/w8BSz/9rXn44GdT4oZrGWZbF2JXbjbhbtWIs/7carL9/46fl3b7z/5mavd/WdlK5tXu90U0oXXvjxg8+/e/HO7Px731/44WzstT/cP+j+uvfs3sX9369/MqzTsE7jySwV6dZkMituVWXaGtajPKW3q7KoyzQc1+X0yPigmmxvz1Mx3tpY356WdZ2K8TyNynmaTdJsOk/Fx8VwnPI8Txvrwd/R//Zu08RB8/jNaJrmiW/i/J3Y+CVakT2ZsqeuZM/czJ7bzS4eNE1r1VPlH2H//98OHernIqqvdvo7/cVzMb45iGFUUcblaMVvce8zeWCRr73Ru3o53deOL6vbD/q3d/qPHe13ohXt5f3Oop+O9s/G+uF+N1rx9PJ+d2n/XLzy0qF+Hq34+aOYRBVbca/7qP9FJ6XX3+od61+6/x4AwH9Nnh5aen/L878aX/RPcD88dr86E5fOrHbtRNTzz0ZFVZVTQRCEh2HVJxOn4dGmr3omAAAAAAAAAAAAnMRp/E646jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/bn8EAAD//xrx1cI=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001480)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000040000000000000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
creat(0x0, 0x48)
syz_io_uring_submit(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000280)={{0x1, 0x1, 0x18, r3}, './file1\x00'})
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_REAPURB(r5, 0x4008550c, &(0x7f0000000380))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1802000000e5d6bcf96601be01a2b7eca8d70000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x2d)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r9)
write$cgroup_subtree(r5, &(0x7f0000000200)={[{0x2d, 'perf_event'}]}, 0xc)
sendfile(r0, r0, 0x0, 0x800000009)

39.287436646s ago: executing program 0 (id=1618):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x4, 0xc}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000000), &(0x7f0000000200)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0xc, 0x288}, 0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r2, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r3, 0x3516, 0x0, 0x4, 0x0, 0x0)

39.038230936s ago: executing program 0 (id=1622):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0xfffffffffffff001}, 0x18)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

39.032318017s ago: executing program 32 (id=1622):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0xfffffffffffff001}, 0x18)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

2.289324075s ago: executing program 3 (id=2267):
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x0, 0x9, 0x1, 0x8, 0x0, 0x7fffffffffffffff, 0x2080, 0x6, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_config_ext={0xfffffffffffffffe, 0x3}, 0x3c110, 0x2, 0x1, 0x0, 0x1, 0x2, 0x800, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0xa)
r1 = perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x9c, 0x5, 0x0, 0x0, 0x0, 0x1000000000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x0, 0x0, 0x0, 0x3, 0x3}, 0x0, 0xffffffffffffffff, r0, 0x8)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_channels={0x47, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2}})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001c80)=@gettclass={0x24, 0x2a, 0x8, 0x70bd2c, 0x25dedbff, {0x0, 0x0, 0x0, 0x0, {0xa, 0x9}, {0x7, 0xfff1}, {0x0, 0xa3df32d7e561faec}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4008044}, 0x4008000)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="000000000000000000000000c4b2f00000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r4 = socket$caif_stream(0x25, 0x1, 0x3)
connect$caif(r4, &(0x7f0000000040), 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRES16=r1, @ANYRES16=r2], 0x50)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0c0000000400000004"], 0x50)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140)={<r6=>0x0, 0x20}, &(0x7f0000000180)=0x8)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000000280)={r6, @in={{0x2, 0x4e23, @empty}}, 0x5, 0xf}, 0x90)

2.287243975s ago: executing program 1 (id=2268):
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe00004a00530c8e5eb88edc5a9c0e0ab280", @ANYRESOCT, @ANYRESDEC], 0xfe33)

2.245734639s ago: executing program 3 (id=2270):
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000000c0)='./file0\x00', 0x1000000, &(0x7f00000003c0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES8=0x0], 0xfe, 0x19c, &(0x7f0000000200)="$eJzs281qE1EYBuA3tdW2LtKFK3Ex4MZVaHsFFqkgBgSlCwVBsQ1IRwIWArqw2bnwJrwct3olLrsQRppp7Q+piNoMJM+zyQfnvMl3DiSZMzAvbr3Z3e7v9Z73vmSx1crc3arKQSsrmcuxYQCAaXJQVfleVVV1bZilz6mqqumOAIDL5v8fAGbPk6fPHm50u5uPi2IxKT8OtgZb9Ws9vtHL65TZyWra+ZHDC4QjdX3/QXdztRhZyady/yi/P9i6cja/lnZWxufX6nxxNr+Q5dP59bRzY3x+fWz+au7cPpXvpJ1vr9JPme0cZk/yH9aK4t6j7rn89dE8AAAAmAad4pex5/dO56LxOr/R+uP7A+fO1/O5Od/s2gFgVu29e7/7six33jZWJBn+Zs7X5brRyTVW/GX8eEub3Mx/K5by/995Ic2va3qK/txlf8RiklHR4I8SMBEn3/6mOwEAAAAAAAAAAAAAAC4yiUeXml4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALPnZwAAAP//RL2Oaw==")
r0 = creat(&(0x7f0000000240)='./file1\x00', 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x200, 0x1000000000000001, 0x5, 0x42, 0x1, 0xfffffffffffffffd, 0x66c})
io_setup(0x200, &(0x7f0000000140)=<r1=>0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0x8008}])
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000002c0)='kmem_cache_free\x00', r2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file1\x00', 0x81c0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=ANY=[@ANYRES32, @ANYRESHEX=r0, @ANYRESOCT], 0x48)

2.220507671s ago: executing program 1 (id=2271):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x19, &(0x7f0000000600)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000e000000850000000600000018000000ffff00000000000001000000bf91000000000000b7020000020000008500000000000000b7000000000000009500000000000000"], 0x0, 0xfffffffd, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x1010040, &(0x7f00000003c0)={[{@noquota}, {@debug}, {@jqfmt_vfsv0}, {@noauto_da_alloc}, {@resgid}]}, 0x3, 0x4eb, &(0x7f0000001fc0)="$eJzs3d9rW20dAPDvSX9u62ynXsyBc+ikG7ikXd1WvJgVRK8Gznlfa5uW0rQpbbqtZUiHf4Ag/kKvvPJG8FoE2Z8gwkDvRUQZus0LL973zUuSk3ddlrYpa5q2+Xzg6XnOj57v90k4T/LkHM4JoGtdiYipiOiJiOsRMZwuz6Qltmulst2rl09mKyWJcvnBf5JI0mX1fSXp9Fz6b4MR8d1vR/wgeTfu+ubW0kyhkF9L53Ol5dXc+ubWjcXlmYX8Qn5lamL89uSdyVuTY4fW1rvf/OfPf/zbb93901ce/X3639d+WElrKF23sx2t2G5xu1rT+6qvRV1vRKwdJNgx1pO2p6/TiQAA0JLKd/xPR8QXI+L1rzqdDQAAANAO5a8PxQdJRBkAAAA4tTLVa2CTTDa9FmAoMplstnYN72fjbKbQHxHzxY2Vudq1siPRl5lfLOTH0muFR6IvqcyPV+tv5m82zE9ExIWI+Onwmep8drZYmOv0jx8AAADQJc41jP//N1wb/wMAAACnzMgBtm1yLy8AAADgBDjI+B8AAAA4mXYd/ye9R5sIAAAA0A7fuXevUsr151/PPdzcWCo+vDGXX1/KLm/MZmeLa6vZhWJxoXrPvuX99lcoFle/Gisbj3Ol/Hopt765Nb1c3FgpTVef6z2d95xoAAAAOHoXvvDsb0lEbH/tTLVU9KfrWhirT7U3O6CdMgfb3N0/4BTp6XQCQMc0XODb36k8gKPnfDywz8D+Zw3zB/zZAAAAOA5GP/de5/+dD4QTzEAeupfz/9C93OALupfz/9DlBvbfZHC3FX8+5FwAAIC2GaqWJJNNzwUORSaTzUacrz4WoC+ZXyzkxyLiUxHx1+G+gcr8eKeTBgAAAAAAAAAAAAAAAAAAAAAAAIATplxOogwAAACcahGZfyXpg/xHh68ONf4+0J/8f7g6jYhHv37wi8czpdLaeGX5fz9ZXvpluvxmfQkAAADQSfVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH6dXLJ7P1cpRxX3wjIkaaxe+Nwep08A/DEXH2dRK9O/4viYieQ4i//TQiLr4dvyeNMFJNrZZFY/xMRJxpU/xoMf65Q4gP3exZpf+Zqhx/fQ3HXyauVKfNj7/etLyvF1d26/8y9f6v2s816//O773rwXrl0vPf53aN/zTiUm/z/qceP3nP/vf739va2m1d+TcRo/t8/lRi5UrLq7n1za0bi8szC/mF/MrExPjtyTuTtybHcvOLhXz6t2mMn3z+jx/t1f6zTePX+t+92n/13d0NNIvx4fPHLz+zR/xrX2r+/l/cI37ltf9y+jlQWT9ar2/X6jtd/t1fLu/V/rld2r/f+39tt502uH7/R/9ocVMA4Aisb24tzRQK+bWTUYmofSs/Lvl0tnI+jkUaKq1VhtJjbseqnrYHvf9u0NYqneuTAACA9njzpb/TmQAAAAAAAAAAAAAAAAAAAED3avudzwbevrPAYOeaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwp48DAAD//85EyV0=")
socket$packet(0x11, 0x2, 0x300)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x1, @perf_config_ext={0x8, 0x6}, 0x120, 0x10000, 0x33f8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r2, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
setrlimit(0xe, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffffff00000000000000000d0001007564703a73"], 0x54}}, 0x0)

2.044476375s ago: executing program 1 (id=2274):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r1, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1820000004000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x1f00, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4d56964ed463fec0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000100)=[@in6={0xa, 0x4e23, 0x1574, @private1={0xfc, 0x1, '\x00', 0x1}, 0xc83}]}, &(0x7f0000000080)=0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x0, 0x2, 0xfffffe81, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="070000000400000008"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x400000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
mount$9p_tcp(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x801, &(0x7f0000000740)=ANY=[@ANYBLOB='trans=tcp'])

1.720189151s ago: executing program 3 (id=2282):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x187842, 0x0)
ioctl(r0, 0x2, &(0x7f00000008c0))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143041, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000711181000000000016000000000008009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x22)
timerfd_settime(r2, 0x2, &(0x7f00000000c0)={{}, {0x77359400}}, &(0x7f0000000140))
r3 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003d37d840890457e00000000000010902240003000000000904"], 0x0)
read$hidraw(r2, &(0x7f0000000240)=""/189, 0xbd)
syz_usb_control_io(r3, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000540)=ANY=[@ANYBLOB="400e010000008e0600309397090000c2ab976cf40ecce7d2e507000000afa884dcb2d2f3d20d2df158eeec2d86548ef3e8f4481e5089e49c7dd9b3f2bd0f81781f20d99ba630a852aeabaa95b707ae813e18663e2df16141324d2917e8f58b5c65c42a49765b887ca69be9905fde4668ca5b26b47132d7116655cbe79bd6c81a636da9eddd7b44404981340d4ed455fb23752208025a63e304d215197b79273d0c4aecde92d53054cc1c349a7370afba3969390e00a6712c81e9bc8cec2a15e4890f411d734e984fbe96ac40a298e41759f14ecd86516d21eae74b86f854f8eb3abe31db5df826ef817712b09db68cfa0919524c27bcaabed83724cea933955f3cd292399287c85cd30222d1ea05dfb0131249e3b866e91d81651d1d28b3e993024e2ec99c5b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000100)={0x3920e, r0, 0x3, 0x1, 0x3, 0x6})

1.699603633s ago: executing program 2 (id=2284):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r3)
getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x84, &(0x7f0000000240)={&(0x7f00000006c0)=@delchain={0x8c, 0x64, 0xf31, 0xfffffffb, 0x400, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0xa, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x5c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x58, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x54, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0xd}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x5, 0x2, 0x1000}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x2}]}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4008051}, 0x4000)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000fedbdf25080000001800028014000380100001800400030008000100050000000c0001", @ANYRES32], 0x38}, 0x1, 0x0, 0x0, 0x4000814}, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f0000000040)={0x200000000000001}, 0x8)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = syz_pidfd_open(0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = pidfd_getfd(r6, r6, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r7, 0x89f0, 0x0)

1.653156227s ago: executing program 2 (id=2287):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYRES16, @ANYBLOB="0000001805761918"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$unix(0x1, 0x5, 0x0)
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000600)="300e3080b734830aaffdd7338895c834", 0x10, r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x80, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x24040010}, 0x0)

1.627498708s ago: executing program 2 (id=2289):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000640)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$cdc_ecm(0x5, 0x1d3, &(0x7f00000011c0)=ANY=[@ANYBLOB], 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x45, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000011008188e6b62aa73f72cc9f0ba1f8483d0000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6, 0x0, 0xffffffffffff8001}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040), 0xfe, 0x4f2, &(0x7f0000000b00)="$eJzs3d9rHFsdAPDvTHbvbdpcN1d9uF6wLbaSFO0maWwbfKgKok8Ftb7XmGxDyCZbkk3bhKIp/gGCiAq+6JMvgn+AIP0TRCjou6gooq0++FAd2d3ZmKa7+UE3u97s5wMnc8782O85GebsnJlhJ4ChdTEiJiMiy7LsSkSU8vlpnmKnlRrrvXj+eKGRksiyO39LIsnntT/r7Xx6Lt/sTER87csR30xej7uxtb0yX61W1vPyVH01eZll21eXV+eXKkuVtdnZmRtzN+euz033pJ3jEXHri3/6wXd/9qVbv/r0w9/f/cvkt1oNbNnbjl5qNb3Y/F+0FSJi/SSCDUih2cKW6wOuCwAAB2uc7384Ij4REVeiFCPNszkAAADgNMk+NxYvk9b9PwAAAOB0SiNiLJK0nD/vOxZpWi63nuH9aJxNq7WN+qey0u71gvEopveWq5Xp/NmB8SgmjfJM/oxtu3xtX3k2It6NiO+XRpvl8kKtujjQKx8AAAAwPM7tG///s9Qa/wMAAACnzPigKwAAAACcOON/AAAAOP2M/wEAAOBU+8rt242Utd9/vfhga3Ol9uDqYmVjpby6uVBeqK3fLy/VakvN3+xbPezzqrXa/c/E2uajqXploz61sbV9d7W2uVa/u/zKK7ABAACAPnr3wtPfJRGx89nRNCKyZM+yYkQ2snflQv/rB5yc9Dgr//Hk6gH038igKwAMjFN6GF7FQVcAGLjD+oGuD+/8uvd1AQAATsbEx3bv/zdTw1v5smSgNQNOWn7/P3Gsw/Bx/x+Gl/t/MLyKB50BGBTAqZce4VB/8/v/WXasSgEAAD031kxJWs7HAWORpuVyxDvN1wIUk3vL1cp0RHwoIn5bKr7dKM80t0xcHgAAAAAAAAAAAAAAAAAAAAAAAACAI8qyJLIuRnfXAQAAAD7IItI/J/n7vyZKl8f2Xx94K/lXqTmNiIc/vvPDR/P1+vpMY/7fd+fXf5TPv9bvqxcAAABAJ+1xenscDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99OL544V26mfcv34hIsY7xS/Emeb0TBQj4uw/kijs2S6JiJEexN95EhHvdYqfNKoV43kt9sdPI2J0wPHP9SA+DLOnjf7n852OvzQuNqedj79Cnt5U9/4v3e3/Rrr0f+90+sD09VnvP/vFVNf4TyLeL3Tuf9rxky7xLx2xjd/4+vZ2t2XZTyMmOn7/JK/EmkoK96c2travLq/OL1WWKmuzszM35m7OXZ+bnrq3XK3kfzvG+N7Hf/mfg9p/tkv88UPaf/mI7f/3s0fPP9LKFvctKsZPsmzyUuf9/16X+O3vvk/mu7tRnmjnd1r5vc7//DfnLxzQ/sUu7T9s/08esf1XvvqdPxxxVQCgDza2tlfmq9XK+vEyScTOG2wuM1yZ0ehj0Pk4aJ32SWwf6vPtPNT/xS44dmZwfRIAAHAy/nfSP+iaAAAAAAAAAAAAAAAAAAAAwPA67GfAogc/J7Y/5s5gmgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKD/BgAA//+6ychX")
socketpair$unix(0x1, 0x2, 0x0, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
socket$tipc(0x1e, 0x2, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0x14, 0x0, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
getpeername$packet(r8, &(0x7f0000000000)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000002dc0)=0x14)
sendmmsg(r7, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r9}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

1.343710821s ago: executing program 4 (id=2299):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r3)
getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x84, &(0x7f0000000240)={&(0x7f00000006c0)=@delchain={0x8c, 0x64, 0xf31, 0xfffffffb, 0x400, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0xa, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x5c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x58, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x54, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0xd}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x5, 0x2, 0x1000}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x2}]}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4008051}, 0x4000)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000fedbdf25080000001800028014000380100001800400030008000100050000000c0001800800", @ANYRES32], 0x38}, 0x1, 0x0, 0x0, 0x4000814}, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f0000000040)={0x200000000000001}, 0x8)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = syz_pidfd_open(0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = pidfd_getfd(r6, r6, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r7, 0x89f0, 0x0)

1.310387304s ago: executing program 4 (id=2300):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0xfffffffffffff001}, 0x18)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000cc0)=ANY=[@ANYRES16=r3, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

1.301140005s ago: executing program 4 (id=2301):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/ip_mr_vif\x00')
preadv(r1, &(0x7f0000000580)=[{&(0x7f0000000180)=""/45, 0x2d}], 0x1, 0x2c, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYRES16=r0, @ANYRES64=0x0, @ANYRES16=r1], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xd, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
dup(r0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000840), r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r6, 0x1, 0x70bd2c, 0x25dfdbfe}, 0x1c}, 0x1, 0x0, 0x0, 0x24000000}, 0x48840)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000000)={0x3, 0x8003, 0x40, 0x400, <r7=>0x0}, &(0x7f0000000040)=0x10)
r8 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x8683, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
io_uring_register$IORING_REGISTER_PBUF_RING(r8, 0x16, &(0x7f0000000380)={&(0x7f0000002000)={[{&(0x7f00000001c0)="af2a81b114b66521831c310c36a8f11f0c9e06016ba5051ca7f144da895884fddcaddc788b5066106592e59b7f60682fcb12d7853831fdc032ba5a706620e935e8dd3ee5eee25cacdf47c63a5583f1f14ff7e5a8119f8ca1b9bee6786355ebb1013321d94de8181a", 0x68, 0x3}, {&(0x7f0000000280)="0594c458ed46c608b8b23d3777beb7bc26ef0fc1a8c1f6c3f7c660348ba0ba7b8dd6f73988d3b103c0cbb5643c87e88cefeccc9f0a303ce8ad4539b0547bfece6c687ed4406f7a1845303549c4071ff6e576dd4403e9aaa12cfd607294479296231b2011cf4d23668695abaf919fcf3b136a22c198520c3615549893f4a89ae121fd131c6b0ce187cd60dfe0011ddedd79f507a32f060c1d1baf8d9008b0361d9cf0ddc8085c7e7ae15ad24e1de369c1fa96dc1b155e9bad5075290a41b0f2cdc2650c9d4165aec719259903b5aba7de919041a7335e51dead4a65f99837e8ab4c9192", 0xe3, 0x3}]}, 0x2, 0x3}, 0x1)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f0000001e00)={0x0, 0x8001}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r8, 0xc0189379, &(0x7f0000000140)={{0x1, 0x1, 0x18, r4}, './file0\x00'})
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000080)={r7, 0x2, 0x67, "248e49275790e9e174aaea674764a19884d63acecce9b66e4a7752ed1272fcd367fb8b0e39dc67636611fc9b78335bab6b0432a4f092c3493fa56b96c440a02c03a140831a911ca4097977f18fc2feddc503764f6faa326833805445a30cd8770047dda03ea61d"}, 0x6f)
ioctl$sock_proto_private(r0, 0x89e1, &(0x7f00000003c0)="03e6983d1b6388cf0cd677642583af96267e1c3b47360435c394dd0beef77a446c376ad1b6c826687cf3691d6f0f5570a43e0e19b627349fb2d52c0151e252c6c405b23e131849dffdd35a869a4279431bf4cfbf7ee083a2b39302e5a8d7b3875a9190ff9cdfb8a1d4161994b973d332903e889593a9868ea4759c9762aaca712cd818b72657aa328772d54ec78c824f1b6ec48d55ab2cb4b1085e109056288f4521d583c938c0a4")

1.282325456s ago: executing program 4 (id=2303):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x0, &(0x7f00000000c0)})
getrusage(0x0, &(0x7f0000000ac0))
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
write(r3, &(0x7f00000009c0)=';', 0x1)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), r2)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x34, r4, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @empty}}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x24008881}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000200)={'syztnl0\x00', &(0x7f0000000080)={'syztnl0\x00', <r6=>0x0, 0x4, 0xa, 0xdf, 0x2, 0xe, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x20, 0x6, 0x1}})
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x38, r4, 0x800, 0x70bd27, 0x25dfdbfb, {}, [@FOU_ATTR_IFINDEX={0x8, 0xb, r6}, @FOU_ATTR_PEER_V6={0x14, 0x9, @dev={0xfe, 0x80, '\x00', 0xa}}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x2c}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x40)
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7fffeffd)

1.155833617s ago: executing program 5 (id=2306):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/llc/socket\x00')
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000380), 0x84, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x42000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000002380)=""/153, 0x99}], 0x1, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/llc/socket\x00') (async)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000380), 0x84, r1}, 0x38) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x42000, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10) (async)
pipe2$9p(&(0x7f0000000240), 0x0) (async)
dup(r4) (async)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5]) (async)
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000002380)=""/153, 0x99}], 0x1, 0x0, 0x0) (async)

1.140743768s ago: executing program 1 (id=2307):
timer_create(0x3, 0x0, &(0x7f0000000340)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x8001, 0x0, 0x1}, 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={r4, 0xe0, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0], 0x0, 0xf, &(0x7f0000000b00)=[{}], 0x8, 0x10, &(0x7f0000000b40), &(0x7f0000000b80), 0x8, 0xf4, 0x8, 0x8, &(0x7f0000000bc0)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
read$eventfd(0xffffffffffffffff, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x9b8)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
timer_settime(r0, 0x1, &(0x7f0000000940)={{}, {0x0, 0x989680}}, &(0x7f0000000a00))

983.85944ms ago: executing program 2 (id=2308):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
writev(r0, &(0x7f0000000240)=[{&(0x7f00000020c0)="bbf73d0c1e2044a11659f21eff48036983349dc43874210e104912bffbbf598101112dcc8dcf878da489490d63834f650565c06a604a6ee660b0b214d783319103131be66a34144db07a78eaaa009fefbb2509", 0x53}], 0x1)

969.371322ms ago: executing program 3 (id=2309):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xa8, &(0x7f0000000580)={@multicast, @link_local, @void, {@ipv4={0x800, @icmp={{0x10, 0x4, 0x3, 0x5, 0x9a, 0x66, 0x0, 0x4, 0x1, 0x0, @loopback, @rand_addr=0x64010101, {[@timestamp_prespec={0x44, 0x4, 0xf0, 0x3, 0x8}, @generic={0x7, 0xa, "91da978781577c95"}, @ssrr={0x89, 0xf, 0xba, [@empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote]}, @generic={0x86, 0x7, "7fe779ed49"}, @generic={0x89, 0x8, "0da1cdf91a2b"}]}}, @time_exceeded={0xb, 0x1, 0x0, 0x0, 0x3, 0x0, {0x14, 0x4, 0x3, 0x5, 0x100, 0x65, 0x43, 0x44, 0x16, 0xf, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x3, 0xc7}, @ssrr={0x89, 0xf, 0x76, [@multicast2, @local, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @ssrr={0x89, 0x1b, 0xdb, [@remote, @multicast2, @multicast2, @multicast1, @remote, @rand_addr=0x64010100]}, @timestamp_addr={0x44, 0xc, 0x63, 0x1, 0xd, [{@empty, 0x3}]}, @end, @end, @end]}}, "23a7"}}}}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x4, 0x0, 0x8}}}}}, 0x0)

895.278797ms ago: executing program 5 (id=2310):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@grpid}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x1c)
sendto$unix(r1, 0x0, 0x0, 0x40000, &(0x7f0000000040)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000003c0)={0x14, r2, 0x5, 0x0, 0x0, {0x22}}, 0x14}}, 0x2000c094)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r6 = dup(r5)
write$P9_RLERRORu(r6, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20)
write$binfmt_elf64(r6, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7, 0x0, 0x7}, 0x18)
lstat(&(0x7f0000000240)='./file0\x00', 0x0)
r8 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x420043, 0x0)
pidfd_send_signal(r8, 0x2e, &(0x7f0000000200)={0x2b, 0xfffffc01}, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000440)=@o_path={&(0x7f0000000400)='./file0\x00', r3, 0x4000, r6}, 0x18)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280), r8)
sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="02085fbd7000fbdbdf250100000000000000014100000018001700000011000000017564703a73797a3100000000"], 0x34}, 0x1, 0x0, 0x0, 0x24000005}, 0xc4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0xc102, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff})
bind$unix(r10, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)

894.283658ms ago: executing program 3 (id=2311):
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080)={0x442081, 0x2, 0x4}, 0x18)
openat(r0, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x65, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x4, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r2}, 0x18)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")

864.23271ms ago: executing program 2 (id=2312):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x800, 0xfffffffc, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8b}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

753.990639ms ago: executing program 2 (id=2313):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x4000, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
fallocate(r1, 0x0, 0x9, 0x2000406)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[], 0x1, 0x5b1, &(0x7f0000001000)="$eJzs3MFv29YZAPDHxK4NBwsGFGvSNEDZtIfsEFeSFwdGBywaTdtsJVEg5cI5DcXiZMHsblg2YMmly6VDgQ077bz1utOO+6d62T/ggRLlybIzuWkbZcDvB8TvUfzI9z2C4QcRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEKJks9FoRqGT9Xb34udLNou8e7y0EKbXj/f3rxPNCYsTf0MUQlT9C8vL4eroo6uv/zf2B9WfG+HKaOlKWK6a5fD00hvf/+D1hQvVhotRdCqLl+3xk6e//OTgYP83X2Obo6Ojz6rZfIdpvTTbaS8r86zb3k7jrMzjjfX1xvs7W2W8lXXS8l45SLtxUqTtQV7EN5O7IYSNtThdvZfv9rY32500vpn8MG5ubNy51Wo01uMPV/tpuyjz3vsfrpbJTtbpZL3tYUy1+lbr7XCnOhE/ygbxIG134/jBo4P9tVlJVkHN8wS1ZgW1Gq1Ws9lqNddvb9y+02gs12fr8QcLjSlhepOF+Z+0vHSv1SfKcGF8jXvtW7uIwws6Sv4y7xQAAACA71g0vMceDe/LXx32trJO2jgRcxTNLT0AAADgWzD8an+lvgEQwtUQnf7+DwAAAPx/+/u4c+YzdiGKQtlfisaPqvT33osO21WvfXhx9NHF6T0Otq5Fl+udDJv1hXopSa9Hb46C3hxHf1U3D57/rN8/Q5VHVBSL0bNvlkD4U7g2irl2f9TeH68ZzXZlK+ukq0ne+aAZ2u3LFwbp3uB3nz76fQhFcXTxi173chQePDrYX/35rw7uD3N5Vu3l2WH9C4lTP5Q4mctSmMjlt8fPPdYzvnvyyC8Ob8RUs/6i110ZjduYnP+F0eYXvsb8Pw9vjWLeWhm1Kyfnv1yN2Vw9Y/aTWTT7e+8t1YOdc+ZTWVwfxVy/OTyx3r1Zr1mcyKI1K4vW5PF/oWNxnMW7J7KYPBZrs7JY+4ZZAMzLg+kqdKr+n6q7L3CV+x/VvRqlKuEzq/svZo7yeXhnFPPOtYW6Il0MYeqK3ph1RW+cs66HcHYW/wg3/vbXEHbDjXHw82psNe6fT1TV6PDLaoMvT4/7h1FT/vvhzqWqs3T46/DG4ydPbz06/OTh/sP9T1uttfXGjxqN262wOJxG3ag9AJwhLb6KVgZ/jIoi6/+subHRbA920rjIk4/iItvcTuOsN0iLZKfd207jfpEP8iTvVJ2Ps820jMvdfj+vKklexP28zPaGb36J61e/lGm33RtkSdnvpO0yjZO8N2gng3gzK5O4v/vTTlbupEW8lRdx2U+TbCtL2oMs78Vlvlsk6Wocl2k6EZhtpkefhZBV3V7cL7Juu7gXf5x3drtpvJlW1bI/yKNQ7XA8VtbbyovucLer8z7YAPCKeBzqN9gdv8ru8U/Gq56cWnVmJyzPiJnzFAGAKdNVemneCQEAAAAAAAAAAAAAAKdMPq734/qVPud77O+V7dy9dNaqt+ef2GQnhLDwCqShc87O8quRxmL93/ZF9xOFEGYHf6+KmedVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO9p8AAAD//0n5kWY=")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, &(0x7f0000000100)})
sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
r6 = openat(0xffffffffffffff9c, 0x0, 0x105042, 0x0)
preadv2(r6, 0x0, 0x0, 0x0, 0xffffffde, 0x9)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r7, 0x0, 0xc8, 0x0, 0x0)
setsockopt$MRT_ADD_VIF(r7, 0x0, 0xca, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
stat(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0)

748.901529ms ago: executing program 3 (id=2314):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000e00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x24, &(0x7f0000000140)={0x2, 0x0, 0x800000000000})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = gettid()
r7 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
readv(r7, &(0x7f0000000100)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000300)={&(0x7f0000001480)=ANY=[@ANYBLOB="1c000000030600000a360001000700000000000000000000004640f7afd20a000000"], 0x1c}, 0x1, 0x0, 0x0, 0x30000000}, 0x84085)
socket$xdp(0x2c, 0x3, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="7c0100001a0001000000000000000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa0000000000000000000000000000000033000000fc0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000890001006d6435000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000802"], 0x17c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r10}, 0x10)
syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcLli4hWCwigqx0CIpRGJIY0RcsbAWLLQQLCwkEq39+AcUv0BsxD6lGEEUYiUpxXpBsUmVZdfZxmplUdnleZrhPefMHF5+E/hPi8Lv7XY7EUJoJ9//9m+nhbFS98TI5FQIiTAbQij8+stfnUQ88fdXz+NzOT6XktnG/vXo82nHTc9dPX0Yxf1aFMJaCGHh4Sj1b+/G/99Z/jK1vrFU3FzJz98XVx8H5/oKXVuFxZ2hg1xlujM3E/9Ytehz9qcbw8e37fLT7vf+b/VGK3sVz2USH7Ofr/U2/72f1Wa1Nd57sjyQ+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBn+cvU+sZScXMlP39fXH0cnOsrdG0VFneGDnKV6c7cTPQ6V4s+Z3+6MXx82y4/7X7v/1ZvtLJX8Vwm8TH7+Vpv89/7WW1WW+O9J8sDmR/Ni8p2nPuL/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6gwVuqeGJmcCiERZkMIo1HH0Z/1dvK1n4jnzuNnOa6XktnG/vXo82nHTc9dPX04EddrUQhrIYSFh6PUp1+Gd/sjAAD///tch0s=")
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00'}, 0x18)

491.46146ms ago: executing program 1 (id=2315):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000300000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000002c0)=@ethernet={0x0, @random="90e92d80d435"}, 0x80, 0x0, 0x0, &(0x7f0000000540)=[@timestamping={{0x14, 0x1, 0x41, 0x69d}}], 0x18}, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
socket$unix(0x1, 0x1, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r4 = fcntl$dupfd(r3, 0x406, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})
ioctl$VT_SETMODE(r4, 0x5602, &(0x7f0000000fc0)={0x8, 0x7, 0x1ff, 0x1ff, 0x7b4})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
sendmsg$nl_route_sched(r6, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x2}, 0x2}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="0103fcffffff000000002b0000000c0006"], 0x20}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x88, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0xbfdff7e8, 0xffffffff, 0x3}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x1, 0x400, 0xfffffffb}, 0x2}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0xd, 0x20000)

344.862032ms ago: executing program 5 (id=2316):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r3)
getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x84, &(0x7f0000000240)={&(0x7f00000006c0)=@delchain={0x8c, 0x64, 0xf31, 0xfffffffb, 0x400, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0xa, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x5c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x58, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x54, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0xd}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x5, 0x2, 0x1000}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x2}]}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4008051}, 0x4000)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000fedbdf25080000001800028014000380100001800400030008000100050000000c0001800800", @ANYRES32], 0x38}, 0x1, 0x0, 0x0, 0x4000814}, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f0000000040)={0x200000000000001}, 0x8)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = syz_pidfd_open(0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = pidfd_getfd(r6, r6, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r7, 0x89f0, 0x0)

285.553467ms ago: executing program 4 (id=2317):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="2000000068000100fd4dc77bf9d19bf96500000000000000080005"], 0x20}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r3)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x100, 0x0)
close(r5)
r6 = socket$unix(0x1, 0x5, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x100, 0x6, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x1, 0x0, 0xb2, 0x9, 0x8, 0x7c}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x80000, {0x0, 0x0, 0x0, r8, {0x0, 0x10}, {0x1, 0xb}, {0x8, 0xc}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r5, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

173.912346ms ago: executing program 5 (id=2318):
perf_event_open(0x0, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYRES32], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mlockall(0x2)
r3 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000b80)={<r4=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000080))
close(r4)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000300)='dctcp-reno\x00', 0xb)
r5 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$selinux_access(r5, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56)

45.631006ms ago: executing program 4 (id=2319):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x187842, 0x0)
ioctl(r0, 0x2, &(0x7f00000008c0))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143041, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000711181000000000016000000000008009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x22)
timerfd_settime(r2, 0x2, &(0x7f00000000c0)={{}, {0x77359400}}, &(0x7f0000000140))
r3 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003d37d840890457e00000000000010902240003000000000904"], 0x0)
read$hidraw(r2, &(0x7f0000000240)=""/189, 0xbd)
syz_usb_control_io(r3, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000540)=ANY=[@ANYBLOB="400e010000008e0600309397090000c2ab976cf40ecce7d2e507000000afa884dcb2d2f3d20d2df158eeec2d86548ef3e8f4481e5089e49c7dd9b3f2bd0f81781f20d99ba630a852aeabaa95b707ae813e18663e2df16141324d2917e8f58b5c65c42a49765b887ca69be9905fde4668ca5b26b47132d7116655cbe79bd6c81a636da9eddd7b44404981340d4ed455fb23752208025a63e304d215197b79273d0c4aecde92d53054cc1c349a7370afba3969390e00a6712c81e9bc8cec2a15e4890f411d734e984fbe96ac40a298e41759f14ecd86516d21eae74b86f854f8eb3abe31db5df826ef817712b09db68cfa0919524c27bcaabed83724cea933955f3cd292399287c85cd30222d1ea05dfb0131249e3b866e91d81651d1d28b3e993024e2ec99c5b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000100)={0x3920e, r0, 0x3, 0x1, 0x3, 0x6})

43.667856ms ago: executing program 1 (id=2320):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x4c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)={{0x1, 0x1, 0x18, r2, {0xee00, <r3=>0x0}}, './file0\x00'})
setregid(r3, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x4, 0x1, 0x8, 0x20005, 0xb, 0x0, 0xfffffffd, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0xff, 0x0, 0x8, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x4400, 0x800ffffffff, 0x6, 0x4, 0x0, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x5, 0xffffffffffffffff, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r5, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
pipe2(&(0x7f0000000000)={<r6=>0xffffffffffffffff}, 0x0)
r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000ec0), 0x2002, 0x0)
splice(r6, 0x0, r7, 0x0, 0x4, 0x0)
r8 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000800), 0x8000, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff})
bind$unix(r9, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000f197deb435987c51814c7a73baa2240000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r11 = syz_clone(0x100000, &(0x7f0000000400)="81c42f2753a6be92c0f34d3027c973a981d4c249fd94e2b14640fe222e4dee8d217061df9ea9472a79438e13edc0507ec8123e74d4d7b420b72ce6acd66e7dcfcea04da332bddc4f546c0e86db5ee89cf34b7300f07ede59de3803da98eb70eb06ee29", 0x63, &(0x7f0000000300), &(0x7f0000000480), &(0x7f00000004c0)="48f4a80fa13c13a45fe756b850a095665885fda15f8871e0f359f3b94aa71ba58fcdcd17ddce7796cfb395d0cf8404c0d670d374458c29283e9c87d4e7c9525ae648e53f18cb6fe78ee4adf24dee1a9bc73bfe27940acbee38bdaa9e3df8c6ba372a7fabce4ae201b6335988876f62704f157c626bb6d6aa01932420605169912207b89fffd0f27d7c4b7a6844cacba44e03e1de4872f79384bbcefd026ce90e3d72bc7f479c")
r12 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r12, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
setsockopt$inet6_int(r12, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0xfc00)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000bc0)=ANY=[@ANYRES64=0x0, @ANYRES32=r0, @ANYBLOB="19e9cd5be947d90328e1090e476dca1e363f54f956bb9cdc7175eae1876a66652565d83d75c6d6891ee3a82f4bbdf97a2e928ff83870237c94a677080ae6118b7efd3b34a4f2b1cfa9b8e9cc41b054b17268ed4f72d9daaace2833bcb17d56b8a2b40ebd4d1b796f741a38138925748564640398e650a633bcf8c1c41ab70333e055f4e15640f27288eab9e196adfef30f8b5bc64fd9b069a6dfde6bbcb07a08c6dc248fe77ff3f525f98defc2a65e58516cc16f5aca6f42919c340c8bf525305adbbe210ed5efe2b35be5f5321b54bb79355548ce7c18d8dfcb5e13d6b3c7e9a1731a43", @ANYRESHEX=r8, @ANYRESHEX=0x0, @ANYRES64=r11, @ANYRESOCT=r0, @ANYRESOCT=r10, @ANYRES16=r4], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r13}, 0x18)

31.374787ms ago: executing program 5 (id=2321):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0xffef, &(0x7f0000009b00)={&(0x7f0000002a40)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc101500000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000e4140380100000800c00018006000100d10300000c0000800800034000000002"], 0x1574}, 0x1, 0x0, 0x0, 0x4000850}, 0x840)

0s ago: executing program 5 (id=2322):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f00000003c0)={[{@nouser_xattr}, {@resgid}, {@inlinecrypt}, {@grpquota}, {@resuid}, {@data_err_ignore}]}, 0xfe, 0x445, &(0x7f0000000900)="$eJzs3MtvG0UYAPBv7Tz6JKGUR0MLgYKIeCRN+qAHLiCQOICEBIciTiFJq1C3QU2QaBVB4BCOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezd1HTuNE6cu8e8nbTvjHXfm293xzs7YDaBrDad/JBH7IuKPiBioZm8vMFz96+bK4tQ/K4tTSZTLb/+dVMrdWFmcyovm79tbzZTLWb6/Qb3L70VMlkozl7L82MKFD8fmL195YfbC5LmZczMXJ9J/7UjfqYmTbYkzjevG0Cdzhw+9/u7VN6fOXH3/l+/SGvZl+2vjaJfh6tFt6Ol2V9Zh+2vSSU8HG0JLihGRnq7eSv8fiGLsXt03EK993tHGAduqXC6XG92fM0tlYAdLotMtADojv9Gnz7/5dpeGHveE6y9XH4DSuG9mW3VPTxSyMr11z7ftNBwRZ5b+/TrdYpvmIQAAav2Qjn+ebzT+K8RDNeXuy9ZQBiPi/og4EBEPRMTBiHgwolL24Yh4pMX661dI1o5/Ctc2FdgGpeO/l7K1rdvHf/noLwaLWW5/Jf7e5OxsaeZYdkxGorc/zY+vU8ePr/7+ZbN9teO/dEvrz8eCWTuu9dRN0E1PLkxuJeZa1z+LGOppFH8S+TJOEhGHImJok3XMPvvt4Wb77hz/OtqwzlT+JuKZ6vlfirr4c0nD9cnTp08cH3/x1MTJsV1Rmjk2ll8Va/362/JbzerfUvxtkJ7/PQ2v/9X4B5NdEfOXr5yvrNfOt17H8p9fNH2m2ez135e8U0n3Za99PLmwcGk8oi95Y+3rE7fem+fz8mn8I0cb9/8DcetIPBoR6UV8JCIei4jHs7Y/ERFPRsTRdeL/+ZWnPmg9/nVm5dsojX/6Tuc/as9/64ni+Z++bz3+XHr+T1RSI9krG/n822gDt3LsAAAA4P+iUPkOfFIYXU0XCqOj1e/wH4w9hdLc/MJzZ+c+ujhd/a78YPQW8pmugZr50PFsbjjPT9Tlj2fzxl8Vd1fyo1NzpelOBw9dbm+T/p/6q9jp1gHbzu+1oHvV9f/yp51qCHDXuf9D99L/oXvp/9C9GvV/cwDQHdz/oXvp/9C99H/oXvo/dKWmv40vbOkn/xI7PhGFe6IZOz/Rs+H/zGKTif6Guzr9yQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAe/wUAAP//ziLlLw==")
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setgroups(0x0, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="00000d14040029bd7000fcdbdf25080001000100000008000300000000000800010000000000"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x1)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70b92d, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a0b32165}, 0x0)
modify_ldt$write(0x1, &(0x7f0000000040), 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r8 = syz_open_pts(r7, 0x0)
dup3(r7, r5, 0x0)
ppoll(&(0x7f0000000140)=[{r7}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0x3)
socket$can_raw(0x1d, 0x3, 0x1)

kernel console output (not intermixed with test programs):

000000
[  145.877215][ T3304] RBP: 00007ffc9b670aac R08: 000000002c94e9cb R09: 0000000000000000
[  145.877228][ T3304] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  145.877241][ T3304] R13: 00000000000927c0 R14: 000000000002381e R15: 00007ffc9b670b00
[  145.877313][ T3304]  </TASK>
[  145.877328][ T3304] memory: usage 307200kB, limit 307200kB, failcnt 952
[  146.103429][ T3304] memory+swap: usage 212760kB, limit 9007199254740988kB, failcnt 0
[  146.111372][ T3304] kmem: usage 212408kB, limit 9007199254740988kB, failcnt 0
[  146.118789][ T3304] Memory cgroup stats for /syz4:
[  146.119454][ T3304] cache 0
[  146.127354][ T3304] rss 0
[  146.130149][ T3304] shmem 0
[  146.133104][ T3304] mapped_file 0
[  146.136551][ T3304] dirty 0
[  146.139470][ T3304] writeback 0
[  146.142847][ T3304] workingset_refault_anon 17
[  146.147421][ T3304] workingset_refault_file 344
[  146.152097][ T3304] swap 204800
[  146.155460][ T3304] swapcached 0
[  146.158882][ T3304] pgpgin 176126
[  146.162337][ T3304] pgpgout 176124
[  146.165956][ T3304] pgfault 187692
[  146.169487][ T3304] pgmajfault 12
[  146.172997][ T3304] inactive_anon 0
[  146.176609][ T3304] active_anon 0
[  146.180045][ T3304] inactive_file 0
[  146.183694][ T3304] active_file 8192
[  146.187395][ T3304] unevictable 0
[  146.190837][ T3304] hierarchical_memory_limit 314572800
[  146.196317][ T3304] hierarchical_memsw_limit 9223372036854771712
[  146.202457][ T3304] total_cache 0
[  146.205945][ T3304] total_rss 0
[  146.209306][ T3304] total_shmem 0
[  146.212789][ T3304] total_mapped_file 0
[  146.216859][ T3304] total_dirty 0
[  146.220309][ T3304] total_writeback 0
[  146.224151][ T3304] total_workingset_refault_anon 17
[  146.229249][ T3304] total_workingset_refault_file 344
[  146.234608][ T3304] total_swap 204800
[  146.238497][ T3304] total_swapcached 0
[  146.242404][ T3304] total_pgpgin 176126
[  146.246395][ T3304] total_pgpgout 176124
[  146.250527][ T3304] total_pgfault 187692
[  146.254624][ T3304] total_pgmajfault 12
[  146.258696][ T3304] total_inactive_anon 0
[  146.262874][ T3304] total_active_anon 0
[  146.266846][ T3304] total_inactive_file 0
[  146.271046][ T3304] total_active_file 8192
[  146.275350][ T3304] total_unevictable 0
[  146.279317][ T3304] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1707,pid=9132,uid=0
[  146.293981][ T3304] Memory cgroup out of memory: Killed process 9132 (syz.4.1707) total-vm:93764kB, anon-rss:944kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  146.312120][ T8970] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.376938][ T9172] netlink: 'syz.4.1721': attribute type 1 has an invalid length.
[  146.432196][ T9172] 8021q: adding VLAN 0 to HW filter on device bond5
[  146.484070][ T9064] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.496556][ T9172] loop4: detected capacity change from 0 to 512
[  146.506905][ T9182] loop2: detected capacity change from 0 to 128
[  146.531053][ T9064] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.544993][ T9172] EXT4-fs: Ignoring removed nobh option
[  146.553435][ T9064] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.582513][ T9172] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  146.592505][ T9172] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1721: iget: bad i_size value: 38620345925642
[  146.598468][ T9184] __nla_validate_parse: 3 callbacks suppressed
[  146.598485][ T9184] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1726'.
[  146.609192][ T9064] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.631685][ T9172] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1721: couldn't read orphan inode 15 (err -117)
[  146.678328][ T9190] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1728'.
[  146.723904][ T9196] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1731'.
[  146.780170][ T9199] lo speed is unknown, defaulting to 1000
[  146.785085][ T9203] loop3: detected capacity change from 0 to 512
[  146.801263][ T9203] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  146.822442][ T9190] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1728'.
[  146.823077][ T9206] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1732'.
[  146.841061][ T9190] futex_wake_op: syz.5.1728 tries to shift op by -1; fix this program
[  146.866515][ T9203] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  146.883344][ T9203] System zones: 0-2, 18-18, 34-34
[  146.901371][ T9203] ext4 filesystem being mounted at /375/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.936352][ T9218] loop5: detected capacity change from 0 to 512
[  146.964721][ T9203] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  146.984559][ T9218] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  147.057822][ T9232] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.088194][ T9238] netlink: 'syz.3.1740': attribute type 1 has an invalid length.
[  147.111212][ T9238] 8021q: adding VLAN 0 to HW filter on device bond5
[  147.150301][ T9248] loop4: detected capacity change from 0 to 1024
[  147.165040][ T9232] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.167756][ T9248] EXT4-fs: Ignoring removed oldalloc option
[  147.180846][ T9248] EXT4-fs: Ignoring removed bh option
[  147.239690][ T9238] loop3: detected capacity change from 0 to 512
[  147.267367][ T9238] EXT4-fs: Ignoring removed nobh option
[  147.277540][ T9238] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  147.290175][ T9232] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.313747][ T9238] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1740: iget: bad i_size value: 38620345925642
[  147.328525][ T9238] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1740: couldn't read orphan inode 15 (err -117)
[  147.374160][ T9232] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.407880][ T9275] loop4: detected capacity change from 0 to 128
[  147.425485][ T9277] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1748'.
[  147.434459][ T9277] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1748'.
[  147.466829][ T9279] syzkaller0: entered promiscuous mode
[  147.472354][ T9279] syzkaller0: entered allmulticast mode
[  147.480581][ T9281] FAULT_INJECTION: forcing a failure.
[  147.480581][ T9281] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.493855][ T9281] CPU: 0 UID: 0 PID: 9281 Comm: syz.4.1749 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  147.493938][ T9281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  147.494014][ T9281] Call Trace:
[  147.494021][ T9281]  <TASK>
[  147.494028][ T9281]  __dump_stack+0x1d/0x30
[  147.494047][ T9281]  dump_stack_lvl+0xe8/0x140
[  147.494062][ T9281]  dump_stack+0x15/0x1b
[  147.494077][ T9281]  should_fail_ex+0x265/0x280
[  147.494164][ T9281]  should_fail+0xb/0x20
[  147.494206][ T9281]  should_fail_usercopy+0x1a/0x20
[  147.494225][ T9281]  _copy_from_user+0x1c/0xb0
[  147.494297][ T9281]  do_seccomp+0x118/0xa40
[  147.494308][ T9281]  ? fput+0x8f/0xc0
[  147.494395][ T9281]  ? ksys_write+0x192/0x1a0
[  147.494406][ T9281]  __x64_sys_seccomp+0x40/0x50
[  147.494479][ T9281]  x64_sys_call+0x2ad4/0x2ff0
[  147.494490][ T9281]  do_syscall_64+0xd2/0x200
[  147.494526][ T9281]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  147.494581][ T9281]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  147.494609][ T9281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.494621][ T9281] RIP: 0033:0x7fc030aaebe9
[  147.494683][ T9281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.494692][ T9281] RSP: 002b:00007fc02f50f038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[  147.494704][ T9281] RAX: ffffffffffffffda RBX: 00007fc030cd5fa0 RCX: 00007fc030aaebe9
[  147.494711][ T9281] RDX: 0000200000000280 RSI: 0000000000000008 RDI: 0000000000000001
[  147.494717][ T9281] RBP: 00007fc02f50f090 R08: 0000000000000000 R09: 0000000000000000
[  147.494724][ T9281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.494741][ T9281] R13: 00007fc030cd6038 R14: 00007fc030cd5fa0 R15: 00007ffc9b6706e8
[  147.494817][ T9281]  </TASK>
[  147.693358][ T9284] loop4: detected capacity change from 0 to 764
[  147.704356][ T9284] iso9660: Unknown parameter 'ud'
[  147.750909][ T9288] loop3: detected capacity change from 0 to 128
[  147.761918][ T9288] syz.3.1753: attempt to access beyond end of device
[  147.761918][ T9288] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128
[  147.806737][ T9291] loop4: detected capacity change from 0 to 164
[  147.818968][ T9291] syz.4.1754: attempt to access beyond end of device
[  147.818968][ T9291] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  147.833366][ T9291] syz.4.1754: attempt to access beyond end of device
[  147.833366][ T9291] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  147.927985][ T9303] netlink: 'syz.3.1757': attribute type 1 has an invalid length.
[  147.942302][ T9303] 8021q: adding VLAN 0 to HW filter on device bond6
[  147.955541][ T9303] loop3: detected capacity change from 0 to 512
[  147.962832][ T9303] EXT4-fs: Ignoring removed nobh option
[  147.970319][ T9303] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  147.985363][ T9303] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1757: iget: bad i_size value: 38620345925642
[  147.998377][ T9303] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1757: couldn't read orphan inode 15 (err -117)
[  148.043603][ T9307] loop4: detected capacity change from 0 to 1024
[  148.050928][ T9307] EXT4-fs: quotafile must be on filesystem root
[  148.198536][ T9019] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.218658][ T9019] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.233567][ T9019] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.243752][ T9019] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.262393][ T9328] loop3: detected capacity change from 0 to 512
[  148.273591][ T9328] EXT4-fs: Ignoring removed nobh option
[  148.279506][ T9331] loop4: detected capacity change from 0 to 764
[  148.294862][ T9328] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1766: iget: bad i_size value: 38620345925642
[  148.313018][ T9331] iso9660: Unknown parameter 'ud'
[  148.319885][ T9328] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1766: couldn't read orphan inode 15 (err -117)
[  148.320368][ T9334] netlink: 'syz.1.1768': attribute type 13 has an invalid length.
[  148.339675][ T9334] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1768'.
[  148.382715][ T9334] erspan0: refused to change device tx_queue_len
[  148.461650][ T9342] loop4: detected capacity change from 0 to 512
[  148.469158][ T9342] ext2: Unknown parameter 'nouser_xattr'
[  148.475583][   T29] kauditd_printk_skb: 123 callbacks suppressed
[  148.475607][   T29] audit: type=1326 audit(1756268416.696:6359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9250 comm="syz.5.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc0f9ebe9 code=0x7ffc0000
[  148.505276][   T29] audit: type=1326 audit(1756268416.696:6360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9250 comm="syz.5.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc0f9ebe9 code=0x7ffc0000
[  148.719270][   T29] audit: type=1400 audit(1756268416.936:6361): avc:  denied  { create } for  pid=9345 comm="syz.1.1772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  148.733203][ T9347] siw: device registration error -23
[  148.874518][ T9019] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm kworker/u8:16: bg 0: block 5: invalid block bitmap
[  148.893898][ T9019] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  148.906597][ T9019] EXT4-fs (loop3): This should not happen!! Data will be lost
[  148.906597][ T9019] 
[  148.916263][ T9019] EXT4-fs (loop3): Total free blocks count 0
[  148.922236][ T9019] EXT4-fs (loop3): Free/Dirty block details
[  148.928142][ T9019] EXT4-fs (loop3): free_blocks=0
[  148.933132][ T9019] EXT4-fs (loop3): dirty_blocks=16016
[  148.938496][ T9019] EXT4-fs (loop3): Block reservation details
[  148.944503][ T9019] EXT4-fs (loop3): i_reserved_data_blocks=16016
[  148.963422][ T9019] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  148.976171][ T9019] EXT4-fs (loop3): This should not happen!! Data will be lost
[  148.976171][ T9019] 
[  149.010903][ T9356] FAULT_INJECTION: forcing a failure.
[  149.010903][ T9356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.024066][ T9356] CPU: 1 UID: 0 PID: 9356 Comm: syz.1.1775 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  149.024149][ T9356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  149.024161][ T9356] Call Trace:
[  149.024168][ T9356]  <TASK>
[  149.024176][ T9356]  __dump_stack+0x1d/0x30
[  149.024301][ T9356]  dump_stack_lvl+0xe8/0x140
[  149.024316][ T9356]  dump_stack+0x15/0x1b
[  149.024385][ T9356]  should_fail_ex+0x265/0x280
[  149.024406][ T9356]  should_fail+0xb/0x20
[  149.024474][ T9356]  should_fail_usercopy+0x1a/0x20
[  149.024495][ T9356]  _copy_from_iter+0xd2/0xe80
[  149.024525][ T9356]  ? __build_skb_around+0x1a0/0x200
[  149.024617][ T9356]  ? __alloc_skb+0x223/0x320
[  149.024634][ T9356]  netlink_sendmsg+0x471/0x6b0
[  149.024656][ T9356]  ? __pfx_netlink_sendmsg+0x10/0x10
[  149.024678][ T9356]  __sock_sendmsg+0x142/0x180
[  149.024722][ T9356]  ____sys_sendmsg+0x31e/0x4e0
[  149.024744][ T9356]  ___sys_sendmsg+0x17b/0x1d0
[  149.024772][ T9356]  __x64_sys_sendmsg+0xd4/0x160
[  149.024835][ T9356]  x64_sys_call+0x191e/0x2ff0
[  149.024900][ T9356]  do_syscall_64+0xd2/0x200
[  149.024923][ T9356]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  149.024947][ T9356]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  149.024971][ T9356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.024995][ T9356] RIP: 0033:0x7f0b6525ebe9
[  149.025010][ T9356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.025024][ T9356] RSP: 002b:00007f0b63cc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.025040][ T9356] RAX: ffffffffffffffda RBX: 00007f0b65485fa0 RCX: 00007f0b6525ebe9
[  149.025093][ T9356] RDX: 00000000000000c0 RSI: 0000200000006180 RDI: 0000000000000003
[  149.025105][ T9356] RBP: 00007f0b63cc7090 R08: 0000000000000000 R09: 0000000000000000
[  149.025118][ T9356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.025130][ T9356] R13: 00007f0b65486038 R14: 00007f0b65485fa0 R15: 00007ffd0b710d88
[  149.025178][ T9356]  </TASK>
[  149.253343][ T9358] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.346897][ T9358] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.404209][ T9358] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.454399][ T9370] netlink: 'syz.5.1780': attribute type 13 has an invalid length.
[  149.462266][ T9370] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1780'.
[  149.475319][ T9370] erspan0: refused to change device tx_queue_len
[  149.496681][   T29] audit: type=1326 audit(1756268417.696:6362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9367 comm="syz.3.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e3eaebe9 code=0x7ffc0000
[  149.500256][ T9375] FAULT_INJECTION: forcing a failure.
[  149.500256][ T9375] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.520212][   T29] audit: type=1326 audit(1756268417.696:6363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9367 comm="syz.3.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f17e3eaebe9 code=0x7ffc0000
[  149.533234][ T9375] CPU: 0 UID: 0 PID: 9375 Comm: syz.3.1781 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  149.533258][ T9375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  149.533269][ T9375] Call Trace:
[  149.533275][ T9375]  <TASK>
[  149.533283][ T9375]  __dump_stack+0x1d/0x30
[  149.533336][ T9375]  dump_stack_lvl+0xe8/0x140
[  149.533354][ T9375]  dump_stack+0x15/0x1b
[  149.533440][ T9375]  should_fail_ex+0x265/0x280
[  149.533504][ T9375]  should_fail+0xb/0x20
[  149.533520][ T9375]  should_fail_usercopy+0x1a/0x20
[  149.533542][ T9375]  _copy_from_user+0x1c/0xb0
[  149.533567][ T9375]  __copy_msghdr+0x244/0x300
[  149.533585][ T9375]  ___sys_sendmsg+0x109/0x1d0
[  149.533681][ T9375]  __x64_sys_sendmsg+0xd4/0x160
[  149.533705][ T9375]  x64_sys_call+0x191e/0x2ff0
[  149.533724][ T9375]  do_syscall_64+0xd2/0x200
[  149.533749][ T9375]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  149.533811][ T9375]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  149.533834][ T9375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.533854][ T9375] RIP: 0033:0x7f17e3eaebe9
[  149.533870][ T9375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.533915][ T9375] RSP: 002b:00007f17e2917038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.533935][ T9375] RAX: ffffffffffffffda RBX: 00007f17e40d5fa0 RCX: 00007f17e3eaebe9
[  149.533947][ T9375] RDX: 0000000000000080 RSI: 00002000000008c0 RDI: 0000000000000006
[  149.534010][ T9375] RBP: 00007f17e2917090 R08: 0000000000000000 R09: 0000000000000000
[  149.534022][ T9375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.534034][ T9375] R13: 00007f17e40d6038 R14: 00007f17e40d5fa0 R15: 00007fffc7fa7ff8
[  149.534076][ T9375]  </TASK>
[  149.733471][   T29] audit: type=1326 audit(1756268417.696:6364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9367 comm="syz.3.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e3eaebe9 code=0x7ffc0000
[  149.733500][   T29] audit: type=1326 audit(1756268417.696:6365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9367 comm="syz.3.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17e3eaebe9 code=0x7ffc0000
[  149.733524][   T29] audit: type=1326 audit(1756268417.706:6366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9367 comm="syz.3.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e3eaebe9 code=0x7ffc0000
[  149.733547][   T29] audit: type=1326 audit(1756268417.706:6367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9367 comm="syz.3.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f17e3eaebe9 code=0x7ffc0000
[  149.733589][   T29] audit: type=1326 audit(1756268417.706:6368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9367 comm="syz.3.1779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17e3eaebe9 code=0x7ffc0000
[  149.759245][ T9358] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.779206][ T9392] loop2: detected capacity change from 0 to 128
[  149.779576][ T9392] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  149.782383][ T9392] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  149.787426][ T9392] 9pnet_fd: Insufficient options for proto=fd
[  149.821861][ T9389] loop3: detected capacity change from 0 to 1024
[  149.822168][ T9389] EXT4-fs: Ignoring removed oldalloc option
[  149.822199][ T9389] EXT4-fs: Ignoring removed bh option
[  149.941971][ T9399] loop3: detected capacity change from 0 to 164
[  149.947133][ T9399] syz.3.1788: attempt to access beyond end of device
[  149.947133][ T9399] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  149.947167][ T9399] syz.3.1788: attempt to access beyond end of device
[  149.947167][ T9399] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  150.124984][ T9406] loop3: detected capacity change from 0 to 512
[  150.125399][ T9406] EXT4-fs: Ignoring removed nomblk_io_submit option
[  150.132937][ T9406] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  150.132951][ T9406] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002]
[  150.133033][ T9406] System zones: 0-1, 15-15, 18-18, 34-34
[  150.133226][ T9406] EXT4-fs (loop3): orphan cleanup on readonly fs
[  150.136085][ T9406] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #16: comm syz.3.1792: casefold flag without casefold feature
[  150.138847][ T9406] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1792: couldn't read orphan inode 16 (err -117)
[  150.266838][ T9415] FAULT_INJECTION: forcing a failure.
[  150.266838][ T9415] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.280036][ T9415] CPU: 0 UID: 0 PID: 9415 Comm: syz.2.1794 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  150.280064][ T9415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  150.280080][ T9415] Call Trace:
[  150.280086][ T9415]  <TASK>
[  150.280092][ T9415]  __dump_stack+0x1d/0x30
[  150.280111][ T9415]  dump_stack_lvl+0xe8/0x140
[  150.280146][ T9415]  dump_stack+0x15/0x1b
[  150.280159][ T9415]  should_fail_ex+0x265/0x280
[  150.280242][ T9415]  should_fail+0xb/0x20
[  150.280258][ T9415]  should_fail_usercopy+0x1a/0x20
[  150.280275][ T9415]  _copy_to_user+0x20/0xa0
[  150.280334][ T9415]  simple_read_from_buffer+0xb5/0x130
[  150.280356][ T9415]  proc_fail_nth_read+0x10e/0x150
[  150.280382][ T9415]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  150.280406][ T9415]  vfs_read+0x1a8/0x770
[  150.280422][ T9415]  ? __rcu_read_unlock+0x4f/0x70
[  150.280485][ T9415]  ? __fget_files+0x184/0x1c0
[  150.280556][ T9415]  ? up_write+0x18/0x60
[  150.280575][ T9415]  ksys_read+0xda/0x1a0
[  150.280592][ T9415]  __x64_sys_read+0x40/0x50
[  150.280617][ T9415]  x64_sys_call+0x27bc/0x2ff0
[  150.280635][ T9415]  do_syscall_64+0xd2/0x200
[  150.280662][ T9415]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  150.280685][ T9415]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  150.280763][ T9415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.280784][ T9415] RIP: 0033:0x7f550225d5fc
[  150.280799][ T9415] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  150.280883][ T9415] RSP: 002b:00007f5500ca6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  150.280899][ T9415] RAX: ffffffffffffffda RBX: 00007f5502486090 RCX: 00007f550225d5fc
[  150.280909][ T9415] RDX: 000000000000000f RSI: 00007f5500ca60a0 RDI: 0000000000000007
[  150.280921][ T9415] RBP: 00007f5500ca6090 R08: 0000000000000000 R09: 0000000000000000
[  150.280931][ T9415] R10: 0000000000059032 R11: 0000000000000246 R12: 0000000000000002
[  150.280942][ T9415] R13: 00007f5502486128 R14: 00007f5502486090 R15: 00007ffea5ec5d48
[  150.280956][ T9415]  </TASK>
[  150.502865][ T9417] netlink: 'syz.3.1795': attribute type 13 has an invalid length.
[  150.510793][ T9417] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1795'.
[  150.535660][ T9422] netlink: 'syz.5.1797': attribute type 1 has an invalid length.
[  150.554502][ T9422] 8021q: adding VLAN 0 to HW filter on device bond1
[  150.569718][ T9422] loop5: detected capacity change from 0 to 512
[  150.576578][ T9422] EXT4-fs: Ignoring removed nobh option
[  150.585457][ T9422] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  150.596819][ T9417] erspan0: refused to change device tx_queue_len
[  150.615099][ T9422] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.1797: iget: bad i_size value: 38620345925642
[  150.661415][ T9422] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1797: couldn't read orphan inode 15 (err -117)
[  150.777576][ T9447] loop2: detected capacity change from 0 to 128
[  150.787454][ T9447] FAT-fs (loop2): Directory bread(block 32) failed
[  150.801735][ T9450] loop3: detected capacity change from 0 to 128
[  150.806888][ T9447] FAT-fs (loop2): Directory bread(block 33) failed
[  150.818565][ T9447] FAT-fs (loop2): Directory bread(block 34) failed
[  150.818667][ T9452] netlink: 'syz.5.1811': attribute type 13 has an invalid length.
[  150.825842][ T9447] FAT-fs (loop2): Directory bread(block 35) failed
[  150.841689][ T9452] erspan0: refused to change device tx_queue_len
[  150.846553][ T9447] FAT-fs (loop2): Directory bread(block 36) failed
[  150.857802][ T9447] FAT-fs (loop2): Directory bread(block 37) failed
[  150.864361][ T9447] FAT-fs (loop2): Directory bread(block 38) failed
[  150.871511][ T9447] FAT-fs (loop2): Directory bread(block 39) failed
[  150.878796][ T9447] FAT-fs (loop2): Directory bread(block 40) failed
[  150.885532][ T9447] FAT-fs (loop2): Directory bread(block 41) failed
[  150.911543][ T9447] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF
[  150.920196][ T9447] FAT-fs (loop2): Filesystem has been set read-only
[  150.950268][ T9447] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  151.102633][ T9467] FAULT_INJECTION: forcing a failure.
[  151.102633][ T9467] name failslab, interval 1, probability 0, space 0, times 0
[  151.116042][ T9467] CPU: 0 UID: 0 PID: 9467 Comm: syz.2.1817 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  151.116070][ T9467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  151.116081][ T9467] Call Trace:
[  151.116087][ T9467]  <TASK>
[  151.116092][ T9467]  __dump_stack+0x1d/0x30
[  151.116113][ T9467]  dump_stack_lvl+0xe8/0x140
[  151.116129][ T9467]  dump_stack+0x15/0x1b
[  151.116143][ T9467]  should_fail_ex+0x265/0x280
[  151.116174][ T9467]  should_failslab+0x8c/0xb0
[  151.116246][ T9467]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  151.116269][ T9467]  ? sock_alloc_inode+0x34/0xa0
[  151.116292][ T9467]  ? __pfx_sock_alloc_inode+0x10/0x10
[  151.116403][ T9467]  sock_alloc_inode+0x34/0xa0
[  151.116424][ T9467]  alloc_inode+0x40/0x170
[  151.116496][ T9467]  __sock_create+0x122/0x5b0
[  151.116588][ T9467]  __sys_socketpair+0x170/0x430
[  151.116611][ T9467]  ? ksys_write+0x192/0x1a0
[  151.116630][ T9467]  __x64_sys_socketpair+0x52/0x60
[  151.116704][ T9467]  x64_sys_call+0x2bf2/0x2ff0
[  151.116721][ T9467]  do_syscall_64+0xd2/0x200
[  151.116742][ T9467]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  151.116844][ T9467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.116861][ T9467] RIP: 0033:0x7f550225ebe9
[  151.116873][ T9467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.116994][ T9467] RSP: 002b:00007f5500cc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  151.117052][ T9467] RAX: ffffffffffffffda RBX: 00007f5502485fa0 RCX: 00007f550225ebe9
[  151.117062][ T9467] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[  151.117073][ T9467] RBP: 00007f5500cc7090 R08: 0000000000000000 R09: 0000000000000000
[  151.117083][ T9467] R10: 0000200000000940 R11: 0000000000000246 R12: 0000000000000001
[  151.117093][ T9467] R13: 00007f5502486038 R14: 00007f5502485fa0 R15: 00007ffea5ec5d48
[  151.117108][ T9467]  </TASK>
[  151.117149][ T9467] socket: no more sockets
[  151.129116][ T9469] netlink: 'syz.3.1818': attribute type 1 has an invalid length.
[  151.320138][ T9480] loop3: detected capacity change from 0 to 512
[  151.327352][ T9480] EXT4-fs: Ignoring removed nobh option
[  151.334012][ T9480] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  151.356625][ T9469] 8021q: adding VLAN 0 to HW filter on device bond7
[  151.364530][ T9480] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1818: iget: bad i_size value: 38620345925642
[  151.381785][ T9480] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1818: couldn't read orphan inode 15 (err -117)
[  151.389179][ T9488] loop2: detected capacity change from 0 to 1024
[  151.404239][ T9488] EXT4-fs: inline encryption not supported
[  151.410467][ T9488] EXT4-fs: Ignoring removed bh option
[  151.444741][ T9492] loop3: detected capacity change from 0 to 512
[  151.453359][ T9492] EXT4-fs: Ignoring removed nobh option
[  151.476773][ T9492] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1823: iget: bad i_size value: 38620345925642
[  151.495464][ T9492] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1823: couldn't read orphan inode 15 (err -117)
[  151.555476][ T9488] lo speed is unknown, defaulting to 1000
[  151.813288][ T9517] loop2: detected capacity change from 0 to 1024
[  151.821118][ T9517] EXT4-fs: Ignoring removed oldalloc option
[  151.827108][ T9517] EXT4-fs: Ignoring removed bh option
[  151.854403][ T9521] __nla_validate_parse: 3 callbacks suppressed
[  151.854419][ T9521] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1832'.
[  151.890445][ T9523] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  151.918250][ T9523] syzkaller0: entered promiscuous mode
[  151.923818][ T9523] syzkaller0: entered allmulticast mode
[  151.974165][ T9046] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm kworker/u8:37: bg 0: block 5: invalid block bitmap
[  151.987204][ T9046] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  151.999762][ T9046] EXT4-fs (loop3): This should not happen!! Data will be lost
[  151.999762][ T9046] 
[  152.009560][ T9046] EXT4-fs (loop3): Total free blocks count 0
[  152.015647][ T9046] EXT4-fs (loop3): Free/Dirty block details
[  152.021540][ T9046] EXT4-fs (loop3): free_blocks=0
[  152.026528][ T9046] EXT4-fs (loop3): dirty_blocks=16004
[  152.031914][ T9046] EXT4-fs (loop3): Block reservation details
[  152.037952][ T9046] EXT4-fs (loop3): i_reserved_data_blocks=16004
[  152.040503][ T9527] loop2: detected capacity change from 0 to 764
[  152.053344][ T9527] iso9660: Unknown parameter 'ud'
[  152.075736][ T9046] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  152.078460][ T9529] loop5: detected capacity change from 0 to 128
[  152.088560][ T9046] EXT4-fs (loop3): This should not happen!! Data will be lost
[  152.088560][ T9046] 
[  152.120533][ T9529] syz.5.1836: attempt to access beyond end of device
[  152.120533][ T9529] loop5: rw=2049, sector=138, nr_sectors = 2 limit=128
[  152.150332][ T9531] loop2: detected capacity change from 0 to 512
[  152.162014][ T9531] ext2: Unknown parameter 'nouser_xattr'
[  152.294724][ T9538] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  152.306871][ T9538] SELinux: failed to load policy
[  152.392929][ T9550] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1843'.
[  152.503996][ T9556] loop3: detected capacity change from 0 to 764
[  152.511643][ T9556] iso9660: Unknown parameter 'ud'
[  152.580780][ T9558] netlink: 'syz.3.1848': attribute type 13 has an invalid length.
[  152.588688][ T9558] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1848'.
[  152.640017][ T9558] erspan0: refused to change device tx_queue_len
[  152.724515][ T9565] loop3: detected capacity change from 0 to 128
[  152.764320][ T9565] syz.3.1851: attempt to access beyond end of device
[  152.764320][ T9565] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128
[  152.791937][ T9568] loop5: detected capacity change from 0 to 1024
[  152.804956][ T9568] FAULT_INJECTION: forcing a failure.
[  152.804956][ T9568] name failslab, interval 1, probability 0, space 0, times 0
[  152.817783][ T9568] CPU: 0 UID: 0 PID: 9568 Comm: syz.5.1853 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  152.817808][ T9568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  152.817820][ T9568] Call Trace:
[  152.817827][ T9568]  <TASK>
[  152.817835][ T9568]  __dump_stack+0x1d/0x30
[  152.817856][ T9568]  dump_stack_lvl+0xe8/0x140
[  152.817899][ T9568]  dump_stack+0x15/0x1b
[  152.817913][ T9568]  should_fail_ex+0x265/0x280
[  152.817930][ T9568]  should_failslab+0x8c/0xb0
[  152.817951][ T9568]  __kmalloc_noprof+0xa5/0x3e0
[  152.818000][ T9568]  ? ext4_xattr_block_set+0x24f/0x1a30
[  152.818035][ T9568]  ext4_xattr_block_set+0x24f/0x1a30
[  152.818064][ T9568]  ext4_xattr_set_handle+0xa4f/0xe70
[  152.818148][ T9568]  ext4_xattr_set+0x18e/0x240
[  152.818165][ T9568]  ext4_xattr_trusted_set+0x3c/0x50
[  152.818180][ T9568]  ? __pfx_ext4_xattr_trusted_set+0x10/0x10
[  152.818214][ T9568]  __vfs_setxattr+0x2e3/0x310
[  152.818228][ T9568]  __vfs_setxattr_noperm+0xe8/0x410
[  152.818240][ T9568]  __vfs_setxattr_locked+0x1af/0x1d0
[  152.818284][ T9568]  vfs_setxattr+0x132/0x270
[  152.818297][ T9568]  file_setxattr+0x139/0x1b0
[  152.818309][ T9568]  path_setxattrat+0x290/0x310
[  152.818375][ T9568]  __x64_sys_fsetxattr+0x6b/0x80
[  152.818388][ T9568]  x64_sys_call+0x1ced/0x2ff0
[  152.818535][ T9568]  do_syscall_64+0xd2/0x200
[  152.818549][ T9568]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  152.818561][ T9568]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  152.818575][ T9568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.818642][ T9568] RIP: 0033:0x7f7fc0f9ebe9
[  152.818652][ T9568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.818661][ T9568] RSP: 002b:00007f7fbf9ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  152.818672][ T9568] RAX: ffffffffffffffda RBX: 00007f7fc11c5fa0 RCX: 00007f7fc0f9ebe9
[  152.818679][ T9568] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  152.818686][ T9568] RBP: 00007f7fbf9ff090 R08: 0000000000000000 R09: 0000000000000000
[  152.818715][ T9568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.818721][ T9568] R13: 00007f7fc11c6038 R14: 00007f7fc11c5fa0 R15: 00007ffd85f60ef8
[  152.818731][ T9568]  </TASK>
[  153.152141][   T56] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.171740][   T56] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.193806][   T56] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.223466][   T56] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.518369][ T9615] loop3: detected capacity change from 0 to 512
[  153.541514][ T9586] netlink: 'syz.5.1859': attribute type 4 has an invalid length.
[  153.546590][ T9643] loop2: detected capacity change from 0 to 164
[  153.580990][ T9615] ext4 filesystem being mounted at /420/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  153.625245][ T9643] syz.2.1870: attempt to access beyond end of device
[  153.625245][ T9643] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  153.671482][ T9650] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.679588][ T9643] syz.2.1870: attempt to access beyond end of device
[  153.679588][ T9643] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  153.681892][ T9576] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.1856: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  153.729914][ T9576] EXT4-fs (loop3): Remounting filesystem read-only
[  153.768984][ T9654] siw: device registration error -23
[  153.780589][ T9655] loop5: detected capacity change from 0 to 164
[  153.859467][ T9660] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1873'.
[  153.870672][ T9650] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.908724][ T9662] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.958862][ T9665] netlink: 'syz.2.1873': attribute type 2 has an invalid length.
[  153.968166][ T9662] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.994577][ T9650] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.010369][ T9662] netlink: 'syz.5.1874': attribute type 10 has an invalid length.
[  154.036346][ T9670] loop3: detected capacity change from 0 to 512
[  154.052333][ T9672] loop2: detected capacity change from 0 to 512
[  154.065204][ T9670] EXT4-fs: Ignoring removed nobh option
[  154.071613][ T9674] loop5: detected capacity change from 0 to 512
[  154.081543][ T9650] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.102354][ T9670] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1875: iget: bad i_size value: 38620345925642
[  154.116596][ T9670] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1875: couldn't read orphan inode 15 (err -117)
[  154.130200][ T9672] ext4 filesystem being mounted at /358/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.141828][ T9674] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  154.152099][ T9674] EXT4-fs (loop5): orphan cleanup on readonly fs
[  154.161545][ T9672] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  154.170521][ T9672] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  154.192007][ T9674] __quota_error: 200 callbacks suppressed
[  154.192034][ T9674] Quota error (device loop5): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  154.208854][ T9674] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  154.266920][ T9674] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  154.274463][ T9674] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1874: bg 0: block 40: padding at end of block bitmap is not set
[  154.315387][ T9674] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  154.332947][ T9674] EXT4-fs (loop5): 1 truncate cleaned up
[  154.571895][ T9705] netlink: 'syz.4.1878': attribute type 4 has an invalid length.
[  154.591250][   T31] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm kworker/u8:1: bg 0: block 5: invalid block bitmap
[  154.604535][   T31] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  154.617076][   T31] EXT4-fs (loop3): This should not happen!! Data will be lost
[  154.617076][   T31] 
[  154.626780][   T31] EXT4-fs (loop3): Total free blocks count 0
[  154.632795][   T31] EXT4-fs (loop3): Free/Dirty block details
[  154.638817][   T31] EXT4-fs (loop3): free_blocks=0
[  154.643811][   T31] EXT4-fs (loop3): dirty_blocks=16028
[  154.649175][   T31] EXT4-fs (loop3): Block reservation details
[  154.655231][   T31] EXT4-fs (loop3): i_reserved_data_blocks=16028
[  154.667928][   T31] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  154.680705][   T31] EXT4-fs (loop3): This should not happen!! Data will be lost
[  154.680705][   T31] 
[  154.732765][ T9713] loop2: detected capacity change from 0 to 128
[  154.755115][   T29] audit: type=1326 audit(1756268422.976:6569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9712 comm="syz.2.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  154.787293][   T29] audit: type=1326 audit(1756268422.976:6570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9712 comm="syz.2.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  154.810742][   T29] audit: type=1326 audit(1756268422.976:6571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9712 comm="syz.2.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  154.834238][   T29] audit: type=1326 audit(1756268422.976:6572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9712 comm="syz.2.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  154.857861][   T29] audit: type=1326 audit(1756268422.976:6573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9712 comm="syz.2.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  154.881351][   T29] audit: type=1326 audit(1756268422.976:6574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9712 comm="syz.2.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  154.904753][   T29] audit: type=1326 audit(1756268422.976:6575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9712 comm="syz.2.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  154.928230][   T29] audit: type=1326 audit(1756268422.976:6576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9712 comm="syz.2.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  154.951653][   T29] audit: type=1326 audit(1756268422.976:6577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9712 comm="syz.2.1881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  154.982066][ T9717] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1882'.
[  154.991053][ T9717] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1882'.
[  155.064287][ T9725] loop3: detected capacity change from 0 to 128
[  155.094378][ T9725] FAT-fs (loop3): Directory bread(block 32) failed
[  155.107226][ T9725] FAT-fs (loop3): Directory bread(block 33) failed
[  155.118436][ T9731] loop5: detected capacity change from 0 to 1024
[  155.127250][ T9725] FAT-fs (loop3): Directory bread(block 34) failed
[  155.128354][ T9731] EXT4-fs: inline encryption not supported
[  155.145727][ T9731] EXT4-fs: Ignoring removed bh option
[  155.148989][ T9725] FAT-fs (loop3): Directory bread(block 35) failed
[  155.164299][ T9725] FAT-fs (loop3): Directory bread(block 36) failed
[  155.170888][ T9725] FAT-fs (loop3): Directory bread(block 37) failed
[  155.178998][ T9725] FAT-fs (loop3): Directory bread(block 38) failed
[  155.185648][ T9725] FAT-fs (loop3): Directory bread(block 39) failed
[  155.192300][ T9725] FAT-fs (loop3): Directory bread(block 40) failed
[  155.199797][ T9725] FAT-fs (loop3): Directory bread(block 41) failed
[  155.221876][ T9725] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  155.230587][ T9725] FAT-fs (loop3): Filesystem has been set read-only
[  155.239046][ T9725] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  155.400872][ T9741] loop3: detected capacity change from 0 to 512
[  155.453365][ T9741] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  155.490254][ T9741] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  155.498440][ T9741] System zones: 0-2, 18-18, 34-34
[  155.506288][ T9741] ext4 filesystem being mounted at /425/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.968685][ T9749] loop2: detected capacity change from 0 to 1024
[  155.970062][ T9753] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.985331][ T9749] EXT4-fs: Ignoring removed oldalloc option
[  155.991381][ T9749] EXT4-fs: Ignoring removed bh option
[  155.993273][ T9753] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  156.023729][ T9753] netlink: 'syz.3.1893': attribute type 10 has an invalid length.
[  156.045843][ T9753] loop3: detected capacity change from 0 to 512
[  156.086610][ T9753] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  156.099469][ T9753] EXT4-fs (loop3): orphan cleanup on readonly fs
[  156.106819][ T9753] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  156.134579][ T9753] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  156.170941][ T9753] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1893: bg 0: block 40: padding at end of block bitmap is not set
[  156.198491][ T9753] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  156.219112][ T9753] EXT4-fs (loop3): 1 truncate cleaned up
[  156.237817][ T9762] hub 6-0:1.0: USB hub found
[  156.247827][ T9762] hub 6-0:1.0: 8 ports detected
[  156.472694][ T9768] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1898'.
[  156.493616][ T9768] netlink: 'syz.4.1898': attribute type 2 has an invalid length.
[  156.552715][ T9019] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  156.590074][ T9019] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  156.604133][ T9019] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  156.613442][ T9019] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  156.654815][ T9775] loop2: detected capacity change from 0 to 128
[  156.670138][ T9777] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1901'.
[  156.679475][ T9775] vfat: Unknown parameter 'ÿÿÿÿ'
[  157.030103][ T9792] siw: device registration error -23
[  157.068382][ T9794] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1906'.
[  157.078552][ T9794] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1906'.
[  157.145703][ T9797] loop3: detected capacity change from 0 to 512
[  157.235970][ T8749] EXT4-fs unmount: 51 callbacks suppressed
[  157.236003][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.313414][ T9797] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  157.322052][ T9797] EXT4-fs (loop3): orphan cleanup on readonly fs
[  157.364922][ T9797] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  157.408556][ T9802] loop2: detected capacity change from 0 to 512
[  157.417824][ T9797] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  157.453824][ T9802] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.490235][ T9811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1912'.
[  157.499164][ T9811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1912'.
[  157.508609][ T9797] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #13: comm syz.3.1907: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  157.527686][ T9802] ext4 filesystem being mounted at /368/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.543409][ T9797] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1907: couldn't read orphan inode 13 (err -117)
[  157.557433][ T9802] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.632970][ T9797] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  157.670831][ T9797] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  157.684241][ T9802] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.699902][ T9797] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  157.760308][ T9822] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1913'.
[  157.789762][ T9822] lo speed is unknown, defaulting to 1000
[  157.840118][ T9797] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  157.860587][ T9802] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.964941][ T9802] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.994484][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.027208][ T9828] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  158.062306][ T9832] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=235 sclass=netlink_audit_socket pid=9832 comm=syz.3.1919
[  158.081995][ T9046] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  158.098312][ T9046] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  158.110085][ T9046] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.119527][ T9046] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.146523][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.184593][ T9839] loop2: detected capacity change from 0 to 1024
[  158.191533][ T9839] EXT4-fs: Ignoring removed oldalloc option
[  158.197578][ T9839] EXT4-fs: Ignoring removed bh option
[  158.214773][ T9839] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.258250][ T9850] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  158.267698][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.278761][ T9850] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.299332][ T9854] netlink: 'syz.2.1928': attribute type 10 has an invalid length.
[  158.308880][ T9854] team0: Failed to send options change via netlink (err -105)
[  158.316575][ T9854] team0: Port device dummy0 added
[  158.323226][ T9854] netlink: 'syz.2.1928': attribute type 10 has an invalid length.
[  158.331377][ T9854] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  158.353127][ T9854] team0: Failed to send options change via netlink (err -105)
[  158.360643][ T9854] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  158.369759][ T9854] team0: Port device dummy0 removed
[  158.377823][ T9854] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  158.387347][ T9856] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1928'.
[  158.399425][ T9854] loop2: detected capacity change from 0 to 128
[  158.489857][ T9859] loop5: detected capacity change from 0 to 512
[  158.541065][ T9864] loop2: detected capacity change from 0 to 512
[  158.555770][ T9859] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  158.583208][ T9859] EXT4-fs (loop5): 1 orphan inode deleted
[  158.588998][ T9859] EXT4-fs (loop5): 1 truncate cleaned up
[  158.595765][ T9859] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.609908][ T9859] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  158.625245][ T9859] EXT4-fs (loop5): Remounting filesystem read-only
[  158.631989][ T9859] EXT4-fs (loop5): error restoring inline_data for inode -- potential data loss! (inode 12, error -30)
[  158.654731][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.666258][ T9864] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.679127][ T9864] ext4 filesystem being mounted at /372/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.692705][ T9864] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.734894][ T9864] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.784068][ T9864] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.834207][ T9864] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.969182][ T9889] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1940'.
[  158.984957][ T9889] netlink: 'syz.4.1940': attribute type 2 has an invalid length.
[  159.177282][ T9894] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1942'.
[  159.186465][ T9894] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1942'.
[  159.196584][   T29] kauditd_printk_skb: 142 callbacks suppressed
[  159.196595][   T29] audit: type=1326 audit(1756268427.426:6719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.1.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  159.242856][ T9896] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  159.252801][ T9896] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  159.262112][ T9896] netlink: 'syz.1.1943': attribute type 10 has an invalid length.
[  159.276135][   T29] audit: type=1326 audit(1756268427.426:6720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.1.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  159.299602][   T29] audit: type=1326 audit(1756268427.426:6721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.1.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  159.323612][   T29] audit: type=1326 audit(1756268427.426:6722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.1.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  159.347067][   T29] audit: type=1326 audit(1756268427.426:6723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.1.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  159.370457][   T29] audit: type=1326 audit(1756268427.426:6724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.1.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  159.393776][   T29] audit: type=1326 audit(1756268427.426:6725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.1.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  159.417173][   T29] audit: type=1326 audit(1756268427.426:6726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.1.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  159.440505][   T29] audit: type=1326 audit(1756268427.426:6727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.1.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  159.464039][   T29] audit: type=1326 audit(1756268427.426:6728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.1.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  159.609625][ T9898] loop5: detected capacity change from 0 to 512
[  159.616291][ T9898] EXT4-fs: Ignoring removed nobh option
[  159.624173][ T9898] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.1944: iget: bad i_size value: 38620345925642
[  159.637320][ T9898] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1944: couldn't read orphan inode 15 (err -117)
[  159.649755][ T9898] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.084812][ T9906] netlink: 'syz.1.1947': attribute type 4 has an invalid length.
[  160.200627][   T31] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm kworker/u8:1: bg 0: block 5: invalid block bitmap
[  160.222048][   T31] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  160.234709][   T31] EXT4-fs (loop5): This should not happen!! Data will be lost
[  160.234709][   T31] 
[  160.244383][   T31] EXT4-fs (loop5): Total free blocks count 0
[  160.250458][   T31] EXT4-fs (loop5): Free/Dirty block details
[  160.256434][   T31] EXT4-fs (loop5): free_blocks=0
[  160.261447][   T31] EXT4-fs (loop5): dirty_blocks=16020
[  160.266850][   T31] EXT4-fs (loop5): Block reservation details
[  160.272912][   T31] EXT4-fs (loop5): i_reserved_data_blocks=16020
[  160.280460][ T9809] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  160.304437][   T31] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  160.446011][ T9924] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  160.663947][ T9936] netlink: 'syz.5.1957': attribute type 4 has an invalid length.
[  160.865248][ T9944] loop5: detected capacity change from 0 to 1024
[  160.879767][ T9944] EXT4-fs: Ignoring removed oldalloc option
[  160.885888][ T9944] EXT4-fs: Ignoring removed bh option
[  160.909164][ T9944] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.992962][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.995161][ T9952] lo speed is unknown, defaulting to 1000
[  161.079704][ T9954] lo speed is unknown, defaulting to 1000
[  161.163588][ T9962] syzkaller0: entered promiscuous mode
[  161.169262][ T9962] syzkaller0: entered allmulticast mode
[  161.188892][ T9966] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  161.243812][ T9970] FAULT_INJECTION: forcing a failure.
[  161.243812][ T9970] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.257047][ T9970] CPU: 0 UID: 0 PID: 9970 Comm: syz.4.1971 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  161.257072][ T9970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  161.257083][ T9970] Call Trace:
[  161.257089][ T9970]  <TASK>
[  161.257095][ T9970]  __dump_stack+0x1d/0x30
[  161.257117][ T9970]  dump_stack_lvl+0xe8/0x140
[  161.257205][ T9970]  dump_stack+0x15/0x1b
[  161.257222][ T9970]  should_fail_ex+0x265/0x280
[  161.257244][ T9970]  should_fail+0xb/0x20
[  161.257266][ T9970]  should_fail_usercopy+0x1a/0x20
[  161.257283][ T9970]  _copy_from_user+0x1c/0xb0
[  161.257306][ T9970]  ___sys_sendmsg+0xc1/0x1d0
[  161.257388][ T9970]  __sys_sendmmsg+0x178/0x300
[  161.257415][ T9970]  __x64_sys_sendmmsg+0x57/0x70
[  161.257434][ T9970]  x64_sys_call+0x1c4a/0x2ff0
[  161.257502][ T9970]  do_syscall_64+0xd2/0x200
[  161.257527][ T9970]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  161.257625][ T9970]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  161.257646][ T9970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.257707][ T9970] RIP: 0033:0x7fc030aaebe9
[  161.257723][ T9970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.257740][ T9970] RSP: 002b:00007fc02f50f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  161.257756][ T9970] RAX: ffffffffffffffda RBX: 00007fc030cd5fa0 RCX: 00007fc030aaebe9
[  161.257794][ T9970] RDX: 0000000000000001 RSI: 0000200000002b00 RDI: 0000000000000004
[  161.257804][ T9970] RBP: 00007fc02f50f090 R08: 0000000000000000 R09: 0000000000000000
[  161.257816][ T9970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.257829][ T9970] R13: 00007fc030cd6038 R14: 00007fc030cd5fa0 R15: 00007ffc9b6706e8
[  161.257844][ T9970]  </TASK>
[  161.475352][ T9977] loop5: detected capacity change from 0 to 512
[  161.515861][ T9977] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.528957][ T9977] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.541312][ T9977] netlink: 'syz.5.1972': attribute type 21 has an invalid length.
[  161.550368][ T9977] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1972'.
[  161.559567][ T9977] netlink: 'syz.5.1972': attribute type 1 has an invalid length.
[  161.614390][ T9985] netlink: 'syz.1.1976': attribute type 2 has an invalid length.
[  161.684557][ T9983] netlink: 'syz.4.1975': attribute type 4 has an invalid length.
[  161.729442][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.827307][T10003] netlink: 'syz.5.1979': attribute type 13 has an invalid length.
[  161.848894][T10003] erspan0: refused to change device tx_queue_len
[  161.954214][T10012] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  162.059167][T10028] usb usb1: usbfs: process 10028 (syz.4.1990) did not claim interface 0 before use
[  162.068778][T10028] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  162.071070][T10027] FAULT_INJECTION: forcing a failure.
[  162.071070][T10027] name failslab, interval 1, probability 0, space 0, times 0
[  162.088795][T10027] CPU: 1 UID: 0 PID: 10027 Comm: syz.5.1991 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  162.088820][T10027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  162.088831][T10027] Call Trace:
[  162.088836][T10027]  <TASK>
[  162.088842][T10027]  __dump_stack+0x1d/0x30
[  162.088864][T10027]  dump_stack_lvl+0xe8/0x140
[  162.088882][T10027]  dump_stack+0x15/0x1b
[  162.088971][T10027]  should_fail_ex+0x265/0x280
[  162.088991][T10027]  should_failslab+0x8c/0xb0
[  162.089010][T10027]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  162.089105][T10027]  ? sidtab_sid2str_get+0xa0/0x130
[  162.089131][T10027]  kmemdup_noprof+0x2b/0x70
[  162.089151][T10027]  sidtab_sid2str_get+0xa0/0x130
[  162.089168][T10027]  security_sid_to_context_core+0x1eb/0x2e0
[  162.089187][T10027]  security_sid_to_context+0x27/0x40
[  162.089237][T10027]  selinux_lsmprop_to_secctx+0x67/0xf0
[  162.089255][T10027]  security_lsmprop_to_secctx+0x43/0x80
[  162.089276][T10027]  audit_log_task_context+0x77/0x190
[  162.089304][T10027]  audit_log_task+0xf4/0x250
[  162.089362][T10027]  audit_seccomp+0x61/0x100
[  162.089380][T10027]  ? __seccomp_filter+0x68c/0x10d0
[  162.089399][T10027]  __seccomp_filter+0x69d/0x10d0
[  162.089421][T10027]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  162.089510][T10027]  ? vfs_write+0x7e8/0x960
[  162.089541][T10027]  __secure_computing+0x82/0x150
[  162.089562][T10027]  syscall_trace_enter+0xcf/0x1e0
[  162.089581][T10027]  do_syscall_64+0xac/0x200
[  162.089736][T10027]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  162.089759][T10027]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  162.089780][T10027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.089798][T10027] RIP: 0033:0x7f7fc0f9ebe9
[  162.089812][T10027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.089852][T10027] RSP: 002b:00007f7fbf9ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  162.089872][T10027] RAX: ffffffffffffffda RBX: 00007f7fc11c5fa0 RCX: 00007f7fc0f9ebe9
[  162.089955][T10027] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  162.089968][T10027] RBP: 00007f7fbf9ff090 R08: 0000000000000000 R09: 0000000000000000
[  162.089980][T10027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.090014][T10027] R13: 00007f7fc11c6038 R14: 00007f7fc11c5fa0 R15: 00007ffd85f60ef8
[  162.090078][T10027]  </TASK>
[  162.392322][T10037] __nla_validate_parse: 5 callbacks suppressed
[  162.392336][T10037] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1993'.
[  162.407522][T10037] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1993'.
[  162.491399][T10042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.504259][T10042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.518547][T10047] loop3: detected capacity change from 0 to 128
[  162.532619][   T56] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  162.540992][   T56] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  162.563858][   T56] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  162.575245][T10047] FAT-fs (loop3): Directory bread(block 32) failed
[  162.581772][T10047] FAT-fs (loop3): Directory bread(block 33) failed
[  162.589185][   T56] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  162.597511][T10047] FAT-fs (loop3): Directory bread(block 34) failed
[  162.604598][T10047] FAT-fs (loop3): Directory bread(block 35) failed
[  162.611120][T10047] FAT-fs (loop3): Directory bread(block 36) failed
[  162.619238][T10047] FAT-fs (loop3): Directory bread(block 37) failed
[  162.625987][T10047] FAT-fs (loop3): Directory bread(block 38) failed
[  162.637263][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.647048][T10047] FAT-fs (loop3): Directory bread(block 39) failed
[  162.657199][T10047] FAT-fs (loop3): Directory bread(block 40) failed
[  162.664817][T10047] FAT-fs (loop3): Directory bread(block 41) failed
[  162.692984][T10047] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  162.701728][T10047] FAT-fs (loop3): Filesystem has been set read-only
[  162.734742][T10047] syz.3.2000: attempt to access beyond end of device
[  162.734742][T10047] loop3: rw=2049, sector=4184, nr_sectors = 8 limit=128
[  162.779222][T10047] syz.3.2000: attempt to access beyond end of device
[  162.779222][T10047] loop3: rw=2049, sector=4200, nr_sectors = 4 limit=128
[  162.784131][T10056] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  162.792883][T10047] buffer_io_error: 2 callbacks suppressed
[  162.792896][T10047] Buffer I/O error on dev loop3, logical block 1050, lost async page write
[  162.842661][T10047] syz.3.2000: attempt to access beyond end of device
[  162.842661][T10047] loop3: rw=2049, sector=4208, nr_sectors = 4 limit=128
[  162.856211][T10047] Buffer I/O error on dev loop3, logical block 1052, lost async page write
[  162.892667][T10047] syz.3.2000: attempt to access beyond end of device
[  162.892667][T10047] loop3: rw=2049, sector=4220, nr_sectors = 4 limit=128
[  162.906244][T10047] Buffer I/O error on dev loop3, logical block 1055, lost async page write
[  162.924226][T10057] netlink: 'syz.4.2003': attribute type 4 has an invalid length.
[  162.932088][T10047] syz.3.2000: attempt to access beyond end of device
[  162.932088][T10047] loop3: rw=2049, sector=4228, nr_sectors = 4 limit=128
[  162.945670][T10047] Buffer I/O error on dev loop3, logical block 1057, lost async page write
[  162.972682][T10047] syz.3.2000: attempt to access beyond end of device
[  162.972682][T10047] loop3: rw=2049, sector=4240, nr_sectors = 4 limit=128
[  162.986180][T10047] Buffer I/O error on dev loop3, logical block 1060, lost async page write
[  163.007742][T10047] syz.3.2000: attempt to access beyond end of device
[  163.007742][T10047] loop3: rw=2049, sector=4248, nr_sectors = 4 limit=128
[  163.021404][T10047] Buffer I/O error on dev loop3, logical block 1062, lost async page write
[  163.030167][T10047] syz.3.2000: attempt to access beyond end of device
[  163.030167][T10047] loop3: rw=2049, sector=4252, nr_sectors = 4 limit=128
[  163.061736][T10060] Invalid logical block size (2047)
[  163.068894][T10059] Invalid logical block size (2047)
[  163.097715][T10066] loop2: detected capacity change from 0 to 1024
[  163.115203][T10066] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.147574][T10066] ext4 filesystem being mounted at /375/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.191176][T10076] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  163.231825][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.258746][T10078] syzkaller0: entered promiscuous mode
[  163.264486][T10078] syzkaller0: entered allmulticast mode
[  163.307529][T10085] netlink: 'syz.1.2014': attribute type 10 has an invalid length.
[  163.318521][T10085] team0: Port device dummy0 added
[  163.340703][T10085] netlink: 'syz.1.2014': attribute type 10 has an invalid length.
[  163.361280][T10090] FAULT_INJECTION: forcing a failure.
[  163.361280][T10090] name failslab, interval 1, probability 0, space 0, times 0
[  163.374095][T10090] CPU: 1 UID: 0 PID: 10090 Comm: syz.3.2016 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  163.374123][T10090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  163.374159][T10090] Call Trace:
[  163.374164][T10090]  <TASK>
[  163.374171][T10090]  __dump_stack+0x1d/0x30
[  163.374190][T10090]  dump_stack_lvl+0xe8/0x140
[  163.374232][T10090]  dump_stack+0x15/0x1b
[  163.374248][T10090]  should_fail_ex+0x265/0x280
[  163.374266][T10090]  ? sctp_add_bind_addr+0x71/0x1e0
[  163.374288][T10090]  should_failslab+0x8c/0xb0
[  163.374316][T10090]  __kmalloc_cache_noprof+0x4c/0x320
[  163.374365][T10090]  sctp_add_bind_addr+0x71/0x1e0
[  163.374391][T10090]  sctp_copy_local_addr_list+0x199/0x220
[  163.374506][T10090]  sctp_copy_one_addr+0x7f/0x280
[  163.374531][T10090]  sctp_bind_addr_copy+0x79/0x290
[  163.374556][T10090]  sctp_assoc_set_bind_addr_from_ep+0xce/0xe0
[  163.374579][T10090]  sctp_connect_new_asoc+0x1c3/0x3a0
[  163.374670][T10090]  __sctp_connect+0x424/0x7a0
[  163.374723][T10090]  ? selinux_sctp_bind_connect+0x20d/0x250
[  163.374809][T10090]  sctp_getsockopt_connectx3+0x220/0x300
[  163.374890][T10090]  sctp_getsockopt+0x910/0xaa0
[  163.374916][T10090]  sock_common_getsockopt+0x60/0x70
[  163.374942][T10090]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  163.374989][T10090]  do_sock_getsockopt+0x200/0x240
[  163.375010][T10090]  __x64_sys_getsockopt+0x11e/0x1a0
[  163.375033][T10090]  x64_sys_call+0x2bc6/0x2ff0
[  163.375053][T10090]  do_syscall_64+0xd2/0x200
[  163.375145][T10090]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  163.375166][T10090]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  163.375288][T10090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.375338][T10090] RIP: 0033:0x7f17e3eaebe9
[  163.375351][T10090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.375378][T10090] RSP: 002b:00007f17e2917038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  163.375454][T10090] RAX: ffffffffffffffda RBX: 00007f17e40d5fa0 RCX: 00007f17e3eaebe9
[  163.375464][T10090] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  163.375474][T10090] RBP: 00007f17e2917090 R08: 0000200000000180 R09: 0000000000000000
[  163.375486][T10090] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002
[  163.375496][T10090] R13: 00007f17e40d6038 R14: 00007f17e40d5fa0 R15: 00007fffc7fa7ff8
[  163.375512][T10090]  </TASK>
[  163.621700][T10085] team0: Port device dummy0 removed
[  163.790914][T10091] loop5: detected capacity change from 0 to 1024
[  163.844778][T10091] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.878326][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.069395][T10118] syzkaller0: entered promiscuous mode
[  164.075208][T10118] syzkaller0: entered allmulticast mode
[  164.187473][T10103] netlink: 'syz.3.2021': attribute type 4 has an invalid length.
[  164.243251][T10128] IPVS: Error joining to the multicast group
[  164.260110][   T29] kauditd_printk_skb: 157 callbacks suppressed
[  164.260184][   T29] audit: type=1400 audit(1756268432.476:6885): avc:  denied  { accept } for  pid=10127 comm="syz.5.2030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  164.337580][T10131] siw: device registration error -23
[  164.498058][T10136] loop2: detected capacity change from 0 to 128
[  164.520452][T10134] loop3: detected capacity change from 0 to 512
[  164.600784][T10134] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  164.650393][T10138] loop2: detected capacity change from 0 to 512
[  164.711482][T10134] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2031'.
[  164.717534][T10138] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  164.784365][T10138] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.800793][T10147] loop3: detected capacity change from 0 to 764
[  164.829300][T10138] ext4 filesystem being mounted at /381/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.840091][T10147] iso9660: Unknown parameter 'ud'
[  164.898974][T10138] debugfs: 'ttyS3' already exists in 'caif_serial'
[  165.005022][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.015520][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2037'.
[  165.075138][T10164] syzkaller0: entered promiscuous mode
[  165.080644][T10164] syzkaller0: entered allmulticast mode
[  165.168958][T10180] loop3: detected capacity change from 0 to 128
[  165.203414][   T29] audit: type=1326 audit(1756268433.416:6886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.1.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  165.226973][   T29] audit: type=1326 audit(1756268433.426:6887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.1.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  165.250644][   T29] audit: type=1326 audit(1756268433.426:6888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.1.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  165.274199][   T29] audit: type=1326 audit(1756268433.426:6889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.1.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  165.298243][   T29] audit: type=1326 audit(1756268433.426:6890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.1.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  165.322003][   T29] audit: type=1326 audit(1756268433.426:6891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.1.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  165.412081][T10166] netlink: 'syz.2.2041': attribute type 4 has an invalid length.
[  165.465825][   T29] audit: type=1326 audit(1756268433.426:6892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.1.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  165.489452][   T29] audit: type=1326 audit(1756268433.426:6893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.1.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  165.513209][   T29] audit: type=1326 audit(1756268433.426:6894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10167 comm="syz.1.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b6525ebe9 code=0x7ffc0000
[  165.534580][T10198] loop3: detected capacity change from 0 to 1024
[  165.576806][T10198] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.589738][T10198] ext4 filesystem being mounted at /447/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.614148][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.641957][T10205] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2047'.
[  165.651933][T10205] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2047'.
[  165.662117][T10205] lo speed is unknown, defaulting to 1000
[  165.668876][T10205] lo speed is unknown, defaulting to 1000
[  165.682726][T10205] lo speed is unknown, defaulting to 1000
[  165.689225][T10205] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  165.699458][T10205] lo speed is unknown, defaulting to 1000
[  165.710155][T10207] FAULT_INJECTION: forcing a failure.
[  165.710155][T10207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.711695][T10205] lo speed is unknown, defaulting to 1000
[  165.723349][T10207] CPU: 0 UID: 0 PID: 10207 Comm: syz.5.2048 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  165.723444][T10207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  165.723455][T10207] Call Trace:
[  165.723463][T10207]  <TASK>
[  165.723470][T10207]  __dump_stack+0x1d/0x30
[  165.723491][T10207]  dump_stack_lvl+0xe8/0x140
[  165.723527][T10207]  dump_stack+0x15/0x1b
[  165.723543][T10207]  should_fail_ex+0x265/0x280
[  165.723562][T10207]  should_fail+0xb/0x20
[  165.723579][T10207]  should_fail_usercopy+0x1a/0x20
[  165.723632][T10207]  _copy_from_user+0x1c/0xb0
[  165.723657][T10207]  __sys_bpf+0x178/0x7b0
[  165.723749][T10207]  __x64_sys_bpf+0x41/0x50
[  165.723770][T10207]  x64_sys_call+0x2aea/0x2ff0
[  165.723790][T10207]  do_syscall_64+0xd2/0x200
[  165.723815][T10207]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  165.723882][T10207]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  165.723905][T10207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.723925][T10207] RIP: 0033:0x7f7fc0f9ebe9
[  165.723940][T10207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.724015][T10207] RSP: 002b:00007f7fbf9ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  165.724033][T10207] RAX: ffffffffffffffda RBX: 00007f7fc11c5fa0 RCX: 00007f7fc0f9ebe9
[  165.724046][T10207] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 000000000000001c
[  165.724058][T10207] RBP: 00007f7fbf9ff090 R08: 0000000000000000 R09: 0000000000000000
[  165.724070][T10207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.724082][T10207] R13: 00007f7fc11c6038 R14: 00007f7fc11c5fa0 R15: 00007ffd85f60ef8
[  165.724100][T10207]  </TASK>
[  165.898946][T10205] lo speed is unknown, defaulting to 1000
[  165.905357][T10205] lo speed is unknown, defaulting to 1000
[  165.911301][T10205] lo speed is unknown, defaulting to 1000
[  165.991906][T10220] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.000619][T10221] loop3: detected capacity change from 0 to 512
[  166.001672][T10220] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  166.020275][T10221] EXT4-fs: Mount option(s) incompatible with ext2
[  166.065611][T10221] loop3: detected capacity change from 0 to 512
[  166.074327][T10221] EXT4-fs: Ignoring removed mblk_io_submit option
[  166.081072][T10221] ext4: Unknown parameter 'mask'
[  166.111889][T10227] netlink: 172 bytes leftover after parsing attributes in process `syz.5.2055'.
[  166.121865][T10227] erspan0: refused to change device tx_queue_len
[  166.153612][T10229] lo speed is unknown, defaulting to 1000
[  166.159667][T10229] lo speed is unknown, defaulting to 1000
[  166.191544][T10231] loop5: detected capacity change from 0 to 128
[  166.201736][T10231] FAT-fs (loop5): Directory bread(block 32) failed
[  166.221627][T10231] FAT-fs (loop5): Directory bread(block 33) failed
[  166.228675][T10231] FAT-fs (loop5): Directory bread(block 34) failed
[  166.236993][T10231] FAT-fs (loop5): Directory bread(block 35) failed
[  166.243898][T10231] FAT-fs (loop5): Directory bread(block 36) failed
[  166.251013][T10231] FAT-fs (loop5): Directory bread(block 37) failed
[  166.258331][T10231] FAT-fs (loop5): Directory bread(block 38) failed
[  166.265032][T10231] FAT-fs (loop5): Directory bread(block 39) failed
[  166.271657][T10231] FAT-fs (loop5): Directory bread(block 40) failed
[  166.278911][T10231] FAT-fs (loop5): Directory bread(block 41) failed
[  166.312650][T10231] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF
[  166.321286][T10231] FAT-fs (loop5): Filesystem has been set read-only
[  166.328093][T10237] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2059'.
[  166.335183][T10231] syz.5.2057: attempt to access beyond end of device
[  166.335183][T10231] loop5: rw=2049, sector=4184, nr_sectors = 8 limit=128
[  166.351234][T10231] syz.5.2057: attempt to access beyond end of device
[  166.351234][T10231] loop5: rw=2049, sector=4200, nr_sectors = 4 limit=128
[  166.364825][T10231] Buffer I/O error on dev loop5, logical block 1050, lost async page write
[  166.374030][T10231] Buffer I/O error on dev loop5, logical block 1052, lost async page write
[  166.384698][T10231] Buffer I/O error on dev loop5, logical block 1055, lost async page write
[  166.398971][T10231] Buffer I/O error on dev loop5, logical block 1057, lost async page write
[  166.419270][T10241] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  166.469926][T10249] usb usb1: usbfs: process 10249 (syz.3.2062) did not claim interface 0 before use
[  166.479600][T10249] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  166.537808][T10256] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2065'.
[  166.569753][T10258] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  166.578786][T10256] validate_nla: 4 callbacks suppressed
[  166.578799][T10256] netlink: 'syz.3.2065': attribute type 2 has an invalid length.
[  166.593596][T10262] usb usb1: usbfs: process 10262 (syz.1.2068) did not claim interface 0 before use
[  166.622276][T10262] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  166.630909][T10266] netlink: 'syz.3.2070': attribute type 4 has an invalid length.
[  166.646071][T10266] netlink: 'syz.3.2070': attribute type 4 has an invalid length.
[  166.668184][   T36] lo speed is unknown, defaulting to 1000
[  166.673975][   T36] syz0: Port: 1 Link ACTIVE
[  166.689975][T10269] netlink: 'syz.5.2071': attribute type 13 has an invalid length.
[  166.697854][T10269] netlink: 172 bytes leftover after parsing attributes in process `syz.5.2071'.
[  166.713278][T10270] SELinux:  Context system_u:object_r:chfn_exec_t:s0 is not valid (left unmapped).
[  166.713566][T10269] erspan0: refused to change device tx_queue_len
[  166.841797][T10278] infiniband syz1: set active
[  166.846579][T10278] infiniband syz1: added bridge0
[  166.855233][T10282] loop5: detected capacity change from 0 to 512
[  166.865307][T10282] journal_path: Lookup failure for './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  166.887993][T10282] EXT4-fs: error: could not find journal device path
[  166.896021][T10296] loop3: detected capacity change from 0 to 1024
[  166.919912][T10296] EXT4-fs: Ignoring removed oldalloc option
[  166.925972][T10296] EXT4-fs: Ignoring removed bh option
[  166.931924][T10278] RDS/IB: syz1: added
[  166.949816][T10278] smc: adding ib device syz1 with port count 1
[  166.956230][T10278] smc:    ib device syz1 port 1 has pnetid 
[  166.968577][T10296] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.988058][T10304] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  167.146677][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.176612][T10312] loop5: detected capacity change from 0 to 128
[  167.189171][T10314] FAULT_INJECTION: forcing a failure.
[  167.189171][T10314] name failslab, interval 1, probability 0, space 0, times 0
[  167.201922][T10314] CPU: 1 UID: 0 PID: 10314 Comm: syz.3.2088 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  167.201943][T10314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  167.201954][T10314] Call Trace:
[  167.201960][T10314]  <TASK>
[  167.201967][T10314]  __dump_stack+0x1d/0x30
[  167.202017][T10314]  dump_stack_lvl+0xe8/0x140
[  167.202035][T10314]  dump_stack+0x15/0x1b
[  167.202047][T10314]  should_fail_ex+0x265/0x280
[  167.202064][T10314]  should_failslab+0x8c/0xb0
[  167.202156][T10314]  kmem_cache_alloc_noprof+0x50/0x310
[  167.202179][T10314]  ? dst_alloc+0xbd/0x100
[  167.202197][T10314]  dst_alloc+0xbd/0x100
[  167.202244][T10314]  ip_route_output_key_hash_rcu+0xef5/0x1380
[  167.202277][T10314]  ip_route_output_flow+0x7b/0x130
[  167.202300][T10314]  sctp_v4_get_dst+0x1f3/0x710
[  167.202327][T10314]  sctp_transport_route+0xab/0x1c0
[  167.202417][T10314]  sctp_assoc_add_peer+0x40e/0xb20
[  167.202488][T10314]  sctp_connect_new_asoc+0x1eb/0x3a0
[  167.202580][T10314]  ? __rcu_read_unlock+0x4f/0x70
[  167.202602][T10314]  __sctp_connect+0x424/0x7a0
[  167.202667][T10314]  ? release_sock+0x116/0x150
[  167.202774][T10314]  sctp_inet_connect+0xe8/0x110
[  167.202798][T10314]  ? __pfx_sctp_inet_connect+0x10/0x10
[  167.202824][T10314]  __sys_connect+0x1f2/0x2b0
[  167.202856][T10314]  __x64_sys_connect+0x3f/0x50
[  167.202911][T10314]  x64_sys_call+0x2c08/0x2ff0
[  167.202933][T10314]  do_syscall_64+0xd2/0x200
[  167.203034][T10314]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  167.203056][T10314]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  167.203080][T10314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.203100][T10314] RIP: 0033:0x7f17e3eaebe9
[  167.203133][T10314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.203204][T10314] RSP: 002b:00007f17e2917038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  167.203223][T10314] RAX: ffffffffffffffda RBX: 00007f17e40d5fa0 RCX: 00007f17e3eaebe9
[  167.203235][T10314] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000003
[  167.203247][T10314] RBP: 00007f17e2917090 R08: 0000000000000000 R09: 0000000000000000
[  167.203259][T10314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.203271][T10314] R13: 00007f17e40d6038 R14: 00007f17e40d5fa0 R15: 00007fffc7fa7ff8
[  167.203288][T10314]  </TASK>
[  167.599244][T10332] loop3: detected capacity change from 0 to 1024
[  167.764363][T10332] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.831903][T10342] loop5: detected capacity change from 0 to 1024
[  167.880609][T10342] EXT4-fs: Ignoring removed oldalloc option
[  167.886586][T10342] EXT4-fs: Ignoring removed bh option
[  167.919814][T10332] ext4 filesystem being mounted at /464/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.966319][T10346] syz.2.2101 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  167.979255][T10342] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.028198][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.043709][T10350] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2102'.
[  168.075256][T10352] 9pnet_fd: Insufficient options for proto=fd
[  168.084510][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.158126][T10352] sctp: [Deprecated]: syz.3.2103 (pid 10352) Use of int in maxseg socket option.
[  168.158126][T10352] Use struct sctp_assoc_value instead
[  168.183099][T10372] netlink: 'syz.4.2112': attribute type 13 has an invalid length.
[  168.190979][T10372] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2112'.
[  168.202138][T10372] erspan0: refused to change device tx_queue_len
[  168.213529][T10376] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  168.223586][T10376] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  168.233374][T10376] netlink: 'syz.3.2113': attribute type 10 has an invalid length.
[  168.244946][T10376] loop3: detected capacity change from 0 to 512
[  168.265113][T10376] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  168.309450][T10376] EXT4-fs (loop3): orphan cleanup on readonly fs
[  168.316138][T10376] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  168.331355][T10376] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  168.341770][T10376] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2113: bg 0: block 40: padding at end of block bitmap is not set
[  168.374569][T10376] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  168.391394][T10376] EXT4-fs (loop3): 1 truncate cleaned up
[  168.398220][T10376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  168.438206][T10394] loop5: detected capacity change from 0 to 512
[  168.452958][T10394] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  168.467796][T10394] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  168.475964][T10394] System zones: 0-2, 18-18, 34-34
[  168.481723][T10394] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.494669][T10394] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.529075][T10394] tipc: Started in network mode
[  168.534009][T10394] tipc: Node identity ac14140f, cluster identity 4711
[  168.544403][T10394] tipc: New replicast peer: 255.255.255.255
[  168.550811][T10394] tipc: Enabled bearer <udp:s>, priority 10
[  168.590411][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.626997][T10411] loop5: detected capacity change from 0 to 764
[  168.633187][T10412] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2125'.
[  168.634825][T10411] iso9660: Unknown parameter 'ud'
[  168.754301][T10416] loop5: detected capacity change from 0 to 1024
[  168.761221][T10416] EXT4-fs: Ignoring removed oldalloc option
[  168.767236][T10416] EXT4-fs: Ignoring removed bh option
[  168.784357][T10416] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.812375][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.829400][T10420] netlink: 'syz.5.2129': attribute type 13 has an invalid length.
[  168.837522][T10420] netlink: 172 bytes leftover after parsing attributes in process `syz.5.2129'.
[  168.846753][T10420] erspan0: refused to change device tx_queue_len
[  168.868724][T10422] loop5: detected capacity change from 0 to 512
[  168.884179][T10422] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.896944][T10422] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.910010][T10422] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.927573][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.967183][T10422] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.023998][T10422] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.061740][T10439] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  169.071240][T10422] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.128845][   T31] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  169.145670][   T31] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  169.162974][ T9062] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  169.175161][ T9062] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  169.211519][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.327020][T10457] loop3: detected capacity change from 0 to 512
[  169.334126][T10457] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  169.343954][T10457] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c11c, mo2=0102]
[  169.352771][T10457] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.2144: corrupted in-inode xattr: e_value size too large
[  169.367779][T10457] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2144: couldn't read orphan inode 15 (err -117)
[  169.372764][T10461] loop5: detected capacity change from 0 to 512
[  169.389994][T10461] EXT4-fs: Ignoring removed oldalloc option
[  169.413936][T10457] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.437665][T10461] EXT4-fs error (device loop5): ext4_xattr_inode_iget:433: comm syz.5.2145: Parent and EA inode have the same ino 15
[  169.451138][T10464] FAULT_INJECTION: forcing a failure.
[  169.451138][T10464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.453400][T10461] EXT4-fs error (device loop5): ext4_xattr_inode_iget:433: comm syz.5.2145: Parent and EA inode have the same ino 15
[  169.464290][T10464] CPU: 1 UID: 0 PID: 10464 Comm: syz.1.2146 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  169.464354][T10464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  169.464366][T10464] Call Trace:
[  169.464374][T10464]  <TASK>
[  169.464382][T10464]  __dump_stack+0x1d/0x30
[  169.464402][T10464]  dump_stack_lvl+0xe8/0x140
[  169.464420][T10464]  dump_stack+0x15/0x1b
[  169.464493][T10464]  should_fail_ex+0x265/0x280
[  169.464512][T10464]  should_fail+0xb/0x20
[  169.464529][T10464]  should_fail_usercopy+0x1a/0x20
[  169.464582][T10464]  _copy_from_user+0x1c/0xb0
[  169.464662][T10464]  bpf_test_init+0xdf/0x160
[  169.464680][T10464]  bpf_prog_test_run_skb+0x144/0xbd0
[  169.464698][T10464]  ? __rcu_read_unlock+0x4f/0x70
[  169.464793][T10464]  ? __fget_files+0x184/0x1c0
[  169.464814][T10464]  ? __rcu_read_unlock+0x4f/0x70
[  169.464835][T10464]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  169.464870][T10464]  bpf_prog_test_run+0x22a/0x390
[  169.464898][T10464]  __sys_bpf+0x4b9/0x7b0
[  169.464927][T10464]  __x64_sys_bpf+0x41/0x50
[  169.464955][T10464]  x64_sys_call+0x2aea/0x2ff0
[  169.464975][T10464]  do_syscall_64+0xd2/0x200
[  169.465000][T10464]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  169.465022][T10464]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  169.465106][T10464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.465126][T10464] RIP: 0033:0x7f0b6525ebe9
[  169.465177][T10464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.465200][T10464] RSP: 002b:00007f0b63cc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  169.465291][T10464] RAX: ffffffffffffffda RBX: 00007f0b65485fa0 RCX: 00007f0b6525ebe9
[  169.465304][T10464] RDX: 000000000000001e RSI: 0000200000000080 RDI: 000000000000000a
[  169.465316][T10464] RBP: 00007f0b63cc7090 R08: 0000000000000000 R09: 0000000000000000
[  169.465327][T10464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.465402][T10464] R13: 00007f0b65486038 R14: 00007f0b65485fa0 R15: 00007ffd0b710d88
[  169.465420][T10464]  </TASK>
[  169.503756][T10466] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2147'.
[  169.524639][T10461] EXT4-fs (loop5): 1 orphan inode deleted
[  169.530930][T10466] 8021q: adding VLAN 0 to HW filter on device bond6
[  169.644482][T10461] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.651516][   T23] tipc: Node number set to 2886997007
[  169.731285][T10477] netlink: 'syz.4.2150': attribute type 1 has an invalid length.
[  169.752586][   T29] kauditd_printk_skb: 215 callbacks suppressed
[  169.752602][   T29] audit: type=1326 audit(1756268437.956:7109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.4.2150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc030aaebe9 code=0x7ffc0000
[  169.782712][   T29] audit: type=1326 audit(1756268437.956:7110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.4.2150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc030aaebe9 code=0x7ffc0000
[  169.790208][T10479] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2152'.
[  169.806386][   T29] audit: type=1326 audit(1756268437.956:7111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.4.2150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc030aaebe9 code=0x7ffc0000
[  169.839147][   T29] audit: type=1326 audit(1756268437.956:7112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.4.2150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc030aaebe9 code=0x7ffc0000
[  169.839176][   T29] audit: type=1326 audit(1756268437.956:7113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.4.2150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc030aaebe9 code=0x7ffc0000
[  169.839237][   T29] audit: type=1326 audit(1756268437.956:7114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.4.2150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc030aaebe9 code=0x7ffc0000
[  169.839285][   T29] audit: type=1326 audit(1756268437.956:7115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.4.2150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc030aaebe9 code=0x7ffc0000
[  169.839308][   T29] audit: type=1326 audit(1756268437.956:7116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.4.2150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc030aaebe9 code=0x7ffc0000
[  169.839332][   T29] audit: type=1326 audit(1756268437.956:7117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.4.2150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc030aaebe9 code=0x7ffc0000
[  169.880712][T10485] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2154'.
[  169.886524][   T29] audit: type=1326 audit(1756268437.956:7118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10473 comm="syz.4.2150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fc030aaebe9 code=0x7ffc0000
[  169.910085][T10485] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2154'.
[  170.022849][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.067486][T10487] netlink: 'syz.4.2152': attribute type 2 has an invalid length.
[  170.098305][T10497] loop3: detected capacity change from 0 to 1024
[  170.134542][T10497] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.147288][T10497] ext4 filesystem being mounted at /475/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.155587][T10504] netlink: 'syz.1.2159': attribute type 13 has an invalid length.
[  170.165709][T10504] netlink: 172 bytes leftover after parsing attributes in process `syz.1.2159'.
[  170.170521][T10497] usb usb1: check_ctrlrecip: process 10497 (+}[@) requesting ep 01 but needs 81
[  170.184244][T10497] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  170.193192][T10504] erspan0: refused to change device tx_queue_len
[  170.227575][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.271274][T10519] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2165'.
[  170.281447][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.362333][T10537] erspan0: refused to change device tx_queue_len
[  170.394675][T10540] bond_slave_1: entered promiscuous mode
[  170.407087][T10540] bond0: (slave bond_slave_1): Releasing backup interface
[  170.415752][T10540] bond_slave_1 (unregistering): left promiscuous mode
[  170.460877][T10543] 8021q: adding VLAN 0 to HW filter on device bond7
[  170.533168][T10556] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  170.585549][T10566] FAULT_INJECTION: forcing a failure.
[  170.585549][T10566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.598829][T10566] CPU: 1 UID: 0 PID: 10566 Comm: syz.2.2184 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  170.598975][T10566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  170.598986][T10566] Call Trace:
[  170.598994][T10566]  <TASK>
[  170.599002][T10566]  __dump_stack+0x1d/0x30
[  170.599046][T10566]  dump_stack_lvl+0xe8/0x140
[  170.599061][T10566]  dump_stack+0x15/0x1b
[  170.599134][T10566]  should_fail_ex+0x265/0x280
[  170.599155][T10566]  should_fail+0xb/0x20
[  170.599172][T10566]  should_fail_usercopy+0x1a/0x20
[  170.599198][T10566]  _copy_from_user+0x1c/0xb0
[  170.599225][T10566]  __sys_bpf+0x178/0x7b0
[  170.599252][T10566]  __x64_sys_bpf+0x41/0x50
[  170.599384][T10566]  x64_sys_call+0x2aea/0x2ff0
[  170.599431][T10566]  do_syscall_64+0xd2/0x200
[  170.599453][T10566]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  170.599474][T10566]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  170.599499][T10566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.599520][T10566] RIP: 0033:0x7f550225ebe9
[  170.599577][T10566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.599590][T10566] RSP: 002b:00007f5500cc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  170.599607][T10566] RAX: ffffffffffffffda RBX: 00007f5502485fa0 RCX: 00007f550225ebe9
[  170.599617][T10566] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  170.599629][T10566] RBP: 00007f5500cc7090 R08: 0000000000000000 R09: 0000000000000000
[  170.599713][T10566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.599814][T10566] R13: 00007f5502486038 R14: 00007f5502485fa0 R15: 00007ffea5ec5d48
[  170.599833][T10566]  </TASK>
[  171.003394][T10587] siw: device registration error -23
[  171.259395][T10600] loop3: detected capacity change from 0 to 512
[  171.310603][T10600] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  171.333101][T10600] ext4 filesystem being mounted at /479/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.489448][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  171.505511][T10618] atomic_op ffff88814fb5ad28 conn xmit_atomic 0000000000000000
[  171.921994][T10627] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  172.064010][T10633] loop3: detected capacity change from 0 to 164
[  172.106520][T10633] bio_check_eod: 6 callbacks suppressed
[  172.106545][T10633] syz.3.2210: attempt to access beyond end of device
[  172.106545][T10633] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  172.135600][T10633] syz.3.2210: attempt to access beyond end of device
[  172.135600][T10633] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  172.353384][T10649] validate_nla: 1 callbacks suppressed
[  172.353439][T10649] netlink: 'syz.1.2216': attribute type 2 has an invalid length.
[  173.062905][T10658] siw: device registration error -23
[  173.548848][T10662] netlink: 'syz.2.2220': attribute type 1 has an invalid length.
[  173.629737][T10670] /dev/sg0: Can't lookup blockdev
[  173.645111][T10670] wg2: entered promiscuous mode
[  173.650142][T10670] wg2: entered allmulticast mode
[  173.672609][T10670] wg2: left promiscuous mode
[  173.677263][T10670] wg2: left allmulticast mode
[  173.734554][T10681] netlink: 'syz.3.2227': attribute type 5 has an invalid length.
[  173.753164][T10683] __nla_validate_parse: 8 callbacks suppressed
[  173.753233][T10683] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2228'.
[  173.797698][T10687] loop3: detected capacity change from 0 to 1024
[  173.813261][T10687] EXT4-fs: Ignoring removed oldalloc option
[  173.819331][T10687] EXT4-fs: Ignoring removed bh option
[  173.834652][T10690] FAULT_INJECTION: forcing a failure.
[  173.834652][T10690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.847855][T10690] CPU: 0 UID: 0 PID: 10690 Comm: syz.4.2230 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  173.847903][T10690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  173.847916][T10690] Call Trace:
[  173.847923][T10690]  <TASK>
[  173.847931][T10690]  __dump_stack+0x1d/0x30
[  173.847953][T10690]  dump_stack_lvl+0xe8/0x140
[  173.847972][T10690]  dump_stack+0x15/0x1b
[  173.847988][T10690]  should_fail_ex+0x265/0x280
[  173.848045][T10690]  should_fail+0xb/0x20
[  173.848062][T10690]  should_fail_usercopy+0x1a/0x20
[  173.848154][T10690]  _copy_from_user+0x1c/0xb0
[  173.848191][T10690]  bm_register_write+0xdb/0xbf0
[  173.848214][T10690]  ? avc_policy_seqno+0x15/0x30
[  173.848237][T10690]  ? selinux_file_permission+0x1e4/0x320
[  173.848259][T10690]  ? __pfx_bm_register_write+0x10/0x10
[  173.848306][T10690]  vfs_write+0x269/0x960
[  173.848324][T10690]  ? __rcu_read_unlock+0x4f/0x70
[  173.848340][T10690]  ? __fget_files+0x184/0x1c0
[  173.848362][T10690]  ksys_write+0xda/0x1a0
[  173.848384][T10690]  __x64_sys_write+0x40/0x50
[  173.848464][T10690]  x64_sys_call+0x27fe/0x2ff0
[  173.848484][T10690]  do_syscall_64+0xd2/0x200
[  173.848506][T10690]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  173.848525][T10690]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  173.848563][T10690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.848584][T10690] RIP: 0033:0x7fc030aaebe9
[  173.848599][T10690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.848685][T10690] RSP: 002b:00007fc02f50f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  173.848703][T10690] RAX: ffffffffffffffda RBX: 00007fc030cd5fa0 RCX: 00007fc030aaebe9
[  173.848717][T10690] RDX: 000000000000002a RSI: 0000200000000200 RDI: 0000000000000003
[  173.848730][T10690] RBP: 00007fc02f50f090 R08: 0000000000000000 R09: 0000000000000000
[  173.848740][T10690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.848751][T10690] R13: 00007fc030cd6038 R14: 00007fc030cd5fa0 R15: 00007ffc9b6706e8
[  173.848804][T10690]  </TASK>
[  173.850107][T10683] netlink: 'syz.2.2228': attribute type 2 has an invalid length.
[  173.922910][T10692] SELinux:  Context Ü is not valid (left unmapped).
[  174.078821][T10687] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.121280][T10701] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2232'.
[  174.179460][T10710] netlink: 26 bytes leftover after parsing attributes in process `syz.4.2237'.
[  174.197735][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.207379][T10708] binfmt_misc: register: failed to install interpreter file ./file0
[  174.236270][T10722] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2240'.
[  174.255826][T10725] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2243'.
[  174.307114][T10728] lo speed is unknown, defaulting to 1000
[  174.317090][T10728] lo speed is unknown, defaulting to 1000
[  174.391271][T10733] loop3: detected capacity change from 0 to 4096
[  174.407369][T10733] EXT4-fs: test_dummy_encryption option not supported
[  174.448539][T10733] loop3: detected capacity change from 0 to 512
[  174.495523][T10746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  174.504850][T10746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  174.516399][T10746] netlink: 'syz.4.2249': attribute type 10 has an invalid length.
[  174.534685][T10733] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  174.549823][T10749] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2248'.
[  174.567184][T10733] EXT4-fs (loop3): mount failed
[  174.571075][T10749] lo speed is unknown, defaulting to 1000
[  174.578769][T10749] lo speed is unknown, defaulting to 1000
[  174.647747][T10752] loop5: detected capacity change from 0 to 256
[  175.064882][   T29] kauditd_printk_skb: 320 callbacks suppressed
[  175.064895][   T29] audit: type=1326 audit(1756268443.286:7438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10761 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  175.094387][   T29] audit: type=1326 audit(1756268443.286:7439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10761 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  175.117611][   T29] audit: type=1326 audit(1756268443.286:7440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10761 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  175.120031][T10766] FAULT_INJECTION: forcing a failure.
[  175.120031][T10766] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  175.140628][   T29] audit: type=1326 audit(1756268443.286:7441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10761 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  175.140651][   T29] audit: type=1326 audit(1756268443.286:7442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10761 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  175.140670][   T29] audit: type=1326 audit(1756268443.286:7443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10761 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  175.153779][T10766] CPU: 1 UID: 0 PID: 10766 Comm: syz.2.2255 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  175.153806][T10766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  175.153818][T10766] Call Trace:
[  175.153826][T10766]  <TASK>
[  175.153905][T10766]  __dump_stack+0x1d/0x30
[  175.153971][T10766]  dump_stack_lvl+0xe8/0x140
[  175.153986][T10766]  dump_stack+0x15/0x1b
[  175.154005][T10766]  should_fail_ex+0x265/0x280
[  175.154026][T10766]  should_fail+0xb/0x20
[  175.154042][T10766]  should_fail_usercopy+0x1a/0x20
[  175.154064][T10766]  _copy_from_user+0x1c/0xb0
[  175.154161][T10766]  do_sock_getsockopt+0xf1/0x240
[  175.154184][T10766]  __x64_sys_getsockopt+0x11e/0x1a0
[  175.154270][T10766]  x64_sys_call+0x2bc6/0x2ff0
[  175.154289][T10766]  do_syscall_64+0xd2/0x200
[  175.154314][T10766]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  175.154358][T10766]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  175.154393][T10766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.154412][T10766] RIP: 0033:0x7f550225ebe9
[  175.154427][T10766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.154443][T10766] RSP: 002b:00007f5500cc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  175.154479][T10766] RAX: ffffffffffffffda RBX: 00007f5502485fa0 RCX: 00007f550225ebe9
[  175.154491][T10766] RDX: 0000000000000085 RSI: 0000000000000084 RDI: 0000000000000003
[  175.154503][T10766] RBP: 00007f5500cc7090 R08: 00002000000010c0 R09: 0000000000000000
[  175.154515][T10766] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  175.154527][T10766] R13: 00007f5502486038 R14: 00007f5502485fa0 R15: 00007ffea5ec5d48
[  175.154549][T10766]  </TASK>
[  175.235851][T10769] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  175.242626][   T29] audit: type=1326 audit(1756268443.286:7444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10761 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  175.249100][   T29] audit: type=1326 audit(1756268443.446:7445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10767 comm="syz.2.2256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  175.447478][   T29] audit: type=1326 audit(1756268443.446:7446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10767 comm="syz.2.2256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  175.471145][   T29] audit: type=1326 audit(1756268443.446:7447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10767 comm="syz.2.2256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550225ebe9 code=0x7ffc0000
[  175.554410][T10775] loop5: detected capacity change from 0 to 1024
[  175.565932][T10775] EXT4-fs: Ignoring removed oldalloc option
[  175.571885][T10775] EXT4-fs: Ignoring removed bh option
[  175.580154][T10784] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2262'.
[  175.589141][T10784] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2262'.
[  175.601014][T10783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.609775][T10783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.618252][T10773] sch_fq: defrate 4294967295 ignored.
[  175.625396][T10783] netlink: 'syz.2.2263': attribute type 10 has an invalid length.
[  175.634494][T10775] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.701939][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.705329][T10795] netlink: 50911 bytes leftover after parsing attributes in process `syz.1.2268'.
[  175.731706][T10799] loop3: detected capacity change from 0 to 128
[  175.750345][T10801] netlink: 'syz.5.2266': attribute type 13 has an invalid length.
[  175.758287][T10801] netlink: 172 bytes leftover after parsing attributes in process `syz.5.2266'.
[  175.758486][T10799] FAT-fs (loop3): Directory bread(block 32) failed
[  175.768336][T10801] erspan0: refused to change device tx_queue_len
[  175.780648][T10799] FAT-fs (loop3): Directory bread(block 33) failed
[  175.787543][T10799] FAT-fs (loop3): Directory bread(block 34) failed
[  175.790306][T10803] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  175.794762][T10799] FAT-fs (loop3): Directory bread(block 35) failed
[  175.808445][T10799] FAT-fs (loop3): Directory bread(block 36) failed
[  175.815343][T10799] FAT-fs (loop3): Directory bread(block 37) failed
[  175.832964][T10799] FAT-fs (loop3): Directory bread(block 38) failed
[  175.839545][T10799] FAT-fs (loop3): Directory bread(block 39) failed
[  175.846354][T10799] FAT-fs (loop3): Directory bread(block 40) failed
[  175.854674][T10799] FAT-fs (loop3): Directory bread(block 41) failed
[  175.864070][T10806] loop5: detected capacity change from 0 to 128
[  175.879893][T10799] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  175.882277][T10806] FAT-fs (loop5): Directory bread(block 32) failed
[  175.888488][T10799] FAT-fs (loop3): Filesystem has been set read-only
[  175.890761][T10799] syz.3.2270: attempt to access beyond end of device
[  175.890761][T10799] loop3: rw=2049, sector=4184, nr_sectors = 8 limit=128
[  175.895638][T10806] FAT-fs (loop5): Directory bread(block 33) failed
[  175.902231][T10799] syz.3.2270: attempt to access beyond end of device
[  175.902231][T10799] loop3: rw=2049, sector=4200, nr_sectors = 4 limit=128
[  175.923734][T10806] FAT-fs (loop5): Directory bread(block 34) failed
[  175.935236][T10799] buffer_io_error: 2 callbacks suppressed
[  175.935251][T10799] Buffer I/O error on dev loop3, logical block 1050, lost async page write
[  175.947804][T10806] FAT-fs (loop5): Directory bread(block 35) failed
[  175.959024][T10799] syz.3.2270: attempt to access beyond end of device
[  175.959024][T10799] loop3: rw=2049, sector=4208, nr_sectors = 4 limit=128
[  175.964200][T10806] FAT-fs (loop5): Directory bread(block 36) failed
[  175.976278][T10799] Buffer I/O error on dev loop3, logical block 1052, lost async page write
[  175.978652][T10799] syz.3.2270: attempt to access beyond end of device
[  175.978652][T10799] loop3: rw=2049, sector=4220, nr_sectors = 4 limit=128
[  175.983754][T10806] FAT-fs (loop5): Directory bread(block 37) failed
[  175.991423][T10799] Buffer I/O error on dev loop3, logical block 1055, lost async page write
[  176.005493][T10806] FAT-fs (loop5): Directory bread(block 38) failed
[  176.011986][T10799] syz.3.2270: attempt to access beyond end of device
[  176.011986][T10799] loop3: rw=2049, sector=4228, nr_sectors = 4 limit=128
[  176.020214][T10810] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  176.026827][T10799] Buffer I/O error on dev loop3, logical block 1057, lost async page write
[  176.057354][T10806] FAT-fs (loop5): Directory bread(block 39) failed
[  176.064329][T10806] FAT-fs (loop5): Directory bread(block 40) failed
[  176.070848][T10806] FAT-fs (loop5): Directory bread(block 41) failed
[  176.084665][T10799] syz.3.2270: attempt to access beyond end of device
[  176.084665][T10799] loop3: rw=2049, sector=4240, nr_sectors = 4 limit=128
[  176.098301][T10799] Buffer I/O error on dev loop3, logical block 1060, lost async page write
[  176.107810][T10799] syz.3.2270: attempt to access beyond end of device
[  176.107810][T10799] loop3: rw=2049, sector=4248, nr_sectors = 4 limit=128
[  176.121724][T10799] Buffer I/O error on dev loop3, logical block 1062, lost async page write
[  176.132098][T10799] syz.3.2270: attempt to access beyond end of device
[  176.132098][T10799] loop3: rw=2049, sector=4252, nr_sectors = 4 limit=128
[  176.151063][T10806] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF
[  176.159782][T10806] FAT-fs (loop5): Filesystem has been set read-only
[  176.172806][T10806] Buffer I/O error on dev loop5, logical block 1050, lost async page write
[  176.181769][T10806] Buffer I/O error on dev loop5, logical block 1052, lost async page write
[  176.190658][T10806] Buffer I/O error on dev loop5, logical block 1055, lost async page write
[  176.199998][T10806] Buffer I/O error on dev loop5, logical block 1057, lost async page write
[  176.211800][T10806] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  176.308772][T10834] netlink: 'syz.2.2284': attribute type 2 has an invalid length.
[  176.328704][T10838] loop3: detected capacity change from 0 to 512
[  176.376249][T10838] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.392243][T10846] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.400940][T10846] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.417078][T10838] ext4 filesystem being mounted at /494/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.428699][T10846] netlink: 'syz.2.2289': attribute type 10 has an invalid length.
[  176.441940][T10838] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.450843][T10838] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.459471][T10855] loop5: detected capacity change from 0 to 1024
[  176.461174][T10853] vhci_hcd: invalid port number 255
[  176.470390][T10855] EXT4-fs: Ignoring removed oldalloc option
[  176.477196][T10855] EXT4-fs: Ignoring removed bh option
[  176.504069][T10855] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.535612][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.578852][T10863] 9pnet: p9_errstr2errno: server reported unknown error 
[  176.652989][T10874] netlink: 'syz.4.2299': attribute type 2 has an invalid length.
[  176.757292][T10886] loop5: detected capacity change from 0 to 1024
[  176.766816][T10886] EXT4-fs: Ignoring removed oldalloc option
[  176.772798][T10886] EXT4-fs: Ignoring removed bh option
[  176.800354][T10886] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.834298][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.918901][T10891] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.964414][T10891] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.009881][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.057062][T10891] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.076035][T10905] loop3: detected capacity change from 0 to 512
[  177.083728][T10905] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  177.095854][T10905] EXT4-fs (loop3): 1 truncate cleaned up
[  177.101999][T10905] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.103668][T10903] loop5: detected capacity change from 0 to 1024
[  177.136623][T10903] EXT4-fs: Ignoring removed bh option
[  177.142115][T10903] EXT4-fs: inline encryption not supported
[  177.148548][T10903] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  177.163910][T10903] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 2: comm syz.5.2310: lblock 2 mapped to illegal pblock 2 (length 1)
[  177.178135][T10903] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.2310: lblock 0 mapped to illegal pblock 48 (length 1)
[  177.179339][T10891] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.202678][T10903] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.2310: Failed to acquire dquot type 0
[  177.215116][T10903] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  177.239123][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.239279][T10903] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.2310: mark_inode_dirty error
[  177.269838][T10903] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  177.298778][T10903] EXT4-fs (loop5): 1 orphan inode deleted
[  177.312494][T10903] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.325772][   T31] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  177.351103][T10903] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 16: comm syz.5.2310: lblock 0 mapped to illegal pblock 16 (length 1)
[  177.375826][T10915] loop3: detected capacity change from 0 to 2048
[  177.382479][   T31] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:1: Failed to release dquot type 0
[  177.393993][ T9062] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.402251][ T9062] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.402962][T10903] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 16: comm syz.5.2310: lblock 0 mapped to illegal pblock 16 (length 1)
[  177.412658][ T9062] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.433634][ T3296]  loop3: p2 p3 p7
[  177.459193][ T9049] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.461744][T10915]  loop3: p2 p3 p7
[  177.494753][T10919] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 16: comm syz.5.2310: lblock 0 mapped to illegal pblock 16 (length 1)
[  177.562878][T10903] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #2: block 16: comm syz.5.2310: lblock 0 mapped to illegal pblock 16 (length 1)
[  177.643835][ T8749] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.683055][ T8749] EXT4-fs error (device loop5): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  177.713599][ T8749] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  177.732873][ T8749] EXT4-fs error (device loop5): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[  177.754601][T10922] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  177.785783][T10924] netlink: 'syz.5.2316': attribute type 2 has an invalid length.
[  177.797109][T10922] syzkaller0: entered promiscuous mode
[  177.802933][T10922] syzkaller0: entered allmulticast mode
[  177.824334][T10921] tipc: Resetting bearer <eth:syzkaller0>
[  177.845129][T10921] tipc: Disabling bearer <eth:syzkaller0>
[  177.860402][T10918] netlink: 'syz.1.2315': attribute type 4 has an invalid length.
[  177.947738][T10929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.967385][T10929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.000358][T10935] loop5: detected capacity change from 0 to 512
[  178.007447][ T2993] ==================================================================
[  178.015627][ T2993] BUG: KCSAN: data-race in set_nlink / set_nlink
[  178.021960][ T2993] 
[  178.024286][ T2993] read to 0xffff88810716ec50 of 4 bytes by task 3296 on cpu 1:
[  178.031830][ T2993]  set_nlink+0x29/0xb0
[  178.035905][ T2993]  kernfs_iop_permission+0x1e2/0x220
[  178.041197][ T2993]  inode_permission+0x1ca/0x310
[  178.046061][ T2993]  link_path_walk+0x162/0x900
[  178.050901][ T2993]  path_openat+0x1de/0x2170
[  178.055410][ T2993]  do_filp_open+0x109/0x230
[  178.059914][ T2993]  do_sys_openat2+0xa6/0x110
[  178.062957][T10935] ext2: Unknown parameter 'nouser_xattr'
[  178.064522][ T2993]  __x64_sys_openat+0xf2/0x120
[  178.075009][ T2993]  x64_sys_call+0x2e9c/0x2ff0
[  178.079698][ T2993]  do_syscall_64+0xd2/0x200
[  178.084217][ T2993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.090120][ T2993] 
[  178.092449][ T2993] write to 0xffff88810716ec50 of 4 bytes by task 2993 on cpu 0:
[  178.100236][ T2993]  set_nlink+0x99/0xb0
[  178.104340][ T2993]  kernfs_iop_permission+0x1e2/0x220
[  178.109640][ T2993]  inode_permission+0x1ca/0x310
[  178.114528][ T2993]  link_path_walk+0x162/0x900
[  178.119204][ T2993]  path_lookupat+0x63/0x2a0
[  178.123701][ T2993]  filename_lookup+0x147/0x340
[  178.128578][ T2993]  vfs_statx+0x9d/0x390
[  178.132724][ T2993]  vfs_fstatat+0x115/0x170
[  178.137130][ T2993]  __se_sys_newfstatat+0x55/0x260
[  178.142142][ T2993]  __x64_sys_newfstatat+0x55/0x70
[  178.147160][ T2993]  x64_sys_call+0x135a/0x2ff0
[  178.151823][ T2993]  do_syscall_64+0xd2/0x200
[  178.156317][ T2993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.162194][ T2993] 
[  178.164508][ T2993] value changed: 0x00000008 -> 0x00000009
[  178.170218][ T2993] 
[  178.172532][ T2993] Reported by Kernel Concurrency Sanitizer on:
[  178.178665][ T2993] CPU: 0 UID: 0 PID: 2993 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[  178.187930][ T2993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  178.198060][ T2993] ==================================================================
[  178.212209][T10914] netlink: 'syz.2.2313': attribute type 27 has an invalid length.
[  178.440708][T10940] siw: device registration error -23
[  178.688796][T10914] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.696123][T10914] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.895437][T10914] sit1: left allmulticast mode
[  178.905686][   T10] lo speed is unknown, defaulting to 1000
[  178.911457][   T10] syz2: Port: 1 Link DOWN
[  178.918590][ T9019] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  178.968794][ T9019] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  178.983137][ T9019] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  178.991570][ T9019] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  179.194942][T10911] syz.2.2313 (10911) used greatest stack depth: 7336 bytes left