last executing test programs:

34.10252924s ago: executing program 4 (id=583):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x3, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x80000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x12, 0xb, 0x4, 0x2}, 0x50)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, 0x0}, 0x20)

34.010892039s ago: executing program 4 (id=586):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000000)='kmem_cache_free\x00', r0, 0x0, 0xd4}, 0x18)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
mount_setattr(0xffffffffffffffff, &(0x7f0000000200)='.\x00', 0x8000, &(0x7f0000001dc0)={0x81, 0x0, 0x80000}, 0x20)

33.974908353s ago: executing program 4 (id=589):
syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14004, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0xffffffff}, 0x18)
chown(&(0x7f0000000040)='./file1\x00', 0x0, 0x0)

33.763027524s ago: executing program 4 (id=591):
syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14004, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0xffffffff}, 0x18)
chown(&(0x7f0000000040)='./file1\x00', 0x0, 0x0)

33.243325175s ago: executing program 4 (id=601):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x1, 0x7fff}, 0x1184c, 0x9, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4800)
write$P9_RVERSION(r3, &(0x7f0000000180)={0x15, 0x65, 0xffff, 0x9, 0x8, '9P2000.u'}, 0x15)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x105042, 0x189)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x84, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
lchown(&(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, 0x0)
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SCUDMATCHLEN(r4, 0x89e7, &(0x7f00000001c0)={0x37})

32.834680445s ago: executing program 4 (id=610):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x40}, 0x18)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x18)
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r2)
write$binfmt_script(r3, 0x0, 0xd9)
write(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_io_uring_setup(0xbc3, &(0x7f0000000540)={0x0, 0x635f, 0x10000, 0x2, 0x264}, &(0x7f0000000040)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}})
io_uring_enter(r5, 0x29ab, 0xd480, 0x0, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000740), r8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0xa, 0x922000000003, 0x11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r10}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3U9oHNUfAPDvzDb59U9+JhURWxQDHipIt9larHpqe7GHggU9iHhoaDc1dNuEJAUTekjBi1BB1KuHXgTP3iV3byKoN48iVJGIJyEyu7NJTHaTsOx2Yubzgdl9fzZ577vDy7y3s48EUFrj2UMacSIiriURo5vqDkVeOd563eof965nRxJra2/9nkSSl7Vfn+TPx/LM4Yj47lLEk5Xt7c4vLt2abDTqc3n+zMLt2TPzi0unp29P3qzfrN+pnX313PmJ12rnan2L9cFXn/1y+cqbz3784fuvTH3fOJ3EhRjJ6zbH0S/jMb7+nmyWva/n+91YQSp5PJ3iZP9rn7+hiHg6RqOSj/rMaEw/KLRzwECtVSLWgJJKjH8oqcjn/+21/SDWwfvZo4utN2B7/Idan43E4eba6Ohqsmll1FrvjvWh/ayNv++d/CI7YkCfQ+xk+X4rmO3xJ82+jTU/xcniT/8VfxoRE3n/s/KzPbY/viVfSPzP9Bb/hfw5K7/UY/tFxw9AOa1cbF3It1//0vX5T3SY/4x0uHb1oujrX/f530b8lS7zv6t7bOPnjy5/2q1u8/wvO7L223PBx+HR/YiTHeNP1uNPOsSfzXuu7bGNN3747XK3uqLjX3sYcarj+mfjjlay8/3JM1PTjfpE67FjG998+96X3dovOv7s/B/tEv9O5z8rm91jG19ffXi7W93u8ae/DidvN1PDeckHkwsLc7WI4eTK9vJdFiLt17R/Rxb/iy/sPP47xX8kWzvsMf7Zd26t9h7/YGXx3+jx/H+yxzb+evfuc93qio4fAAAAAAAADpK0+V2OJK2up9O0Wm3t4X0qjqaNmfmFl6Zm7t650frOx1gMpe073aOtfJLla/n3Ydv5s1vyL0fE8Yj4vHKkma9en2ncKDp4AAAAAAAAAAAAAAAAAAAA2CeObdn//2eltf8fKIlDRXcAKIzxD+Vl/EN5Gf9QXsY/lJfxD+Vl/EN5Gf9QXj2N/+X+9wN4/Fz/obyMfwAAAAA4kI4/v/JTEhHLrx9pHpnhvG6o0J4Bg5YW3QGgMJWiOwAUxq1/KC9rfCDZpf5wt4qV3X4SAAAAAAAAAAAAAOiXUyfs/4eysv8fysv+fygv+/+hvKzxAfv/AQAAAAAAAAAAAGD/G2keSVrN9wKPRJpWqxH/j4ixGEqmphv1iYh4IiJ+rAz9L8vXiu40AAAAAAAAAAAAAAAAAAAAHDDzi0u3JhuN+pyEhITEeqLov0wAAAAAAAAAAAAAAAAAAFA+G5t+i+4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABRn4///Dy5RdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/TPwEAAP//KHYg8A==")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000ac0)={{}, &(0x7f0000000a40), &(0x7f0000000a80)}, 0x20)

17.805099941s ago: executing program 32 (id=610):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x40}, 0x18)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x18)
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r2)
write$binfmt_script(r3, 0x0, 0xd9)
write(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_io_uring_setup(0xbc3, &(0x7f0000000540)={0x0, 0x635f, 0x10000, 0x2, 0x264}, &(0x7f0000000040)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}})
io_uring_enter(r5, 0x29ab, 0xd480, 0x0, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000740), r8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0xa, 0x922000000003, 0x11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r10}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3U9oHNUfAPDvzDb59U9+JhURWxQDHipIt9larHpqe7GHggU9iHhoaDc1dNuEJAUTekjBi1BB1KuHXgTP3iV3byKoN48iVJGIJyEyu7NJTHaTsOx2Yubzgdl9fzZ577vDy7y3s48EUFrj2UMacSIiriURo5vqDkVeOd563eof965nRxJra2/9nkSSl7Vfn+TPx/LM4Yj47lLEk5Xt7c4vLt2abDTqc3n+zMLt2TPzi0unp29P3qzfrN+pnX313PmJ12rnan2L9cFXn/1y+cqbz3784fuvTH3fOJ3EhRjJ6zbH0S/jMb7+nmyWva/n+91YQSp5PJ3iZP9rn7+hiHg6RqOSj/rMaEw/KLRzwECtVSLWgJJKjH8oqcjn/+21/SDWwfvZo4utN2B7/Idan43E4eba6Ohqsmll1FrvjvWh/ayNv++d/CI7YkCfQ+xk+X4rmO3xJ82+jTU/xcniT/8VfxoRE3n/s/KzPbY/viVfSPzP9Bb/hfw5K7/UY/tFxw9AOa1cbF3It1//0vX5T3SY/4x0uHb1oujrX/f530b8lS7zv6t7bOPnjy5/2q1u8/wvO7L223PBx+HR/YiTHeNP1uNPOsSfzXuu7bGNN3747XK3uqLjX3sYcarj+mfjjlay8/3JM1PTjfpE67FjG998+96X3dovOv7s/B/tEv9O5z8rm91jG19ffXi7W93u8ae/DidvN1PDeckHkwsLc7WI4eTK9vJdFiLt17R/Rxb/iy/sPP47xX8kWzvsMf7Zd26t9h7/YGXx3+jx/H+yxzb+evfuc93qio4fAAAAAAAADpK0+V2OJK2up9O0Wm3t4X0qjqaNmfmFl6Zm7t650frOx1gMpe073aOtfJLla/n3Ydv5s1vyL0fE8Yj4vHKkma9en2ncKDp4AAAAAAAAAAAAAAAAAAAA2CeObdn//2eltf8fKIlDRXcAKIzxD+Vl/EN5Gf9QXsY/lJfxD+Vl/EN5Gf9QXj2N/+X+9wN4/Fz/obyMfwAAAAA4kI4/v/JTEhHLrx9pHpnhvG6o0J4Bg5YW3QGgMJWiOwAUxq1/KC9rfCDZpf5wt4qV3X4SAAAAAAAAAAAAAOiXUyfs/4eysv8fysv+fygv+/+hvKzxAfv/AQAAAAAAAAAAAGD/G2keSVrN9wKPRJpWqxH/j4ixGEqmphv1iYh4IiJ+rAz9L8vXiu40AAAAAAAAAAAAAAAAAAAAHDDzi0u3JhuN+pyEhITEeqLov0wAAAAAAAAAAAAAAAAAAFA+G5t+i+4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABRn4///Dy5RdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/TPwEAAP//KHYg8A==")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000ac0)={{}, &(0x7f0000000a40), &(0x7f0000000a80)}, 0x20)

3.340592962s ago: executing program 5 (id=1103):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff61", 0x12)
recvmmsg(r1, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
r3 = syz_io_uring_setup(0x38a9, &(0x7f0000000300)={0x0, 0x1595, 0x10100, 0x0, 0x17c}, &(0x7f0000000040)=<r4=>0x0, &(0x7f00000003c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r2})
io_uring_enter(r3, 0x44fd, 0x3, 0x1, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r6}, 0x10)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000200)=""/179, 0xb3)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_usbip_server_init(0x5)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r8, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)

1.953865029s ago: executing program 3 (id=1119):
r0 = socket$kcm(0x11, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x4, r2, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x0)

1.9393446s ago: executing program 5 (id=1121):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f0000000000)={0x0, <r2=>0x0}, 0x0)
r3 = socket(0x2c, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r4, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r3}, 0x20)
close_range(r2, 0xffffffffffffffff, 0x0)

1.900160583s ago: executing program 5 (id=1123):
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[], 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
timer_settime(0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x804000, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x12, r1, 0x0)

1.855826248s ago: executing program 3 (id=1124):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x2b8, 0xb0000010, 0x2, 0x5c8f0200, 0x388, 0x3a8, 0x3a8, 0x388, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0x248, 0x290, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0xf1, 0x0, 0x33, 0x0, 0x10000000, 0x1, 0x7fffffff}}}, @common=@unspec=@limit={{0x48}, {0x0, 0x3}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)

1.855203348s ago: executing program 5 (id=1125):
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
getpriority(0x0, 0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x18, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000030feffff720af0fff8ffffff61a4f0ff000000002d040000000000003d300300000000006504000001ed000079130000000000006c440000000000007a0ab0fe000000007b13000000000000b5000000000000009500000000000000023bc065b7a379d17cf9333379fc9e94af05000000f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a715bc5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128c4e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e655400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d0800af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d390dd65be2467b373eafd9aa58f2077184b6a89adaf17b0a6041bdef728d236619074d6ebdf098bc908f523d228a40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c5da18ec0ae564162a27afea62d84f3a10746443d64364f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b93d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063be9261b2e1aab1675b34a220488c126aeef5f510a8f1aded94a129e4aec6ffc3a15d96c2ea3e2e04cfe0e669e51731b2875353193f82ade69d0540059fe6c7fe7cd86975023cb08cc7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c5538a294270a1ad10c80fef7c24c87afce829ba0f85da6d888f18ea40ab959f6074ab2a4009b9e5f07ab513cdc6c0e57fb1c1ca571380d7b4ead35a655e0b4a26b702396df7e0cbe02b6e4114f244a9bf93f05beb72f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba5823a34a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a9b702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b728fe26e37037f27f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d0a874c74b777df005c55fc30511d00000000c85265b2bd83d64a532869d708000000000000007baa5b6a682b50f0937f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a9037d2283c42efc54fa84323a56edbd287eba77f35c35d91f3c62a0ca74836a640224de85f2b4a5fee500bbc584328a6a7a4628c4378c9b71dff64075b74a6520adb187b40d2cccbcb08c0634ee74658d3e23bf511c8b0bf1b69d2b3782b3f481c314e7bd4615dbbf24c06ac95bd639e68d0e6aa7f0d07bf69a93365f803f0144af37236ea133c2255b0613bf8ba1d538e06c2411e8d70053b712084fd0e313de9bb19266e49a3a2190cb039c6f89610acd896319b9c8d1b8aac2eaa5a4f8be7419a09e3fb5be3be2fcdadd2299839cc40e684e6e2b4e1385fde7a0babcb0be672110268a34dad364fddee69e564119cebb6940c6356ff83ca527c573d700000000000000c6299263e6d9097f225de969485bce3d7dc471c0669bb6a467cf0de54dfcc1857048fe22a19dbb1b3cb9babaa839f1f6e817a62d95a5b971ff96a5c66c338c6f2a2da4644519f40761402e9c81013d76c7152c95ba5efa24ce1930f23a2277f057ffb6b0144f3b434a2adc456ef4d2fbdf7c6238c2bb00ffcf2d23d68cb9b027f3b225ec4e09b089f7956b66c5692b46ea03abb6a404c8ccceaa4ba4161409fcb54b86eaca26b2a0c4b81f7b71cbfcef"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r4, 0x2007ffc)
sendfile(r4, r4, 0x0, 0x800000009)
madvise(&(0x7f0000130000/0xd000)=nil, 0xd000, 0x66)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000088f}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x66)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES8=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000070200dff7ffffffb703000208", @ANYRESHEX=r1, @ANYRES64=r2, @ANYRESDEC=r3, @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\a\x00\x00'], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

1.814252762s ago: executing program 3 (id=1126):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0xd6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000980)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='io_uring_cqe_overflow\x00', r2}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@dev={0xfe, 0x80, '\x00', 0x16}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64}, {@in, 0x0, 0x32}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, {}, {0x0, 0x0, 0xf84, 0x200}, {}, 0x0, 0x0, 0xa, 0x0, 0x0, 0xcd}}, 0xf0}}, 0x0)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.752611558s ago: executing program 3 (id=1128):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r1, &(0x7f0000000280)={@val={0x6f01, 0xfbfb}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffff20, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x700, 0x0, 0x18, {[@window={0x9, 0x3}, @timestamp={0x5, 0xa, 0xffffff07}, @generic={0x0, 0x8, "d58838000391"}]}}}}}}, 0x4e)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000380)={'veth0_vlan\x00', 0x600})
sendmmsg(0xffffffffffffffff, &(0x7f0000001300), 0x0, 0x0)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r2)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x32)
write(r4, &(0x7f00000001c0)="49bda8f11851b8436bebb25ac5f8202ffb", 0x11)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7ffffffffffffffd)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r5, &(0x7f0000000200)="0193edb6e1904796643edd81c475849ac755faa6d0e87191082dd1194f3fb05459e4574eb31d237fc824d673abb2ac581fb387f92a489cd47f5cf0f98f1c935b42", &(0x7f0000000080)=""/44, 0x4}, 0x20)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000500)=[@mask_cswp={0x5b, 0x114, 0x9, {{0x8, 0x5}, 0x0, 0x0, 0x1, 0xb6, 0xfb, 0x3b0c9548, 0x0, 0xefb}}], 0x58, 0x8000}, 0x0)

1.416275811s ago: executing program 0 (id=1132):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f0000000000)={0x0, <r2=>0x0}, 0x0)
r3 = socket(0x2c, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r4, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r3}, 0x20)
close_range(r2, 0xffffffffffffffff, 0x0)

1.338889539s ago: executing program 0 (id=1134):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d6163736563000014000280050006000000000005000f000000000008000500", @ANYRES32=r2], 0x4c}}, 0x0)

1.261004587s ago: executing program 0 (id=1137):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r1, &(0x7f0000000280)={@val={0x6f01, 0xfbfb}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffff20, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x700, 0x0, 0x18, {[@window={0x9, 0x3}, @timestamp={0x5, 0xa, 0xffffff07}, @generic={0x0, 0x8, "d58838000391"}]}}}}}}, 0x4e)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000380)={'veth0_vlan\x00', 0x600})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg(r2, &(0x7f0000001300), 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r3)
r4 = socket$rds(0x15, 0x5, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x32)
write(r6, &(0x7f00000001c0)="49bda8f11851b8436bebb25ac5f8202ffb", 0x11)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffffffffffffffd)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r7, &(0x7f0000000200)="0193edb6e1904796643edd81c475849ac755faa6d0e87191082dd1194f3fb05459e4574eb31d237fc824d673abb2ac581fb387f92a489cd47f5cf0f98f1c935b42", &(0x7f0000000080)=""/44, 0x4}, 0x20)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000500)=[@mask_cswp={0x5b, 0x114, 0x9, {{0x8, 0x5}, 0x0, 0x0, 0x1, 0xb6, 0xfb, 0x3b0c9548, 0x0, 0xefb}}], 0x58, 0x8000}, 0x0)

1.176180455s ago: executing program 5 (id=1139):
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r0, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
r2 = syz_io_uring_setup(0x38a9, &(0x7f0000000300)={0x0, 0x1595, 0x10100, 0x0, 0x17c}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000003c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r1})
io_uring_enter(r2, 0x44fd, 0x3, 0x1, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r5}, 0x10)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r6, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)

1.051504097s ago: executing program 1 (id=1141):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = shmget(0x2, 0x3000, 0x40, &(0x7f0000ffb000/0x3000)=nil)
shmat(r2, &(0x7f0000ffd000/0x2000)=nil, 0x4000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r3}, 0x18)
quotactl_fd$Q_SETINFO(0xffffffffffffffff, 0xffffffff80000600, 0x0, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
accept4(r0, 0x0, 0x0, 0x0)
recvfrom(r4, &(0x7f0000000000)=""/44, 0x2c, 0x0, 0x0, 0x0)

965.180086ms ago: executing program 3 (id=1143):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@delalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1)
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000800)=ANY=[], 0x361, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000000)=ANY=[], 0xfe37, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x18e)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@discard}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r1}, &(0x7f00000008c0), &(0x7f0000000880)=r2}, 0x20)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000740)=[@fadd={0x58, 0x114, 0x6, {{0x5, 0x6}, &(0x7f0000000400)=0x7, 0x0, 0xf, 0x4, 0x9, 0xfffffffffffffff9, 0x0, 0x7}}], 0x58, 0x8000}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000240)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x23}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0x28, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd2d, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0xb, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x3000000}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8000, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000, 0x0, 0x200000}, {}, {0x2, 0x0, 0x0, 0x0, 0x6, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x8000000, 0x804}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x20000}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x60569add}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9, 0x2}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x9, 0x0, 0xffffffff, 0x0, 0x2}, {}, {0x80}, {0x80, 0x0, 0x0, 0x0, 0x400}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x2, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {0x0, 0x0, 0x0, 0x80000, 0x407}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x2}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x7}, {0x0, 0xfb}, {0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x9}, {0x0, 0xfffffffc, 0x200}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x3}, {0x4, 0x0, 0x0, 0x4, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x0, 0xb, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {0x0, 0x0, 0x0, 0xec33, 0x0, 0x4}, {0x0, 0x2}, {0xb, 0x0, 0x0, 0x0, 0x0, 0xfe1}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {0x0, 0x8, 0x0, 0x0, 0xfffffffe}, {0x0, 0x2, 0x0, 0x2, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x80e9d, 0x58a}, {0x2}, {0x2, 0x9, 0x20000000}, {0xfffffffc}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x200, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {0x38be3dfc}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x6, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x2d}, {0x0, 0x0, 0x8000}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800, 0x4}, {0x0, 0x3}, {0x0, 0x3, 0x0, 0x0, 0xd}], [{}, {}, {0x0, 0x1}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {0x5}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {0x2}, {}, {0x5}, {}, {0x4}, {0x1}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x1}, {0x1}, {0x4}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {0x3}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000300)={0x0, 0x2904c, 0xff01, 0x10003, '\x00', [{0x0, 0x0, 0x700, 0x7, 0x0, 0x40000000000000}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000000000}]})

847.707647ms ago: executing program 2 (id=1144):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
rmdir(0x0)
r1 = socket(0x2, 0x3, 0xff)
openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x40040, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0), 0x4)
getsockopt$PNPIPE_IFINDEX(r1, 0x113, 0x2, &(0x7f0000000440), &(0x7f0000000480)=0x4)
creat(&(0x7f00000004c0)='./file0/file0\x00', 0x2)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000840)={0xffffffffffffffff, 0x20, &(0x7f0000000800)={&(0x7f0000000680)=""/180, 0xb4, 0x0, &(0x7f0000000740)=""/144, 0x90}}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8001}, 0x4)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @random="e43f6642531e", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x1, 0x1, 0x10, 0x0, @void}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x20000000000000ba, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfd71}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x2000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

450.161136ms ago: executing program 2 (id=1145):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_open_procfs(0x0, &(0x7f0000000340)='net/rt_acct\x00')
readv(r3, &(0x7f00000014c0)=[{&(0x7f0000000000)=""/22, 0x16}], 0x1)

408.01337ms ago: executing program 2 (id=1146):
r0 = socket$kcm(0x11, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x4, r2, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x0)

365.458935ms ago: executing program 2 (id=1147):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
pipe2(&(0x7f0000000000)={0x0, <r1=>0x0}, 0x0)
r2 = socket(0x2c, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r3, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r2}, 0x20)
close_range(r1, 0xffffffffffffffff, 0x0)

347.600346ms ago: executing program 0 (id=1148):
syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14004, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0xffffffff}, 0x18)
chown(&(0x7f0000000040)='./file1\x00', 0x0, 0x0)

326.670698ms ago: executing program 2 (id=1149):
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[], 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
timer_settime(0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x804000, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x12, r1, 0x0)

295.838651ms ago: executing program 2 (id=1150):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000019240)=@IORING_OP_SENDMSG={0x9, 0xc, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xe3d08660d3cd4684})
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="31832abd70000000000019000000180001801400020065727370616e30"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886)
ptrace(0x10, r0)
ptrace$setregs(0xffffffffffffffff, r0, 0x7, &(0x7f0000000440))
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0x40505330, &(0x7f0000000bc0)={{0x0, 0x1}, {0xe}, 0x2, 0x6, 0x2e})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x4004944)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f0000019480)={&(0x7f0000019200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000019440)={&(0x7f00000192c0)=ANY=[@ANYBLOB="40010000", @ANYRES16=0x0, @ANYBLOB="010025bd7000ffdbdf2545000000080001007063690011000200303030303a30303a31302e300000000008008e00000000000e0001006e657464657673696d0000000f00021f6e657464657673696d30000008008e00000000000e0001006e6574646576736926b1e63a0f0002006e657464657673690001000008008e00000000000e0001006e3c7464657673696d00001b0f0002006e657464657673696d30000008008e0001947a000000080001007063690011000200303030303a30303a31302e300000000008008e0001000000080001007063690011000200303030303a17303a31302e300000000008008e00030000000800353f847f690011000200303030303a30303a31302e300000000008008e0001000000080001007063690011000200303030303a30303a31302e300000000008008e000100"], 0x140}, 0x1, 0x0, 0x0, 0x880}, 0x20000800)
sendmsg$NFT_BATCH(r4, &(0x7f0000019280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYRESHEX=0x0, @ANYRES8, @ANYRES16], 0x64}}, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r5 = gettid()
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r6, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r7=>0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x16, 0x0, @tid=r5})
timer_settime(r7, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

209.45213ms ago: executing program 0 (id=1151):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x2b8, 0xb0000010, 0x2, 0x5c8f0200, 0x388, 0x3a8, 0x3a8, 0x388, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0x248, 0x290, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0xf1, 0x0, 0x33, 0x0, 0x10000000, 0x1, 0x7fffffff}}}, @common=@unspec=@limit={{0x48}, {0x0, 0x3}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)

201.508791ms ago: executing program 1 (id=1152):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
execve(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)

173.223973ms ago: executing program 5 (id=1154):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r1, &(0x7f0000000280)={@val={0x6f01, 0xfbfb}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffff20, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x700, 0x0, 0x18, {[@window={0x9, 0x3}, @timestamp={0x5, 0xa, 0xffffff07}, @generic={0x0, 0x8, "d58838000391"}]}}}}}}, 0x4e)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg(r2, &(0x7f0000001300), 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r3)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x32)
write(r5, &(0x7f00000001c0)="49bda8f11851b8436bebb25ac5f8202ffb", 0x11)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffffffffffffffd)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r6, &(0x7f0000000200)="0193edb6e1904796643edd81c475849ac755faa6d0e87191082dd1194f3fb05459e4574eb31d237fc824d673abb2ac581fb387f92a489cd47f5cf0f98f1c935b42", &(0x7f0000000080)=""/44, 0x4}, 0x20)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000500)=[@mask_cswp={0x5b, 0x114, 0x9, {{0x8, 0x5}, 0x0, 0x0, 0x1, 0xb6, 0xfb, 0x3b0c9548, 0x0, 0xefb}}], 0x58, 0x8000}, 0x0)

125.426738ms ago: executing program 1 (id=1155):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
pipe2(0x0, 0x0)
r1 = socket(0x2c, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r1}, 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

82.064602ms ago: executing program 1 (id=1156):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d6163736563000014000280050006000000000005000f000000000008000500", @ANYRES32=r1], 0x4c}}, 0x0)

81.225643ms ago: executing program 0 (id=1157):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f0000000000)={0x0, <r2=>0x0}, 0x0)
r3 = socket(0x2c, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r4, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r3}, 0x20)
close_range(r2, 0xffffffffffffffff, 0x0)

70.039813ms ago: executing program 1 (id=1158):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
readv(0xffffffffffffffff, &(0x7f00000014c0)=[{&(0x7f0000000000)=""/22, 0x16}], 0x1)

2.26069ms ago: executing program 1 (id=1159):
r0 = socket$kcm(0x11, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x4, r2, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x0)

0s ago: executing program 3 (id=1160):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r1, &(0x7f0000000280)={@val={0x6f01, 0xfbfb}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffff20, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x700, 0x0, 0x18, {[@window={0x9, 0x3}, @timestamp={0x5, 0xa, 0xffffff07}, @generic={0x0, 0x8, "d58838000391"}]}}}}}}, 0x4e)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000380)={'veth0_vlan\x00', 0x600})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg(r2, &(0x7f0000001300), 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r3)
r4 = socket$rds(0x15, 0x5, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x32)
write(r6, &(0x7f00000001c0)="49bda8f11851b8436bebb25ac5f8202ffb", 0x11)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffffffffffffffd)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={r7, &(0x7f0000000200)="0193edb6e1904796643edd81c475849ac755faa6d0e87191082dd1194f3fb05459e4574eb31d237fc824d673abb2ac581fb387f92a489cd47f5cf0f98f1c935b42", &(0x7f0000000080)=""/44, 0x4}, 0x20)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000500)=[@mask_cswp={0x5b, 0x114, 0x9, {{0x8, 0x5}, 0x0, 0x0, 0x1, 0xb6, 0xfb, 0x3b0c9548, 0x0, 0xefb}}], 0x58, 0x8000}, 0x0)

kernel console output (not intermixed with test programs):

0-000000000000 r/w without journal. Quota mode: writeback.
[   49.732900][ T4462] EXT4-fs (loop4): pa ffff8881075f0850: logic 48, phys. 177, len 21
[   49.783427][ T4462] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   49.808791][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.905223][ T4488] loop4: detected capacity change from 0 to 512
[   49.921450][ T4488] EXT4-fs: Ignoring removed nobh option
[   49.931704][ T4490] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[   49.952790][ T4490] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   49.980686][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.991857][ T4488] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #3: comm syz.4.364: corrupted inode contents
[   50.013483][ T4488] EXT4-fs (loop4): Remounting filesystem read-only
[   50.025056][ T4496] xt_hashlimit: max too large, truncated to 1048576
[   50.035454][ T4496] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   50.046903][ T3396] usb usb8-port1: attempt power cycle
[   50.053062][ T4488] EXT4-fs (loop4): 1 truncate cleaned up
[   50.059044][ T4498] loop1: detected capacity change from 0 to 4096
[   50.069908][ T4498] EXT4-fs: Ignoring removed nomblk_io_submit option
[   50.076579][ T4498] EXT4-fs: Ignoring removed i_version option
[   50.083580][ T4488] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.091746][ T4500] loop3: detected capacity change from 0 to 164
[   50.103379][ T4488] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.128026][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.139422][ T4498] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #4: comm syz.1.368: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 256(256)
[   50.158006][ T4500] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   50.158620][ T4498] EXT4-fs error (device loop1): ext4_quota_enable:7139: comm syz.1.368: Bad quota inode: 4, type: 1
[   50.179639][ T4498] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   50.181342][ T4500] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   50.205774][ T4500] Symlink component flag not implemented
[   50.211464][ T4500] Symlink component flag not implemented
[   50.217746][ T4498] EXT4-fs (loop1): mount failed
[   50.217821][ T4500] Symlink component flag not implemented (7)
[   50.228661][ T4500] Symlink component flag not implemented (116)
[   50.234000][ T4503] loop4: detected capacity change from 0 to 164
[   50.251994][ T4498] FAULT_INJECTION: forcing a failure.
[   50.251994][ T4498] name failslab, interval 1, probability 0, space 0, times 0
[   50.264917][ T4498] CPU: 1 UID: 0 PID: 4498 Comm: syz.1.368 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.264965][ T4498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   50.264974][ T4498] Call Trace:
[   50.264982][ T4498]  <TASK>
[   50.264989][ T4498]  __dump_stack+0x1d/0x30
[   50.265063][ T4498]  dump_stack_lvl+0xe8/0x140
[   50.265080][ T4498]  dump_stack+0x15/0x1b
[   50.265094][ T4498]  should_fail_ex+0x265/0x280
[   50.265111][ T4498]  should_failslab+0x8c/0xb0
[   50.265132][ T4498]  __kvmalloc_node_noprof+0x12e/0x670
[   50.265227][ T4498]  ? vmemdup_user+0x2b/0xd0
[   50.265252][ T4498]  vmemdup_user+0x2b/0xd0
[   50.265274][ T4498]  map_get_next_key+0x140/0x330
[   50.265327][ T4498]  ? __sys_bpf+0x599/0x7c0
[   50.265342][ T4498]  __sys_bpf+0x5a3/0x7c0
[   50.265362][ T4498]  __x64_sys_bpf+0x41/0x50
[   50.265437][ T4498]  x64_sys_call+0x2aee/0x3000
[   50.265456][ T4498]  do_syscall_64+0xd2/0x200
[   50.265473][ T4498]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   50.265495][ T4498]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   50.265549][ T4498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.265644][ T4498] RIP: 0033:0x7fa23076efc9
[   50.265659][ T4498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.265675][ T4498] RSP: 002b:00007fa22f1cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   50.265694][ T4498] RAX: ffffffffffffffda RBX: 00007fa2309c5fa0 RCX: 00007fa23076efc9
[   50.265706][ T4498] RDX: 0000000000000020 RSI: 0000200000000240 RDI: 0000000000000004
[   50.265792][ T4498] RBP: 00007fa22f1cf090 R08: 0000000000000000 R09: 0000000000000000
[   50.265804][ T4498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.265815][ T4498] R13: 00007fa2309c6038 R14: 00007fa2309c5fa0 R15: 00007ffea2b8bfc8
[   50.265833][ T4498]  </TASK>
[   50.514577][ T4503] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   50.553966][ T4503] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   50.570209][ T4511] xt_hashlimit: max too large, truncated to 1048576
[   50.584543][ T4511] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   50.589194][ T4503] Symlink component flag not implemented
[   50.601242][ T4503] Symlink component flag not implemented
[   50.631124][ T4503] Symlink component flag not implemented (7)
[   50.638102][ T4503] Symlink component flag not implemented (116)
[   50.870004][ T4551] SELinux:  Context system_u:object_r:udev_var_run_t:s0 is not valid (left unmapped).
[   50.880193][   T29] kauditd_printk_skb: 244 callbacks suppressed
[   50.880205][   T29] audit: type=1400 audit(1761592939.142:1422): avc:  denied  { relabelto } for  pid=4550 comm="syz.4.387" name="NETLINK" dev="sockfs" ino=8359 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_generic_socket permissive=1 trawcon="system_u:object_r:udev_var_run_t:s0"
[   50.961484][   T29] audit: type=1326 audit(1761592939.172:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   50.985078][   T29] audit: type=1326 audit(1761592939.182:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   51.011802][ T4560] loop3: detected capacity change from 0 to 2048
[   51.013192][   T29] audit: type=1326 audit(1761592939.222:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   51.027108][ T4560] EXT4-fs: Ignoring removed bh option
[   51.042421][   T29] audit: type=1326 audit(1761592939.222:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   51.072522][   T29] audit: type=1326 audit(1761592939.222:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   51.098358][   T29] audit: type=1400 audit(1761592939.222:1428): avc:  denied  { connect } for  pid=4559 comm="syz.3.391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   51.121442][   T29] audit: type=1326 audit(1761592939.232:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   51.148049][   T29] audit: type=1326 audit(1761592939.232:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   51.177420][   T29] audit: type=1326 audit(1761592939.232:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4547 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   51.206914][ T4569] FAULT_INJECTION: forcing a failure.
[   51.206914][ T4569] name failslab, interval 1, probability 0, space 0, times 0
[   51.221543][ T4569] CPU: 0 UID: 0 PID: 4569 Comm: syz.4.393 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   51.221567][ T4569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   51.221577][ T4569] Call Trace:
[   51.221599][ T4569]  <TASK>
[   51.221607][ T4569]  __dump_stack+0x1d/0x30
[   51.221627][ T4569]  dump_stack_lvl+0xe8/0x140
[   51.221677][ T4569]  dump_stack+0x15/0x1b
[   51.221756][ T4569]  should_fail_ex+0x265/0x280
[   51.221773][ T4569]  should_failslab+0x8c/0xb0
[   51.221796][ T4569]  kmem_cache_alloc_noprof+0x50/0x480
[   51.221893][ T4569]  ? getname_flags+0x80/0x3b0
[   51.221919][ T4569]  getname_flags+0x80/0x3b0
[   51.221942][ T4569]  __getname_maybe_null+0x66/0x1a0
[   51.221998][ T4569]  __se_sys_move_mount+0x1a3/0x490
[   51.222017][ T4569]  ? fput+0x8f/0xc0
[   51.222034][ T4569]  __x64_sys_move_mount+0x67/0x80
[   51.222108][ T4569]  x64_sys_call+0xcfe/0x3000
[   51.222179][ T4569]  do_syscall_64+0xd2/0x200
[   51.222195][ T4569]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   51.222220][ T4569]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   51.222319][ T4569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.222402][ T4569] RIP: 0033:0x7f37f2c3efc9
[   51.222417][ T4569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.222431][ T4569] RSP: 002b:00007f37f169f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[   51.222450][ T4569] RAX: ffffffffffffffda RBX: 00007f37f2e95fa0 RCX: 00007f37f2c3efc9
[   51.222461][ T4569] RDX: 0000000000000003 RSI: 00002000000000c0 RDI: 0000000000000003
[   51.222471][ T4569] RBP: 00007f37f169f090 R08: 0000000000000177 R09: 0000000000000000
[   51.222480][ T4569] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.222544][ T4569] R13: 00007f37f2e96038 R14: 00007f37f2e95fa0 R15: 00007fffaa270a88
[   51.222559][ T4569]  </TASK>
[   51.225026][ T4560] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.298542][ T4571] loop4: detected capacity change from 0 to 1024
[   51.488109][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.491734][ T4571] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.587242][ T4571] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.394: Allocating blocks 385-513 which overlap fs metadata
[   51.614510][ T4571] EXT4-fs (loop4): pa ffff8881075f07e0: logic 16, phys. 129, len 24
[   51.624744][ T4571] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 8
[   51.644326][   T52] Trying to write to read-only block-device loop4
[   51.675580][ T4587] loop0: detected capacity change from 0 to 164
[   51.697456][ T4587] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   51.697940][ T4591] loop3: detected capacity change from 0 to 128
[   51.716293][ T4587] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   51.716318][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.739088][ T4587] Symlink component flag not implemented
[   51.746063][ T4587] Symlink component flag not implemented
[   51.779493][ T4598] xt_hashlimit: max too large, truncated to 1048576
[   51.782143][ T4597] loop1: detected capacity change from 0 to 1024
[   51.794729][ T4598] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   51.796729][ T4587] Symlink component flag not implemented (7)
[   51.810327][ T4587] Symlink component flag not implemented (116)
[   51.823613][ T4597] EXT4-fs: Ignoring removed orlov option
[   51.835453][ T4597] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.881635][ T4603] loop4: detected capacity change from 0 to 2048
[   51.913826][ T4605] xt_hashlimit: max too large, truncated to 1048576
[   51.921942][ T4605] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   51.945977][ T3305] Alternate GPT is invalid, using primary GPT.
[   51.953577][ T3305]  loop4: p2 p3 p7
[   51.987613][ T4603] Alternate GPT is invalid, using primary GPT.
[   51.995630][ T4603]  loop4: p2 p3 p7
[   52.008788][ T4610] 0ªî{X¹¦: renamed from gretap0 (while UP)
[   52.020953][ T4610] 0ªî{X¹¦: entered allmulticast mode
[   52.034301][ T4610] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   52.126971][ T3396] usb usb8-port1: unable to enumerate USB device
[   52.129762][ T4614] FAULT_INJECTION: forcing a failure.
[   52.129762][ T4614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.148713][ T4614] CPU: 0 UID: 0 PID: 4614 Comm: syz.0.411 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.148819][ T4614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.148831][ T4614] Call Trace:
[   52.148837][ T4614]  <TASK>
[   52.148844][ T4614]  __dump_stack+0x1d/0x30
[   52.148866][ T4614]  dump_stack_lvl+0xe8/0x140
[   52.148886][ T4614]  dump_stack+0x15/0x1b
[   52.148903][ T4614]  should_fail_ex+0x265/0x280
[   52.148942][ T4614]  should_fail+0xb/0x20
[   52.148957][ T4614]  should_fail_usercopy+0x1a/0x20
[   52.148977][ T4614]  _copy_from_user+0x1c/0xb0
[   52.149001][ T4614]  ___sys_sendmsg+0xc1/0x1d0
[   52.149116][ T4614]  __x64_sys_sendmsg+0xd4/0x160
[   52.149146][ T4614]  x64_sys_call+0x191e/0x3000
[   52.149214][ T4614]  do_syscall_64+0xd2/0x200
[   52.149230][ T4614]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.149284][ T4614]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.149341][ T4614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.149362][ T4614] RIP: 0033:0x7f18ffd6efc9
[   52.149376][ T4614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.149391][ T4614] RSP: 002b:00007f18fe7cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.149410][ T4614] RAX: ffffffffffffffda RBX: 00007f18fffc5fa0 RCX: 00007f18ffd6efc9
[   52.149422][ T4614] RDX: 0000000000000018 RSI: 0000200000000540 RDI: 0000000000000003
[   52.149435][ T4614] RBP: 00007f18fe7cf090 R08: 0000000000000000 R09: 0000000000000000
[   52.149447][ T4614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.149523][ T4614] R13: 00007f18fffc6038 R14: 00007f18fffc5fa0 R15: 00007fff08ecf938
[   52.149542][ T4614]  </TASK>
[   52.163659][ T4591] syz.3.403: attempt to access beyond end of device
[   52.163659][ T4591] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   52.200316][ T4616] process 'syz.2.412' launched './file1' with NULL argv: empty string added
[   52.203209][ T4591] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   52.230605][ T4599] syz.3.403: attempt to access beyond end of device
[   52.230605][ T4599] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   52.272037][ T4616] netlink: '+}[@': attribute type 8 has an invalid length.
[   52.292788][ T4599] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   52.365234][ T4591] syz.3.403: attempt to access beyond end of device
[   52.365234][ T4591] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   52.430155][ T4591] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   52.548539][ T4630] xt_hashlimit: max too large, truncated to 1048576
[   52.556097][ T4630] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   52.580060][ T4633] loop0: detected capacity change from 0 to 164
[   52.611166][ T4635] loop4: detected capacity change from 0 to 512
[   52.619464][ T4633] Unable to read rock-ridge attributes
[   52.669272][ T4638] xt_hashlimit: max too large, truncated to 1048576
[   52.699888][ T4638] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   52.710354][ T4644] __nla_validate_parse: 8 callbacks suppressed
[   52.710368][ T4644] netlink: 4 bytes leftover after parsing attributes in process `syz.2.424'.
[   52.729933][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.778389][ T4651] Driver unsupported XDP return value 0 on prog  (id 265) dev N/A, expect packet loss!
[   52.860041][ T4662] loop0: detected capacity change from 0 to 164
[   52.878017][ T4668] FAULT_INJECTION: forcing a failure.
[   52.878017][ T4668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.894858][ T4667] loop1: detected capacity change from 0 to 1024
[   52.894874][ T4668] CPU: 0 UID: 0 PID: 4668 Comm: syz.2.433 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.894896][ T4668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.894906][ T4668] Call Trace:
[   52.894913][ T4668]  <TASK>
[   52.894920][ T4668]  __dump_stack+0x1d/0x30
[   52.894957][ T4668]  dump_stack_lvl+0xe8/0x140
[   52.894981][ T4668]  dump_stack+0x15/0x1b
[   52.894997][ T4668]  should_fail_ex+0x265/0x280
[   52.895015][ T4668]  should_fail+0xb/0x20
[   52.895030][ T4668]  should_fail_usercopy+0x1a/0x20
[   52.895050][ T4668]  _copy_from_user+0x1c/0xb0
[   52.895111][ T4668]  __sys_bind+0x106/0x2a0
[   52.895154][ T4668]  __x64_sys_bind+0x3f/0x50
[   52.895177][ T4668]  x64_sys_call+0x2b72/0x3000
[   52.895197][ T4668]  do_syscall_64+0xd2/0x200
[   52.895269][ T4668]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.895294][ T4668]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.895363][ T4668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.895383][ T4668] RIP: 0033:0x7f62bacaefc9
[   52.895398][ T4668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.895460][ T4668] RSP: 002b:00007f62b9717038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[   52.895500][ T4668] RAX: ffffffffffffffda RBX: 00007f62baf05fa0 RCX: 00007f62bacaefc9
[   52.895512][ T4668] RDX: 0000000000000010 RSI: 0000200000000380 RDI: 0000000000000005
[   52.895522][ T4668] RBP: 00007f62b9717090 R08: 0000000000000000 R09: 0000000000000000
[   52.895534][ T4668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.895546][ T4668] R13: 00007f62baf06038 R14: 00007f62baf05fa0 R15: 00007ffe25440d08
[   52.895563][ T4668]  </TASK>
[   53.032536][ T4662] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   53.044156][ T4667] EXT4-fs: Ignoring removed orlov option
[   53.117611][ T4662] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   53.131313][ T4667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.150052][ T4662] Symlink component flag not implemented
[   53.156274][ T4662] Symlink component flag not implemented
[   53.162547][ T4662] Symlink component flag not implemented (7)
[   53.169285][ T4662] Symlink component flag not implemented (116)
[   53.240705][ T4687] netlink: 4 bytes leftover after parsing attributes in process `syz.3.441'.
[   53.421681][ T4700] loop3: detected capacity change from 0 to 128
[   53.723192][ T4712] loop0: detected capacity change from 0 to 1024
[   53.765185][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.798294][ T4712] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   53.827159][ T4712] EXT4-fs (loop0): mount failed
[   53.848348][ T4714] loop2: detected capacity change from 0 to 1024
[   53.871295][ T4718] FAULT_INJECTION: forcing a failure.
[   53.871295][ T4718] name failslab, interval 1, probability 0, space 0, times 0
[   53.885493][ T4718] CPU: 1 UID: 0 PID: 4718 Comm: syz.1.451 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.885517][ T4718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   53.885527][ T4718] Call Trace:
[   53.885533][ T4718]  <TASK>
[   53.885540][ T4718]  __dump_stack+0x1d/0x30
[   53.885597][ T4718]  dump_stack_lvl+0xe8/0x140
[   53.885618][ T4718]  dump_stack+0x15/0x1b
[   53.885636][ T4718]  should_fail_ex+0x265/0x280
[   53.885671][ T4718]  should_failslab+0x8c/0xb0
[   53.885757][ T4718]  kmem_cache_alloc_noprof+0x50/0x480
[   53.885779][ T4718]  ? audit_log_start+0x342/0x720
[   53.885912][ T4718]  audit_log_start+0x342/0x720
[   53.885934][ T4718]  ? kstrtouint+0x76/0xc0
[   53.885961][ T4718]  audit_seccomp+0x48/0x100
[   53.886007][ T4718]  ? __seccomp_filter+0x82d/0x1250
[   53.886119][ T4718]  __seccomp_filter+0x83e/0x1250
[   53.886150][ T4718]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   53.886234][ T4718]  ? vfs_write+0x7e8/0x960
[   53.886254][ T4718]  ? __rcu_read_unlock+0x4f/0x70
[   53.886280][ T4718]  ? __fget_files+0x184/0x1c0
[   53.886307][ T4718]  __secure_computing+0x82/0x150
[   53.886371][ T4718]  syscall_trace_enter+0xcf/0x1e0
[   53.886398][ T4718]  do_syscall_64+0xac/0x200
[   53.886417][ T4718]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.886464][ T4718]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   53.886494][ T4718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.886563][ T4718] RIP: 0033:0x7fa23076efc9
[   53.886577][ T4718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.886656][ T4718] RSP: 002b:00007fa22f1cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ba
[   53.886677][ T4718] RAX: ffffffffffffffda RBX: 00007fa2309c5fa0 RCX: 00007fa23076efc9
[   53.886690][ T4718] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000005
[   53.886703][ T4718] RBP: 00007fa22f1cf090 R08: 0000000000000020 R09: 0000000000000000
[   53.886716][ T4718] R10: 0000200000001dc0 R11: 0000000000000246 R12: 0000000000000001
[   53.886754][ T4718] R13: 00007fa2309c6038 R14: 00007fa2309c5fa0 R15: 00007ffea2b8bfc8
[   53.886770][ T4718]  </TASK>
[   54.138636][ T4720] netlink: 5 bytes leftover after parsing attributes in process `syz.0.452'.
[   54.152765][ T4720] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[   54.165800][ T4720] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   54.210494][ T4714] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.252080][ T4724] loop1: detected capacity change from 0 to 164
[   54.298994][ T4726] netlink: 4 bytes leftover after parsing attributes in process `syz.0.454'.
[   54.326501][ T4707] syz.3.446: attempt to access beyond end of device
[   54.326501][ T4707] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   54.341499][ T4707] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   54.364070][ T4724] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   54.376247][ T4700] syz.3.446: attempt to access beyond end of device
[   54.376247][ T4700] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   54.391092][ T4700] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   54.472131][ T4714] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.450: Allocating blocks 449-513 which overlap fs metadata
[   54.488852][ T4724] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   54.499523][ T4724] Symlink component flag not implemented
[   54.505781][ T4724] Symlink component flag not implemented
[   54.523533][ T4713] EXT4-fs (loop2): pa ffff8881076a55b0: logic 48, phys. 177, len 21
[   54.532583][ T4713] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   54.543125][ T4724] Symlink component flag not implemented (7)
[   54.549445][ T4724] Symlink component flag not implemented (116)
[   54.590164][ T4731] loop0: detected capacity change from 0 to 512
[   54.607493][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.638388][ T4731] EXT4-fs (loop0): too many log groups per flexible block group
[   54.656907][ T4731] EXT4-fs (loop0): failed to initialize mballoc (-12)
[   54.664341][ T4731] EXT4-fs (loop0): mount failed
[   54.681388][ T4736] hashlimit_mt_check_common: 2 callbacks suppressed
[   54.681400][ T4736] xt_hashlimit: max too large, truncated to 1048576
[   54.748362][ T4736] connsecmark_tg_check: 2 callbacks suppressed
[   54.748377][ T4736] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   54.815116][ T4745] xt_hashlimit: max too large, truncated to 1048576
[   54.853474][ T4750] loop2: detected capacity change from 0 to 128
[   54.887347][ T4745] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   54.906917][ T4748] loop3: detected capacity change from 0 to 512
[   54.931871][ T4748] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.461: inode has both inline data and extents flags
[   54.977104][ T4748] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.461: couldn't read orphan inode 15 (err -117)
[   55.019776][ T4748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.092573][ T4762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.465'.
[   55.124384][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.250648][ T4772] loop1: detected capacity change from 0 to 164
[   55.273535][ T4774] loop3: detected capacity change from 0 to 512
[   55.327249][ T4774] EXT4-fs: Ignoring removed nobh option
[   55.353966][ T4772] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   55.382277][ T4774] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.468: corrupted inode contents
[   55.389194][ T4772] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   55.417014][ T4774] EXT4-fs (loop3): Remounting filesystem read-only
[   55.463100][ T4772] Symlink component flag not implemented
[   55.469257][ T4772] Symlink component flag not implemented
[   55.492769][ T4774] EXT4-fs (loop3): 1 truncate cleaned up
[   55.509404][ T4774] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.536847][ T4772] Symlink component flag not implemented (7)
[   55.543515][ T4772] Symlink component flag not implemented (116)
[   55.553204][ T4774] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.649568][ T4753] syz.2.462: attempt to access beyond end of device
[   55.649568][ T4753] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   55.664164][ T4753] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   55.676287][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.709639][ T4750] syz.2.462: attempt to access beyond end of device
[   55.709639][ T4750] loop2: rw=2049, sector=128, nr_sectors = 1 limit=128
[   55.725355][ T4750] Buffer I/O error on dev loop2, logical block 128, lost async page write
[   55.842569][ T4786] xt_hashlimit: max too large, truncated to 1048576
[   55.887385][ T4786] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   55.937472][ T4794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.477'.
[   56.024008][   T29] kauditd_printk_skb: 261 callbacks suppressed
[   56.024022][   T29] audit: type=1107 audit(1761592944.272:1688): pid=4797 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='ä'
[   56.086076][   T29] audit: type=1326 audit(1761592944.332:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4810 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   56.111725][   T29] audit: type=1326 audit(1761592944.332:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4810 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   56.191672][ T4823] xt_hashlimit: max too large, truncated to 1048576
[   56.199538][ T4823] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   56.255355][   T29] audit: type=1326 audit(1761592944.392:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4810 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   56.282110][   T29] audit: type=1326 audit(1761592944.392:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4810 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   56.308031][   T29] audit: type=1326 audit(1761592944.392:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4810 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   56.333706][   T29] audit: type=1326 audit(1761592944.402:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4815 comm="syz.1.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   56.359135][   T29] audit: type=1326 audit(1761592944.402:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4815 comm="syz.1.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   56.385358][   T29] audit: type=1326 audit(1761592944.402:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4815 comm="syz.1.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   56.453303][ T4836] loop1: detected capacity change from 0 to 164
[   56.480741][ T4836] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   56.507344][ T4836] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   56.526615][ T4836] Symlink component flag not implemented
[   56.533361][ T4836] Symlink component flag not implemented
[   56.556581][ T4836] Symlink component flag not implemented (7)
[   56.562871][ T4836] Symlink component flag not implemented (116)
[   56.574952][ T4842] loop0: detected capacity change from 0 to 512
[   56.605750][ T4842] EXT4-fs: Ignoring removed nobh option
[   56.638022][ T4842] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #3: comm syz.0.494: corrupted inode contents
[   56.654382][   T29] audit: type=1107 audit(1761592944.902:1697): pid=4843 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='ä'
[   56.718075][ T4842] EXT4-fs (loop0): Remounting filesystem read-only
[   56.754312][ T4842] EXT4-fs (loop0): 1 truncate cleaned up
[   56.793422][ T4842] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.817216][ T4852] loop1: detected capacity change from 0 to 1024
[   56.843599][ T4852] EXT4-fs: Ignoring removed orlov option
[   56.885599][ T4854] netlink: 4 bytes leftover after parsing attributes in process `syz.0.498'.
[   57.045645][ T4863] loop0: detected capacity change from 0 to 1024
[   57.073001][ T4863] EXT4-fs: Ignoring removed orlov option
[   57.119963][ T4874] loop2: detected capacity change from 0 to 512
[   57.127546][ T4865] loop1: detected capacity change from 0 to 8192
[   57.165226][ T4874] EXT4-fs: Ignoring removed nobh option
[   57.282016][ T4877] netlink: 4 bytes leftover after parsing attributes in process `syz.3.508'.
[   57.296675][ T4874] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #3: comm syz.2.505: corrupted inode contents
[   57.321438][ T4874] EXT4-fs (loop2): Remounting filesystem read-only
[   57.350917][ T4874] EXT4-fs (loop2): 1 truncate cleaned up
[   57.357926][ T4874] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.367019][ T4887] netlink: 12 bytes leftover after parsing attributes in process `syz.3.511'.
[   57.427401][ T4889] netlink: 8 bytes leftover after parsing attributes in process `syz.1.512'.
[   57.467163][ T4889] team0 (unregistering): Port device team_slave_0 removed
[   57.487865][ T4889] team0 (unregistering): Port device team_slave_1 removed
[   57.505677][ T4896] loop2: detected capacity change from 0 to 1024
[   57.519488][ T4896] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   57.547510][ T4896] EXT4-fs (loop2): mount failed
[   57.719167][ T4901] loop1: detected capacity change from 0 to 8192
[   57.728992][ T4904] loop0: detected capacity change from 0 to 8192
[   57.770119][ T4904] FAT-fs (loop0): bogus logical sector size 659
[   57.776934][ T4904] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   57.786912][ T4904] FAT-fs (loop0): Can't find a valid FAT filesystem
[   58.032797][ T4922] loop0: detected capacity change from 0 to 1024
[   58.245195][ T4922] EXT4-fs: Ignoring removed orlov option
[   58.494370][ T4935] __nla_validate_parse: 1 callbacks suppressed
[   58.494384][ T4935] netlink: 12 bytes leftover after parsing attributes in process `syz.0.526'.
[   58.595800][ T4943] xt_hashlimit: max too large, truncated to 1048576
[   58.597552][ T4942] ip6gre1: entered promiscuous mode
[   58.609941][ T4942] ip6gre1: entered allmulticast mode
[   58.613796][ T4943] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   58.634501][ T4942] netlink: 32 bytes leftover after parsing attributes in process `syz.2.532'.
[   58.645021][ T4942] netlink: 32 bytes leftover after parsing attributes in process `syz.2.532'.
[   58.674748][ T4945] netlink: 5 bytes leftover after parsing attributes in process `syz.0.533'.
[   58.689354][ T4939] loop3: detected capacity change from 0 to 1024
[   58.727090][ T4945] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[   58.745715][ T4942] loop2: detected capacity change from 0 to 8192
[   58.764518][ T4945] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   58.803127][ T4942] FAT-fs (loop2): bogus logical sector size 659
[   58.810094][ T4942] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   58.820989][ T4942] FAT-fs (loop2): Can't find a valid FAT filesystem
[   58.839408][ T4952] netlink: 8 bytes leftover after parsing attributes in process `syz.1.535'.
[   58.991783][ T4958] loop2: detected capacity change from 0 to 1024
[   59.003365][ T4969] netlink: 4 bytes leftover after parsing attributes in process `syz.1.535'.
[   59.055397][ T4939] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.530: Allocating blocks 449-513 which overlap fs metadata
[   59.103300][ T4938] EXT4-fs (loop3): pa ffff8881075f0a80: logic 48, phys. 177, len 21
[   59.111933][ T4938] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   59.145861][ T4961] loop0: detected capacity change from 0 to 1024
[   59.157847][ T3321] Trying to write to read-only block-device loop2
[   59.214445][ T4982] xt_hashlimit: max too large, truncated to 1048576
[   59.237048][ T4982] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   59.256845][ T4986] netlink: 12 bytes leftover after parsing attributes in process `syz.1.543'.
[   59.313556][ T4961] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.538: Allocating blocks 449-513 which overlap fs metadata
[   59.337109][ T4991] loop2: detected capacity change from 0 to 128
[   59.375644][ T4959] EXT4-fs (loop0): pa ffff8881076a5620: logic 48, phys. 177, len 21
[   59.384055][ T4959] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   59.418028][ T5000] xt_hashlimit: max too large, truncated to 1048576
[   59.457395][ T5000] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   59.503019][ T4997] loop2: detected capacity change from 0 to 8192
[   59.546409][ T5009] loop4: detected capacity change from 0 to 1024
[   59.563868][ T5011] xt_hashlimit: max too large, truncated to 1048576
[   59.585838][ T5011] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   59.667827][ T5020] netlink: 12 bytes leftover after parsing attributes in process `syz.3.558'.
[   59.802490][ T5035] loop1: detected capacity change from 0 to 512
[   59.835957][ T5035] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.562: inode has both inline data and extents flags
[   59.899067][ T5035] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.562: couldn't read orphan inode 15 (err -117)
[   59.902861][ T5048] loop0: detected capacity change from 0 to 512
[   59.930848][ T5048] EXT4-fs: Ignoring removed nobh option
[   59.999240][ T5048] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #3: comm syz.0.568: corrupted inode contents
[   60.012780][ T5057] loop4: detected capacity change from 0 to 1024
[   60.046299][ T5059] loop2: detected capacity change from 0 to 1024
[   60.053778][ T5059] EXT4-fs: Ignoring removed orlov option
[   60.055337][ T5048] EXT4-fs (loop0): Remounting filesystem read-only
[   60.081716][ T5061] netlink: 12 bytes leftover after parsing attributes in process `syz.3.572'.
[   60.108808][ T5048] EXT4-fs (loop0): 1 truncate cleaned up
[   60.115200][ T5048] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.233123][ T5075] netlink: 8 bytes leftover after parsing attributes in process `syz.4.578'.
[   60.285011][ T5075] team0 (unregistering): Port device team_slave_0 removed
[   60.295270][ T5075] team0 (unregistering): Port device team_slave_1 removed
[   60.312907][ T5077] loop2: detected capacity change from 0 to 512
[   60.457968][ T5072] loop3: detected capacity change from 0 to 1024
[   60.503297][ T5098] loop1: detected capacity change from 0 to 512
[   60.525978][ T5098] EXT4-fs: Ignoring removed nobh option
[   60.544336][ T5104] loop4: detected capacity change from 0 to 164
[   60.562307][ T5104] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   60.603116][ T5080] loop0: detected capacity change from 0 to 1024
[   60.606421][ T5098] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #3: comm syz.1.587: corrupted inode contents
[   60.624563][ T5104] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   60.636300][ T5104] Symlink component flag not implemented
[   60.640517][ T5098] EXT4-fs (loop1): Remounting filesystem read-only
[   60.645935][ T5104] Symlink component flag not implemented
[   60.653621][ T5098] EXT4-fs (loop1): 1 truncate cleaned up
[   60.660080][ T5104] Symlink component flag not implemented (7)
[   60.665674][ T5098] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.671935][ T5104] Symlink component flag not implemented (116)
[   60.782071][ T5116] loop4: detected capacity change from 0 to 164
[   60.793639][ T5118] loop2: detected capacity change from 0 to 128
[   60.809553][ T5072] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.577: Allocating blocks 449-513 which overlap fs metadata
[   60.836099][ T5114] loop1: detected capacity change from 0 to 8192
[   60.857308][ T5116] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   60.871664][ T5071] EXT4-fs (loop3): pa ffff8881075f0a10: logic 48, phys. 177, len 21
[   60.880520][ T5071] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   60.918695][ T5080] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.580: Allocating blocks 449-513 which overlap fs metadata
[   60.923418][ T5116] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   60.997127][ T5116] Symlink component flag not implemented
[   61.003888][ T5116] Symlink component flag not implemented
[   61.028225][ T5079] EXT4-fs (loop0): pa ffff8881076a5690: logic 48, phys. 177, len 21
[   61.030593][   T29] kauditd_printk_skb: 364 callbacks suppressed
[   61.030606][   T29] audit: type=1326 audit(1761592949.282:2053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.3.597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3fc3fefc9 code=0x7ffc0000
[   61.037503][ T5079] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   61.075097][   T29] audit: type=1326 audit(1761592949.292:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.3.597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3fc3fefc9 code=0x7ffc0000
[   61.082148][ T5116] Symlink component flag not implemented (7)
[   61.104559][   T29] audit: type=1326 audit(1761592949.292:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.3.597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3fc3fefc9 code=0x7ffc0000
[   61.112857][ T5116] Symlink component flag not implemented (116)
[   61.117403][ T5133] loop3: detected capacity change from 0 to 512
[   61.139327][   T29] audit: type=1326 audit(1761592949.292:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.3.597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3fc3fefc9 code=0x7ffc0000
[   61.180393][   T29] audit: type=1326 audit(1761592949.292:2057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.3.597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe3fc3fefc9 code=0x7ffc0000
[   61.206414][   T29] audit: type=1326 audit(1761592949.292:2058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.3.597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe3fc3ff003 code=0x7ffc0000
[   61.231922][   T29] audit: type=1326 audit(1761592949.292:2059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.3.597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe3fc3fda7f code=0x7ffc0000
[   61.257062][   T29] audit: type=1326 audit(1761592949.302:2060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.3.597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe3fc3ff057 code=0x7ffc0000
[   61.286915][ T5133] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.597: inode has both inline data and extents flags
[   61.304392][   T29] audit: type=1326 audit(1761592949.372:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.3.597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe3fc3fd810 code=0x7ffc0000
[   61.321163][ T5133] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.597: couldn't read orphan inode 15 (err -117)
[   61.330864][   T29] audit: type=1326 audit(1761592949.372:2062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5131 comm="syz.3.597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe3fc3febcb code=0x7ffc0000
[   61.574859][ T5160] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[   61.610647][ T5160] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   61.664651][ T5162] xt_hashlimit: max too large, truncated to 1048576
[   61.693165][ T5162] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   62.029025][ T5172] loop0: detected capacity change from 0 to 1024
[   62.140658][ T5192] loop3: detected capacity change from 0 to 1024
[   62.160236][ T5192] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   62.188166][ T5192] EXT4-fs (loop3): mount failed
[   62.300286][ T5207] loop1: detected capacity change from 0 to 512
[   62.324610][ T5172] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.615: Allocating blocks 449-513 which overlap fs metadata
[   62.349105][ T5171] EXT4-fs (loop0): pa ffff8881075f0af0: logic 48, phys. 177, len 21
[   62.357750][ T5171] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   62.369642][ T5207] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.628: inode has both inline data and extents flags
[   62.408969][ T5207] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.628: couldn't read orphan inode 15 (err -117)
[   62.827889][ T5240] loop2: detected capacity change from 0 to 512
[   62.835603][ T5240] EXT4-fs: Ignoring removed nobh option
[   63.044809][ T5255] loop2: detected capacity change from 0 to 164
[   63.075466][ T5255] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   63.097355][ T5255] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   63.122085][ T5255] Symlink component flag not implemented
[   63.128236][ T5255] Symlink component flag not implemented
[   63.135523][ T5255] Symlink component flag not implemented (7)
[   63.142315][ T5255] Symlink component flag not implemented (116)
[   63.269390][ T5268] loop3: detected capacity change from 0 to 1024
[   63.296197][ T5268] EXT4-fs: Ignoring removed orlov option
[   63.412591][ T5283] loop2: detected capacity change from 0 to 164
[   63.436253][ T5286] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[   63.443070][ T5286] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   63.451005][ T5286] vhci_hcd vhci_hcd.0: Device attached
[   63.464178][ T5283] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   63.481979][ T5283] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   63.492685][ T5283] Symlink component flag not implemented
[   63.498779][ T5283] Symlink component flag not implemented
[   63.509480][ T5283] Symlink component flag not implemented (7)
[   63.515977][ T5283] Symlink component flag not implemented (116)
[   63.541476][ T5292] __nla_validate_parse: 14 callbacks suppressed
[   63.541539][ T5292] netlink: 5 bytes leftover after parsing attributes in process `syz.0.662'.
[   63.557917][ T5292] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[   63.570710][ T5292] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   63.726648][ T3377] usb 8-1: SetAddress Request (10) to port 0
[   63.733722][ T3377] usb 8-1: new SuperSpeed USB device number 10 using vhci_hcd
[   63.736579][ T5300] netlink: 12 bytes leftover after parsing attributes in process `syz.1.666'.
[   63.753137][ T5294] loop2: detected capacity change from 0 to 8192
[   63.839408][ T5302] netlink: 8 bytes leftover after parsing attributes in process `syz.1.667'.
[   64.182653][ T5287] vhci_hcd: connection reset by peer
[   64.189641][ T5316] vhci_hcd: stop threads
[   64.193908][ T5316] vhci_hcd: release socket
[   64.198498][ T5316] vhci_hcd: disconnect device
[   64.222969][ T5351] FAULT_INJECTION: forcing a failure.
[   64.222969][ T5351] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.236734][ T5351] CPU: 0 UID: 0 PID: 5351 Comm: syz.1.673 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.236814][ T5351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   64.236826][ T5351] Call Trace:
[   64.236832][ T5351]  <TASK>
[   64.236839][ T5351]  __dump_stack+0x1d/0x30
[   64.236858][ T5351]  dump_stack_lvl+0xe8/0x140
[   64.236876][ T5351]  dump_stack+0x15/0x1b
[   64.236967][ T5351]  should_fail_ex+0x265/0x280
[   64.236984][ T5351]  should_fail+0xb/0x20
[   64.236997][ T5351]  should_fail_usercopy+0x1a/0x20
[   64.237014][ T5351]  _copy_from_user+0x1c/0xb0
[   64.237072][ T5351]  __sys_bpf+0x183/0x7c0
[   64.237094][ T5351]  __x64_sys_bpf+0x41/0x50
[   64.237129][ T5351]  x64_sys_call+0x2aee/0x3000
[   64.237147][ T5351]  do_syscall_64+0xd2/0x200
[   64.237176][ T5351]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   64.237200][ T5351]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   64.237280][ T5351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.237372][ T5351] RIP: 0033:0x7fa23076efc9
[   64.237387][ T5351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.237403][ T5351] RSP: 002b:00007fa22f1cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   64.237422][ T5351] RAX: ffffffffffffffda RBX: 00007fa2309c5fa0 RCX: 00007fa23076efc9
[   64.237432][ T5351] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[   64.237491][ T5351] RBP: 00007fa22f1cf090 R08: 0000000000000000 R09: 0000000000000000
[   64.237503][ T5351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.237523][ T5351] R13: 00007fa2309c6038 R14: 00007fa2309c5fa0 R15: 00007ffea2b8bfc8
[   64.237541][ T5351]  </TASK>
[   64.652611][ T5385] xt_hashlimit: max too large, truncated to 1048576
[   64.661458][ T5385] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   64.691120][ T5387] xt_hashlimit: max too large, truncated to 1048576
[   64.701290][ T5387] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   64.848154][ T5395] netlink: 24 bytes leftover after parsing attributes in process `syz.2.684'.
[   65.076155][ T5402] loop2: detected capacity change from 0 to 1024
[   65.161348][ T5418] netlink: 5 bytes leftover after parsing attributes in process `syz.3.693'.
[   65.202755][ T5418] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[   65.216381][ T5418] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   65.274840][ T5424] netlink: 12 bytes leftover after parsing attributes in process `syz.3.696'.
[   65.539937][ T5441] loop3: detected capacity change from 0 to 1024
[   65.732946][ T5453] loop1: detected capacity change from 0 to 512
[   65.763925][ T5453] EXT4-fs: Ignoring removed nobh option
[   65.810960][ T5453] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #3: comm syz.1.708: corrupted inode contents
[   65.856479][ T5453] EXT4-fs (loop1): Remounting filesystem read-only
[   65.866258][ T5453] EXT4-fs (loop1): 1 truncate cleaned up
[   65.886400][ T5453] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.949323][ T5468] bridge0: entered promiscuous mode
[   65.962905][ T5468] macsec1: entered promiscuous mode
[   65.983919][ T5468] bridge0: port 3(macsec1) entered blocking state
[   65.991132][ T5468] bridge0: port 3(macsec1) entered disabled state
[   66.036141][ T5471] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[   66.078238][ T5468] macsec1: entered allmulticast mode
[   66.084800][ T5468] bridge0: entered allmulticast mode
[   66.113285][ T5476] xt_hashlimit: max too large, truncated to 1048576
[   66.121380][ T5468] macsec1: left allmulticast mode
[   66.126811][ T5468] bridge0: left allmulticast mode
[   66.131353][ T5476] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   66.163559][ T5468] bridge0: left promiscuous mode
[   66.218508][   T29] kauditd_printk_skb: 388 callbacks suppressed
[   66.218523][   T29] audit: type=1107 audit(1761592954.472:2448): pid=5479 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='ä'
[   66.221123][ T5480] loop3: detected capacity change from 0 to 512
[   66.269321][   T29] audit: type=1326 audit(1761592954.522:2449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5484 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   66.332776][ T5480] EXT4-fs (loop3): too many log groups per flexible block group
[   66.355636][   T29] audit: type=1326 audit(1761592954.542:2450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5484 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   66.370766][ T5480] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   66.380403][   T29] audit: type=1326 audit(1761592954.552:2451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5484 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   66.413335][   T29] audit: type=1326 audit(1761592954.552:2452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5484 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   66.438915][   T29] audit: type=1326 audit(1761592954.552:2453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5484 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   66.448977][ T5480] EXT4-fs (loop3): mount failed
[   66.463675][   T29] audit: type=1326 audit(1761592954.552:2454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5484 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   66.494706][   T29] audit: type=1326 audit(1761592954.552:2455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5484 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   66.520060][   T29] audit: type=1326 audit(1761592954.552:2456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5484 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   66.544663][   T29] audit: type=1326 audit(1761592954.552:2457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5484 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   66.768178][ T5497] netlink: 5 bytes leftover after parsing attributes in process `syz.2.722'.
[   66.798419][ T5497] 0ªî{X¹¦: renamed from gretap0 (while UP)
[   66.805029][ T5491] loop1: detected capacity change from 0 to 8192
[   66.819004][ T5497] 0ªî{X¹¦: entered allmulticast mode
[   66.836184][ T5497] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   67.008502][ T5515] loop0: detected capacity change from 0 to 512
[   67.036033][ T5515] EXT4-fs (loop0): too many log groups per flexible block group
[   67.049023][ T5519] loop2: detected capacity change from 0 to 1024
[   67.056664][ T5515] EXT4-fs (loop0): failed to initialize mballoc (-12)
[   67.065344][ T5521] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[   67.073635][ T5521] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   67.082013][ T5521] vhci_hcd vhci_hcd.0: Device attached
[   67.088474][ T5515] EXT4-fs (loop0): mount failed
[   67.089807][ T5519] EXT4-fs: Ignoring removed orlov option
[   67.353080][ T5534] msdos: Unknown parameter ''
[   67.377456][ T3410] usb 4-1: SetAddress Request (2) to port 0
[   67.390288][ T3410] usb 4-1: new SuperSpeed USB device number 2 using vhci_hcd
[   67.428623][ T5534] loop2: detected capacity change from 0 to 512
[   67.563303][ T5535] netlink: 'syz.2.734': attribute type 13 has an invalid length.
[   67.698018][ T5539] netlink: 5 bytes leftover after parsing attributes in process `syz.3.736'.
[   67.772756][ T5535] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.781002][ T5535] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.815939][ T5522] vhci_hcd: connection reset by peer
[   67.821845][ T5364] vhci_hcd: stop threads
[   67.826207][ T5364] vhci_hcd: release socket
[   67.831236][ T5364] vhci_hcd: disconnect device
[   67.872778][ T5535] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   67.884103][ T5535] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   67.952399][ T5539] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[   67.961741][ T5539] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   67.979371][ T5364] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   67.989494][ T5364] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   67.999650][ T5364] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   68.036001][ T5364] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   68.070929][ T5546] netlink: 16 bytes leftover after parsing attributes in process `syz.3.739'.
[   68.148255][ T5550] loop3: detected capacity change from 0 to 512
[   68.212074][ T5550] EXT4-fs (loop3): too many log groups per flexible block group
[   68.236506][ T5550] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   68.253519][ T5550] EXT4-fs (loop3): mount failed
[   68.338384][ T5576] loop0: detected capacity change from 0 to 164
[   68.366428][ T5576] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   68.381753][ T5576] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   68.399647][ T5576] Symlink component flag not implemented
[   68.406342][ T5576] Symlink component flag not implemented
[   68.414919][ T5576] Symlink component flag not implemented (7)
[   68.422277][ T5576] Symlink component flag not implemented (116)
[   68.467583][ T5586] loop0: detected capacity change from 0 to 512
[   68.486851][ T5586] EXT4-fs: Ignoring removed nobh option
[   68.518070][ T5586] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #3: comm syz.0.753: corrupted inode contents
[   68.550081][ T5586] EXT4-fs (loop0): Remounting filesystem read-only
[   68.562602][ T5586] EXT4-fs (loop0): 1 truncate cleaned up
[   68.577511][ T5586] EXT4-fs mount: 38 callbacks suppressed
[   68.577541][ T5586] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.606363][ T5586] ext4 filesystem being mounted at /174/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.635433][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.646231][ T5596] loop1: detected capacity change from 0 to 512
[   68.656454][ T5596] EXT4-fs: Ignoring removed nobh option
[   68.677682][ T5596] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #3: comm syz.1.756: corrupted inode contents
[   68.693334][ T5596] EXT4-fs (loop1): Remounting filesystem read-only
[   68.708731][ T5596] EXT4-fs (loop1): 1 truncate cleaned up
[   68.717264][ T5596] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.720587][ T5602] netlink: '+}[@': attribute type 8 has an invalid length.
[   68.748540][ T5596] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.790381][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.826599][ T3377] usb 8-1: device descriptor read/8, error -110
[   68.925964][ T5611] loop1: detected capacity change from 0 to 1024
[   68.936892][ T3377] usb 8-1: new SuperSpeed USB device number 10 using vhci_hcd
[   68.956901][ T3377] usb 8-1: enqueue for inactive port 0
[   68.963438][ T5611] EXT4-fs: Ignoring removed orlov option
[   68.969904][ T3377] usb 8-1: enqueue for inactive port 0
[   68.986464][ T5611] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.000157][ T3377] usb 8-1: enqueue for inactive port 0
[   69.032743][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.142625][ T5625] netlink: 5 bytes leftover after parsing attributes in process `syz.0.767'.
[   69.152053][ T5625] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[   69.160244][ T5625] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   69.249134][ T5632] netlink: '+}[@': attribute type 8 has an invalid length.
[   69.276739][ T5636] loop0: detected capacity change from 0 to 128
[   69.336332][ T5640] loop1: detected capacity change from 0 to 1024
[   69.346750][ T5640] EXT4-fs: Ignoring removed orlov option
[   69.370023][ T5640] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.427132][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.441194][ T5644] loop3: detected capacity change from 0 to 8192
[   69.455226][ T5644] FAT-fs (loop3): bogus logical sector size 659
[   69.461676][ T5644] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   69.471560][ T5644] FAT-fs (loop3): Can't find a valid FAT filesystem
[   69.645493][ T5653] xt_hashlimit: max too large, truncated to 1048576
[   69.653594][ T5653] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   69.718689][ T5657] loop3: detected capacity change from 0 to 164
[   69.737886][ T5657] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   69.753116][ T5657] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   69.762308][ T5657] Symlink component flag not implemented
[   69.767985][ T5657] Symlink component flag not implemented
[   69.774124][ T5657] Symlink component flag not implemented (7)
[   69.780500][ T5657] Symlink component flag not implemented (116)
[   70.029844][ T5668] loop1: detected capacity change from 0 to 512
[   70.036214][ T3377] usb usb8-port1: attempt power cycle
[   70.080467][ T5668] EXT4-fs (loop1): too many log groups per flexible block group
[   70.111211][ T5668] EXT4-fs (loop1): failed to initialize mballoc (-12)
[   70.119323][ T5668] EXT4-fs (loop1): mount failed
[   70.154846][ T5636] syz.0.772: attempt to access beyond end of device
[   70.154846][ T5636] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   70.168894][ T5636] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   70.453971][ T5688] loop0: detected capacity change from 0 to 8192
[   70.539118][ T5690] netlink: '+}[@': attribute type 8 has an invalid length.
[   70.682829][ T5694] loop0: detected capacity change from 0 to 128
[   71.110086][ T5712] loop0: detected capacity change from 0 to 164
[   71.140667][ T5713] loop2: detected capacity change from 0 to 1024
[   71.166753][ T5712] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   71.168745][ T5713] EXT4-fs: Ignoring removed orlov option
[   71.235684][ T5712] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   71.266963][ T5712] Symlink component flag not implemented
[   71.276825][ T5712] Symlink component flag not implemented
[   71.306627][ T5712] Symlink component flag not implemented (7)
[   71.313435][ T5712] Symlink component flag not implemented (116)
[   71.345338][ T5723] loop3: detected capacity change from 0 to 512
[   71.365222][ T5723] EXT4-fs: Ignoring removed nobh option
[   71.401146][ T5723] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.803: corrupted inode contents
[   71.424075][ T5723] EXT4-fs (loop3): Remounting filesystem read-only
[   71.454684][ T5723] __quota_error: 277 callbacks suppressed
[   71.454699][ T5723] Quota error (device loop3): write_blk: dquota write failed
[   71.497876][ T5723] Quota error (device loop3): qtree_write_dquot: Error -30 occurred while creating quota
[   71.518959][ T5723] EXT4-fs (loop3): 1 truncate cleaned up
[   71.537172][ T5723] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.576485][ T5723] ext4 filesystem being mounted at /186/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.608262][   T29] audit: type=1326 audit(1761592959.862:2731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.0.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   71.651523][   T29] audit: type=1326 audit(1761592959.882:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.0.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   71.677079][   T29] audit: type=1326 audit(1761592959.882:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.0.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   71.712911][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.832677][ T5741] random: crng reseeded on system resumption
[   71.839338][   T29] audit: type=1400 audit(1761592960.082:2734): avc:  denied  { write } for  pid=5740 comm="syz.3.808" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   71.864037][   T29] audit: type=1400 audit(1761592960.082:2735): avc:  denied  { ioctl } for  pid=5740 comm="syz.3.808" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   71.866782][ T3377] usb usb8-port1: unable to enumerate USB device
[   71.954685][   T29] audit: type=1400 audit(1761592960.162:2736): avc:  denied  { read } for  pid=5740 comm="syz.3.808" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   71.979812][ T5742] loop3: detected capacity change from 0 to 512
[   71.987177][ T5742] EXT4-fs: Ignoring removed bh option
[   71.996943][ T5742] ext4: Unknown parameter 'fowner>00000000000000060929'
[   72.020079][   T29] audit: type=1400 audit(1761592960.232:2737): avc:  denied  { ioctl } for  pid=5740 comm="syz.3.808" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2284 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   72.244403][ T5749] loop2: detected capacity change from 0 to 8192
[   72.394137][   T29] audit: type=1107 audit(1761592960.642:2738): pid=5754 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='ä'
[   72.437546][ T5757] loop2: detected capacity change from 0 to 512
[   72.506717][ T3410] usb 4-1: device descriptor read/8, error -110
[   72.852821][ T5759] loop3: detected capacity change from 0 to 8192
[   72.856593][ T3410] usb 4-1: new SuperSpeed USB device number 2 using vhci_hcd
[   72.891031][ T3410] usb 4-1: enqueue for inactive port 0
[   72.903113][ T3410] usb 4-1: enqueue for inactive port 0
[   72.916469][ T3410] usb 4-1: enqueue for inactive port 0
[   73.011318][ T5761] loop3: detected capacity change from 0 to 1024
[   73.047112][ T5761] EXT4-fs: Ignoring removed orlov option
[   73.061661][ T5761] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.136986][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.696636][ T5789] loop3: detected capacity change from 0 to 128
[   73.711158][ T5785] loop0: detected capacity change from 0 to 8192
[   73.956730][ T3410] usb usb4-port1: attempt power cycle
[   73.964290][ T5799] FAULT_INJECTION: forcing a failure.
[   73.964290][ T5799] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.979045][ T5799] CPU: 0 UID: 0 PID: 5799 Comm: syz.0.832 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.979072][ T5799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   73.979105][ T5799] Call Trace:
[   73.979112][ T5799]  <TASK>
[   73.979120][ T5799]  __dump_stack+0x1d/0x30
[   73.979142][ T5799]  dump_stack_lvl+0xe8/0x140
[   73.979162][ T5799]  dump_stack+0x15/0x1b
[   73.979178][ T5799]  should_fail_ex+0x265/0x280
[   73.979195][ T5799]  should_fail+0xb/0x20
[   73.979219][ T5799]  should_fail_usercopy+0x1a/0x20
[   73.979236][ T5799]  _copy_from_user+0x1c/0xb0
[   73.979257][ T5799]  ___sys_sendmsg+0xc1/0x1d0
[   73.979312][ T5799]  __x64_sys_sendmsg+0xd4/0x160
[   73.979381][ T5799]  x64_sys_call+0x191e/0x3000
[   73.979399][ T5799]  do_syscall_64+0xd2/0x200
[   73.979415][ T5799]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   73.979490][ T5799]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   73.979518][ T5799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.979536][ T5799] RIP: 0033:0x7f18ffd6efc9
[   73.979551][ T5799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.979602][ T5799] RSP: 002b:00007f18fe7cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.979621][ T5799] RAX: ffffffffffffffda RBX: 00007f18fffc5fa0 RCX: 00007f18ffd6efc9
[   73.979633][ T5799] RDX: 0000000004000000 RSI: 0000200000000140 RDI: 0000000000000003
[   73.979645][ T5799] RBP: 00007f18fe7cf090 R08: 0000000000000000 R09: 0000000000000000
[   73.979656][ T5799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.979679][ T5799] R13: 00007f18fffc6038 R14: 00007f18fffc5fa0 R15: 00007fff08ecf938
[   73.979727][ T5799]  </TASK>
[   74.328885][ T5802] netlink: '+}[@': attribute type 8 has an invalid length.
[   74.596804][ T5816] loop0: detected capacity change from 0 to 8192
[   74.675907][ T5818] loop0: detected capacity change from 0 to 128
[   74.826314][ T5820] xt_hashlimit: max too large, truncated to 1048576
[   74.838825][ T5820] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   75.268034][ T5829] netlink: '+}[@': attribute type 8 has an invalid length.
[   76.316823][ T3410] usb usb4-port1: unable to enumerate USB device
[   76.460609][ T5848] loop1: detected capacity change from 0 to 8192
[   76.558237][ T5857] loop3: detected capacity change from 0 to 164
[   76.576830][ T5857] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   76.608603][ T5857] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   76.646561][ T5857] Symlink component flag not implemented
[   76.652766][ T5857] Symlink component flag not implemented
[   76.676708][ T5857] Symlink component flag not implemented (7)
[   76.683696][ T5857] Symlink component flag not implemented (116)
[   76.776507][ T5862] netlink: '+}[@': attribute type 8 has an invalid length.
[   76.814663][   T29] kauditd_printk_skb: 9 callbacks suppressed
[   76.814678][   T29] audit: type=1400 audit(1761592965.062:2748): avc:  denied  { mounton } for  pid=5863 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   76.857920][ T5867] loop3: detected capacity change from 0 to 164
[   76.891580][ T5867] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   76.923574][ T5867] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   76.943655][ T5867] Symlink component flag not implemented
[   76.950314][ T5867] Symlink component flag not implemented
[   76.956466][ T5867] Symlink component flag not implemented (7)
[   76.963086][ T5867] Symlink component flag not implemented (116)
[   77.041138][ T5327] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.115138][ T5863] chnl_net:caif_netlink_parms(): no params data found
[   77.131470][ T5327] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.259393][ T5327] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.301479][ T5884] loop3: detected capacity change from 0 to 8192
[   77.311573][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.319320][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.332067][ T5888] loop2: detected capacity change from 0 to 512
[   77.339738][ T5884] FAT-fs (loop3): bogus logical sector size 659
[   77.346178][ T5884] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   77.356491][ T5884] FAT-fs (loop3): Can't find a valid FAT filesystem
[   77.364041][ T5888] EXT4-fs: Ignoring removed nobh option
[   77.374814][ T5863] bridge_slave_0: entered allmulticast mode
[   77.388024][ T5863] bridge_slave_0: entered promiscuous mode
[   77.402967][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.410229][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.471409][ T5863] bridge_slave_1: entered allmulticast mode
[   77.492674][ T5898] loop1: detected capacity change from 0 to 164
[   77.494819][ T5896] loop3: detected capacity change from 0 to 512
[   77.507398][ T5863] bridge_slave_1: entered promiscuous mode
[   77.513813][ T5896] EXT4-fs: Ignoring removed nobh option
[   77.526238][ T5898] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   77.543470][ T5327] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.551084][ T5898] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   77.574198][ T5898] Symlink component flag not implemented
[   77.580180][ T5898] Symlink component flag not implemented
[   77.611178][ T5896] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.868: corrupted inode contents
[   77.616255][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.636659][ T5898] Symlink component flag not implemented (7)
[   77.637972][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.643098][ T5898] Symlink component flag not implemented (116)
[   77.687395][ T5863] team0: Port device team_slave_0 added
[   77.691493][ T5896] EXT4-fs (loop3): Remounting filesystem read-only
[   77.694733][ T5863] team0: Port device team_slave_1 added
[   77.715388][   T29] audit: type=1326 audit(1761592965.962:2749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5904 comm="syz.1.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   77.739206][   T29] audit: type=1326 audit(1761592965.962:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5904 comm="syz.1.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   77.763414][   T29] audit: type=1326 audit(1761592965.962:2751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5904 comm="syz.1.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   77.789261][   T29] audit: type=1326 audit(1761592965.962:2752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5904 comm="syz.1.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   77.814249][   T29] audit: type=1326 audit(1761592965.962:2753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5904 comm="syz.1.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23076efc9 code=0x7ffc0000
[   77.845845][ T5896] Quota error (device loop3): write_blk: dquota write failed
[   77.856672][ T5896] Quota error (device loop3): qtree_write_dquot: Error -30 occurred while creating quota
[   77.888637][ T5896] EXT4-fs (loop3): 1 truncate cleaned up
[   77.895290][ T5896] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.898729][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.915565][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   77.926759][ T5896] ext4 filesystem being mounted at /212/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.942669][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.978372][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.985827][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   78.013873][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.015973][   T29] audit: type=1400 audit(1761592966.222:2754): avc:  denied  { search } for  pid=3042 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   78.046750][   T29] audit: type=1400 audit(1761592966.222:2755): avc:  denied  { search } for  pid=3042 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   78.074662][ T5327] bridge_slave_1: left allmulticast mode
[   78.081023][ T5327] bridge_slave_1: left promiscuous mode
[   78.087293][ T5327] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.097830][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.110856][ T5327] bridge_slave_0: left allmulticast mode
[   78.116596][ T5327] bridge_slave_0: left promiscuous mode
[   78.122799][ T5327] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.268776][ T5327] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   78.279856][ T5327] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   78.289825][ T5327] bond0 (unregistering): Released all slaves
[   78.344795][ T5863] hsr_slave_0: entered promiscuous mode
[   78.361411][ T5863] hsr_slave_1: entered promiscuous mode
[   78.374380][ T5863] debugfs: 'hsr0' already exists in 'hsr'
[   78.381162][ T5863] Cannot create hsr debugfs directory
[   78.399117][ T5327] hsr_slave_0: left promiscuous mode
[   78.410428][ T5327] hsr_slave_1: left promiscuous mode
[   78.422881][ T5327] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   78.430959][ T5327] batman_adv: batadv0: Removing interface: batadv_slave_0
[   78.457180][ T5327] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   78.465393][ T5327] batman_adv: batadv0: Removing interface: batadv_slave_1
[   78.483253][ T5327] veth1_macvtap: left promiscuous mode
[   78.492842][ T5327] veth0_macvtap: left promiscuous mode
[   78.502967][ T5327] veth1_vlan: left promiscuous mode
[   78.513064][ T5327] veth0_vlan: left promiscuous mode
[   78.759277][ T5952] loop3: detected capacity change from 0 to 164
[   78.789188][ T5952] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   78.816936][ T5863] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   78.839714][ T5952] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   78.840422][ T5863] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   78.868591][ T5863] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   78.876180][ T5952] Symlink component flag not implemented
[   78.882173][ T5952] Symlink component flag not implemented
[   78.892988][ T5863] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   78.895679][ T5952] Symlink component flag not implemented (7)
[   78.906421][ T5952] Symlink component flag not implemented (116)
[   79.004265][ T5977] loop1: detected capacity change from 0 to 512
[   79.053581][ T5977] EXT4-fs: Ignoring removed nobh option
[   79.066631][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.114563][ T5977] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #3: comm syz.1.882: corrupted inode contents
[   79.131251][ T5863] 8021q: adding VLAN 0 to HW filter on device team0
[   79.151101][ T5977] EXT4-fs (loop1): Remounting filesystem read-only
[   79.159402][ T5364] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.167172][ T5364] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.176489][ T5977] EXT4-fs (loop1): 1 truncate cleaned up
[   79.183109][ T5977] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.207866][ T2617] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.215130][ T2617] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.232590][ T5863] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   79.249281][ T5977] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.273430][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.356013][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.385670][ T6013] netlink: 24 bytes leftover after parsing attributes in process `syz.1.886'.
[   79.503858][ T6025] hub 2-0:1.0: USB hub found
[   79.515883][ T6025] hub 2-0:1.0: 8 ports detected
[   79.662605][ T5863] veth0_vlan: entered promiscuous mode
[   79.671867][ T5863] veth1_vlan: entered promiscuous mode
[   79.702857][ T5863] veth0_macvtap: entered promiscuous mode
[   79.710123][ T6048] loop1: detected capacity change from 0 to 8192
[   79.718342][ T5863] veth1_macvtap: entered promiscuous mode
[   79.731794][ T6048] FAT-fs (loop1): bogus logical sector size 659
[   79.738258][ T6048] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   79.738496][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.747832][ T6048] FAT-fs (loop1): Can't find a valid FAT filesystem
[   79.764746][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.791657][ T6057] loop3: detected capacity change from 0 to 512
[   79.808096][ T5320] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.813274][ T6057] EXT4-fs: Ignoring removed nobh option
[   79.828096][ T5364] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.837658][ T6057] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.894: corrupted inode contents
[   79.839148][ T5364] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.860999][ T6057] EXT4-fs (loop3): Remounting filesystem read-only
[   79.875719][ T6057] EXT4-fs (loop3): 1 truncate cleaned up
[   79.881890][ T6057] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.896002][ T6057] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.906870][ T5364] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.907159][ T6064] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[   79.922312][ T6064] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   79.930344][ T6064] vhci_hcd vhci_hcd.0: Device attached
[   79.964217][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.972024][ T6070] xt_hashlimit: max too large, truncated to 1048576
[   80.028424][ T6070] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   80.052142][ T6074] netlink: 64 bytes leftover after parsing attributes in process `syz.2.897'.
[   80.138460][ T6072] loop3: detected capacity change from 0 to 8192
[   80.148790][ T6078] loop5: detected capacity change from 0 to 128
[   80.195356][ T6078] FAT-fs (loop5): bogus number of FAT sectors
[   80.202670][ T6078] FAT-fs (loop5): Can't find a valid FAT filesystem
[   80.206687][   T10] usb 4-1: SetAddress Request (6) to port 0
[   80.232048][   T10] usb 4-1: new SuperSpeed USB device number 6 using vhci_hcd
[   80.255441][ T6078] netlink: 4 bytes leftover after parsing attributes in process `syz.5.898'.
[   80.328952][ T6087] netlink: 'syz.3.902': attribute type 10 has an invalid length.
[   80.391180][ T6092] loop0: detected capacity change from 0 to 164
[   80.397003][ T6093] netlink: 'syz.3.902': attribute type 10 has an invalid length.
[   80.399918][ T6087] team0: Port device dummy0 added
[   80.417536][ T6092] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   80.461786][ T6092] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   80.471075][ T6092] Symlink component flag not implemented
[   80.477341][ T6092] Symlink component flag not implemented
[   80.487049][ T6093] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   80.527983][ T6098] loop2: detected capacity change from 0 to 1024
[   80.537182][ T6092] Symlink component flag not implemented (7)
[   80.543581][ T6092] Symlink component flag not implemented (116)
[   80.556700][ T6093] team0: Failed to send options change via netlink (err -105)
[   80.566032][ T6098] EXT4-fs: Ignoring removed orlov option
[   80.596689][ T6093] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   80.646758][ T6093] team0: Port device dummy0 removed
[   80.654686][ T6065] vhci_hcd: connection reset by peer
[   80.666395][ T5320] vhci_hcd: stop threads
[   80.671085][ T5320] vhci_hcd: release socket
[   80.675853][ T5320] vhci_hcd: disconnect device
[   80.685174][ T6093] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   80.716042][ T6104] xt_hashlimit: max too large, truncated to 1048576
[   80.725041][ T6102] loop0: detected capacity change from 0 to 8192
[   80.734812][ T6104] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   80.757379][ T6102] FAT-fs (loop0): bogus logical sector size 659
[   80.763928][ T6102] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   80.773610][ T6102] FAT-fs (loop0): Can't find a valid FAT filesystem
[   80.860868][ T6114] SELinux: failed to load policy
[   80.900771][ T6112] loop3: detected capacity change from 0 to 8192
[   80.907833][ T6117] FAULT_INJECTION: forcing a failure.
[   80.907833][ T6117] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.921491][ T6117] CPU: 1 UID: 0 PID: 6117 Comm: syz.0.914 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.921555][ T6117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   80.921568][ T6117] Call Trace:
[   80.921574][ T6117]  <TASK>
[   80.921582][ T6117]  __dump_stack+0x1d/0x30
[   80.921604][ T6117]  dump_stack_lvl+0xe8/0x140
[   80.921633][ T6117]  dump_stack+0x15/0x1b
[   80.921649][ T6117]  should_fail_ex+0x265/0x280
[   80.921666][ T6117]  should_fail+0xb/0x20
[   80.921680][ T6117]  should_fail_usercopy+0x1a/0x20
[   80.921766][ T6117]  _copy_from_user+0x1c/0xb0
[   80.921789][ T6117]  ___sys_sendmsg+0xc1/0x1d0
[   80.921826][ T6117]  __x64_sys_sendmsg+0xd4/0x160
[   80.921903][ T6117]  x64_sys_call+0x191e/0x3000
[   80.921921][ T6117]  do_syscall_64+0xd2/0x200
[   80.921937][ T6117]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   80.921986][ T6117]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   80.922014][ T6117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.922035][ T6117] RIP: 0033:0x7f18ffd6efc9
[   80.922049][ T6117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.922080][ T6117] RSP: 002b:00007f18fe7cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.922100][ T6117] RAX: ffffffffffffffda RBX: 00007f18fffc5fa0 RCX: 00007f18ffd6efc9
[   80.922113][ T6117] RDX: 0000000020040040 RSI: 0000200000009b40 RDI: 0000000000000003
[   80.922125][ T6117] RBP: 00007f18fe7cf090 R08: 0000000000000000 R09: 0000000000000000
[   80.922137][ T6117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.922150][ T6117] R13: 00007f18fffc6038 R14: 00007f18fffc5fa0 R15: 00007fff08ecf938
[   80.922203][ T6117]  </TASK>
[   81.211001][ T6126] loop3: detected capacity change from 0 to 164
[   81.225252][ T6126] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   81.238238][ T6126] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   81.259468][ T6126] Symlink component flag not implemented
[   81.265350][ T6126] Symlink component flag not implemented
[   81.278075][ T6126] Symlink component flag not implemented (7)
[   81.284183][ T6126] Symlink component flag not implemented (116)
[   81.353019][ T6136] xt_hashlimit: max too large, truncated to 1048576
[   81.360921][ T6136] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   81.400793][ T6140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.921'.
[   81.472045][ T6141] loop1: detected capacity change from 0 to 8192
[   81.496294][ T6141] FAT-fs (loop1): bogus logical sector size 659
[   81.502830][ T6141] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   81.512191][ T6141] FAT-fs (loop1): Can't find a valid FAT filesystem
[   81.514730][ T6149] loop5: detected capacity change from 0 to 512
[   81.538066][ T6149] EXT4-fs: Ignoring removed nobh option
[   81.578732][ T6149] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #3: comm syz.5.926: corrupted inode contents
[   81.595401][ T6149] EXT4-fs (loop5): Remounting filesystem read-only
[   81.602939][ T6149] EXT4-fs (loop5): 1 truncate cleaned up
[   81.609563][ T6149] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.623020][ T6149] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.646716][ T5863] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.656221][ T6152] loop1: detected capacity change from 0 to 8192
[   81.720861][ T6159] loop5: detected capacity change from 0 to 1024
[   81.741400][ T6159] EXT4-fs: Ignoring removed orlov option
[   81.755018][ T6159] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.783302][ T5863] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.800153][ T6163] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[   81.807137][ T6163] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   81.814836][ T6163] vhci_hcd vhci_hcd.0: Device attached
[   81.825841][   T29] kauditd_printk_skb: 163 callbacks suppressed
[   81.825852][   T29] audit: type=1326 audit(1761592970.072:2913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6134 comm="syz.3.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe3fc3f5e67 code=0x7ffc0000
[   81.856391][   T29] audit: type=1326 audit(1761592970.072:2914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6134 comm="syz.3.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe3fc39b099 code=0x7ffc0000
[   81.880784][   T29] audit: type=1326 audit(1761592970.072:2915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6134 comm="syz.3.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7fe3fc3fefc9 code=0x7ffc0000
[   81.907452][   T29] audit: type=1326 audit(1761592970.162:2916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6134 comm="syz.3.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe3fc3f5e67 code=0x7ffc0000
[   81.918520][ T6167] loop5: detected capacity change from 0 to 164
[   81.932025][   T29] audit: type=1326 audit(1761592970.162:2917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6134 comm="syz.3.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe3fc39b099 code=0x7ffc0000
[   81.932052][   T29] audit: type=1326 audit(1761592970.162:2918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6134 comm="syz.3.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7fe3fc3fefc9 code=0x7ffc0000
[   81.987902][   T29] audit: type=1326 audit(1761592970.242:2919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6134 comm="syz.3.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe3fc3f5e67 code=0x7ffc0000
[   81.999011][ T6167] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   82.014289][   T29] audit: type=1326 audit(1761592970.242:2920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6134 comm="syz.3.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe3fc39b099 code=0x7ffc0000
[   82.047759][   T29] audit: type=1326 audit(1761592970.242:2921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6134 comm="syz.3.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7fe3fc3fefc9 code=0x7ffc0000
[   82.073622][   T29] audit: type=1326 audit(1761592970.332:2922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6134 comm="syz.3.921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe3fc3f5e67 code=0x7ffc0000
[   82.120461][ T6167] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   82.131614][ T6167] Symlink component flag not implemented
[   82.138473][ T6167] Symlink component flag not implemented
[   82.164975][ T6167] Symlink component flag not implemented (7)
[   82.171923][ T6167] Symlink component flag not implemented (116)
[   82.274536][ T6173] FAULT_INJECTION: forcing a failure.
[   82.274536][ T6173] name failslab, interval 1, probability 0, space 0, times 0
[   82.287891][ T6173] CPU: 1 UID: 0 PID: 6173 Comm: syz.0.933 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.287914][ T6173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   82.287925][ T6173] Call Trace:
[   82.287931][ T6173]  <TASK>
[   82.287939][ T6173]  __dump_stack+0x1d/0x30
[   82.287961][ T6173]  dump_stack_lvl+0xe8/0x140
[   82.287979][ T6173]  dump_stack+0x15/0x1b
[   82.287995][ T6173]  should_fail_ex+0x265/0x280
[   82.288014][ T6173]  should_failslab+0x8c/0xb0
[   82.288038][ T6173]  kmem_cache_alloc_noprof+0x50/0x480
[   82.288060][ T6173]  ? mas_alloc_nodes+0x1a2/0x210
[   82.288084][ T6173]  mas_alloc_nodes+0x1a2/0x210
[   82.288110][ T6173]  mas_preallocate+0x2ca/0x510
[   82.288140][ T6173]  __split_vma+0x240/0x650
[   82.288165][ T6173]  ? mas_find+0x5d5/0x700
[   82.288180][ T6173]  vms_gather_munmap_vmas+0x2b2/0x7b0
[   82.288205][ T6173]  do_vmi_align_munmap+0x1ac/0x3d0
[   82.288234][ T6173]  do_vmi_munmap+0x1db/0x220
[   82.288255][ T6173]  do_munmap+0x79/0xb0
[   82.288277][ T6173]  mremap_to+0x192/0x430
[   82.288317][ T6173]  ? check_prep_vma+0x5d6/0x660
[   82.288341][ T6173]  __se_sys_mremap+0x632/0xb30
[   82.288465][ T6173]  ? __bpf_trace_sys_enter+0x10/0x30
[   82.288494][ T6173]  ? trace_sys_enter+0xd0/0xf0
[   82.288517][ T6173]  __x64_sys_mremap+0x67/0x80
[   82.288542][ T6173]  x64_sys_call+0x2a28/0x3000
[   82.288561][ T6173]  do_syscall_64+0xd2/0x200
[   82.288576][ T6173]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   82.288596][ T6173]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   82.288621][ T6173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.288641][ T6173] RIP: 0033:0x7f18ffd6efc9
[   82.288655][ T6173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.288669][ T6173] RSP: 002b:00007f18fe7cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   82.288688][ T6173] RAX: ffffffffffffffda RBX: 00007f18fffc5fa0 RCX: 00007f18ffd6efc9
[   82.288700][ T6173] RDX: 0000000000004000 RSI: 0000000000003000 RDI: 0000200000001000
[   82.288711][ T6173] RBP: 00007f18fe7cf090 R08: 0000200000005000 R09: 0000000000000000
[   82.288723][ T6173] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[   82.288733][ T6173] R13: 00007f18fffc6038 R14: 00007f18fffc5fa0 R15: 00007fff08ecf938
[   82.288750][ T6173]  </TASK>
[   82.631897][ T6176] loop5: detected capacity change from 0 to 8192
[   82.657292][ T6176] FAT-fs (loop5): bogus logical sector size 659
[   82.663796][ T6176] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   82.673429][ T6176] FAT-fs (loop5): Can't find a valid FAT filesystem
[   82.681290][ T6164] vhci_hcd: connection closed
[   82.681505][ T2617] vhci_hcd: stop threads
[   82.681872][ T6179] xt_hashlimit: max too large, truncated to 1048576
[   82.686699][ T2617] vhci_hcd: release socket
[   82.686716][ T2617] vhci_hcd: disconnect device
[   82.717181][ T6179] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   82.806697][ T6188] loop0: detected capacity change from 0 to 512
[   82.826205][ T6188] EXT4-fs: Ignoring removed nobh option
[   82.836748][ T6184] loop5: detected capacity change from 0 to 1756
[   82.871627][ T6188] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #3: comm syz.0.941: corrupted inode contents
[   82.872465][ T6186] loop3: detected capacity change from 0 to 8192
[   82.889195][ T6188] EXT4-fs (loop0): Remounting filesystem read-only
[   82.903597][ T6188] EXT4-fs (loop0): 1 truncate cleaned up
[   82.910813][ T6196] FAULT_INJECTION: forcing a failure.
[   82.910813][ T6196] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.925238][ T6196] CPU: 0 UID: 0 PID: 6196 Comm: syz.2.942 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.925265][ T6196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   82.925349][ T6196] Call Trace:
[   82.925356][ T6196]  <TASK>
[   82.925364][ T6196]  __dump_stack+0x1d/0x30
[   82.925385][ T6196]  dump_stack_lvl+0xe8/0x140
[   82.925457][ T6196]  dump_stack+0x15/0x1b
[   82.925472][ T6196]  should_fail_ex+0x265/0x280
[   82.925496][ T6196]  should_fail+0xb/0x20
[   82.925512][ T6196]  should_fail_usercopy+0x1a/0x20
[   82.925529][ T6196]  _copy_from_user+0x1c/0xb0
[   82.925622][ T6196]  ___sys_sendmsg+0xc1/0x1d0
[   82.925664][ T6196]  __x64_sys_sendmsg+0xd4/0x160
[   82.925760][ T6196]  x64_sys_call+0x191e/0x3000
[   82.925793][ T6196]  do_syscall_64+0xd2/0x200
[   82.925809][ T6196]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   82.925845][ T6196]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   82.925871][ T6196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.925901][ T6196] RIP: 0033:0x7f62bacaefc9
[   82.925913][ T6196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.925927][ T6196] RSP: 002b:00007f62b9717038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.925943][ T6196] RAX: ffffffffffffffda RBX: 00007f62baf05fa0 RCX: 00007f62bacaefc9
[   82.925955][ T6196] RDX: 000000002404c044 RSI: 0000200000000f00 RDI: 0000000000000003
[   82.925968][ T6196] RBP: 00007f62b9717090 R08: 0000000000000000 R09: 0000000000000000
[   82.925980][ T6196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.926046][ T6196] R13: 00007f62baf06038 R14: 00007f62baf05fa0 R15: 00007ffe25440d08
[   82.926062][ T6196]  </TASK>
[   82.944173][ T6188] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.067856][ T6198] loop5: detected capacity change from 0 to 164
[   83.077006][ T6188] ext4 filesystem being mounted at /229/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.119638][ T6198] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   83.195689][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.197658][ T6198] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   83.215495][ T6198] Symlink component flag not implemented
[   83.221707][ T6198] Symlink component flag not implemented
[   83.228685][ T6198] Symlink component flag not implemented (7)
[   83.235032][ T6198] Symlink component flag not implemented (116)
[   83.329709][ T6208] loop1: detected capacity change from 0 to 4096
[   83.360898][ T6208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.432559][ T6212] loop0: detected capacity change from 0 to 8192
[   83.443110][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.466219][ T6212] FAT-fs (loop0): bogus logical sector size 659
[   83.473066][ T6212] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   83.483213][ T6212] FAT-fs (loop0): Can't find a valid FAT filesystem
[   83.568042][ T6229] dns_resolver: Unsupported server list version (0)
[   83.611302][ T6229] netlink: 'syz.0.957': attribute type 83 has an invalid length.
[   83.696487][ T6240] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[   83.703472][ T6240] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   83.706677][ T6242] loop0: detected capacity change from 0 to 164
[   83.711725][ T6240] vhci_hcd vhci_hcd.0: Device attached
[   83.725174][ T6242] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   84.318954][ T6259] loop5: detected capacity change from 0 to 1024
[   84.348836][ T6259] EXT4-fs: Ignoring removed orlov option
[   84.377736][ T6261] netlink: 24 bytes leftover after parsing attributes in process `syz.3.971'.
[   84.389128][ T6259] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.429377][ T6261] netlink: 4 bytes leftover after parsing attributes in process `syz.3.971'.
[   84.465248][ T5863] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.474507][ T6243] vhci_hcd: connection closed
[   84.474656][ T5320] vhci_hcd: stop threads
[   84.484147][ T5320] vhci_hcd: release socket
[   84.488966][ T5320] vhci_hcd: disconnect device
[   84.513848][ T6265] loop2: detected capacity change from 0 to 1024
[   84.546732][ T6265] EXT4-fs: Ignoring removed orlov option
[   84.587145][ T6275] xt_hashlimit: max too large, truncated to 1048576
[   84.614061][ T6275] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   84.733383][ T6291] loop3: detected capacity change from 0 to 2048
[   84.799467][ T3305] Alternate GPT is invalid, using primary GPT.
[   84.806178][ T3305]  loop3: p2 p3 p7
[   84.836362][ T6291] Alternate GPT is invalid, using primary GPT.
[   84.844091][ T6291]  loop3: p2 p3 p7
[   84.930930][ T6291] netlink: 'syz.3.983': attribute type 3 has an invalid length.
[   84.959765][ T6302] loop2: detected capacity change from 0 to 1024
[   85.007057][ T6302] EXT4-fs: Ignoring removed orlov option
[   85.047990][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   85.048219][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   85.070717][ T3888] udevd[3888]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory
[   85.220617][ T6327] loop3: detected capacity change from 0 to 512
[   85.237040][ T6327] EXT4-fs: Ignoring removed nobh option
[   85.274820][ T6327] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.1000: corrupted inode contents
[   85.344213][   T10] usb 4-1: device descriptor read/8, error -110
[   85.382356][ T6327] EXT4-fs (loop3): Remounting filesystem read-only
[   85.416222][ T6327] EXT4-fs (loop3): 1 truncate cleaned up
[   85.435805][ T6327] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.453258][ T6330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.474464][   T10] usb 4-1: new SuperSpeed USB device number 6 using vhci_hcd
[   85.486626][ T6327] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.486746][ T6330] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.542657][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.614464][ T6330] loop1: detected capacity change from 0 to 512
[   85.621517][ T6330] ext3: Unknown parameter 'noacl'
[   85.634029][ T6330] loop1: detected capacity change from 0 to 512
[   85.682089][   T10] usb 4-1: enqueue for inactive port 0
[   85.687985][   T10] usb 4-1: enqueue for inactive port 0
[   85.713761][ T6344] loop2: detected capacity change from 0 to 1024
[   85.738468][ T6330] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.742762][   T10] usb 4-1: enqueue for inactive port 0
[   85.772105][ T6344] EXT4-fs: Ignoring removed orlov option
[   85.805644][ T6330] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   86.083632][ T6364] loop5: detected capacity change from 0 to 512
[   86.101005][ T6364] EXT4-fs: Ignoring removed nobh option
[   86.129657][ T6364] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #3: comm syz.5.1012: corrupted inode contents
[   86.163651][ T6364] EXT4-fs (loop5): Remounting filesystem read-only
[   86.174569][ T6376] loop2: detected capacity change from 0 to 1024
[   86.183495][ T6364] EXT4-fs (loop5): 1 truncate cleaned up
[   86.190073][ T6364] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.205526][ T6376] EXT4-fs: Ignoring removed orlov option
[   86.233191][ T6364] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.320011][ T5863] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.324566][ T6382] loop2: detected capacity change from 0 to 8192
[   86.464728][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.713785][ T6416] loop1: detected capacity change from 0 to 1024
[   86.758265][ T6414] loop5: detected capacity change from 0 to 8192
[   86.767708][ T6416] EXT4-fs: Ignoring removed orlov option
[   86.777059][   T10] usb usb4-port1: attempt power cycle
[   86.811661][ T6416] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.837425][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.887986][ T6419] loop1: detected capacity change from 0 to 128
[   86.894612][ T6421] loop5: detected capacity change from 0 to 512
[   86.906479][ T6421] EXT4-fs: Ignoring removed nobh option
[   86.939046][ T6421] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #3: comm syz.5.1030: corrupted inode contents
[   86.963725][ T6421] EXT4-fs (loop5): Remounting filesystem read-only
[   86.973911][ T6421] __quota_error: 222 callbacks suppressed
[   86.973929][ T6421] Quota error (device loop5): write_blk: dquota write failed
[   86.990586][ T6421] Quota error (device loop5): qtree_write_dquot: Error -30 occurred while creating quota
[   87.001129][ T6421] EXT4-fs (loop5): 1 truncate cleaned up
[   87.007703][ T6421] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.021470][ T6421] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.071771][ T5863] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.239650][ T6427] loop5: detected capacity change from 0 to 8192
[   87.248478][ T6427] FAT-fs (loop5): bogus logical sector size 659
[   87.255493][ T6427] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   87.265618][ T6427] FAT-fs (loop5): Can't find a valid FAT filesystem
[   87.319295][   T29] audit: type=1400 audit(1761592975.572:3139): avc:  denied  { listen } for  pid=6439 comm="syz.0.1038" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   87.340461][ T6440] netlink: 'syz.0.1038': attribute type 6 has an invalid length.
[   87.377453][ T6445] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1039'.
[   87.379416][ T6424] syz.1.1031: attempt to access beyond end of device
[   87.379416][ T6424] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[   87.390229][ T6447] xt_hashlimit: max too large, truncated to 1048576
[   87.401339][ T6424] Buffer I/O error on dev loop1, logical block 128, lost async page write
[   87.421244][ T6419] syz.1.1031: attempt to access beyond end of device
[   87.421244][ T6419] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[   87.435978][ T6419] Buffer I/O error on dev loop1, logical block 128, lost async page write
[   87.459758][ T6447] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   87.466641][ T6424] syz.1.1031: attempt to access beyond end of device
[   87.466641][ T6424] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128
[   87.483057][ T6424] Buffer I/O error on dev loop1, logical block 128, lost async page write
[   87.508193][ T6452] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1042'.
[   87.531227][ T6454] loop2: detected capacity change from 0 to 512
[   87.547304][ T6454] EXT4-fs: Ignoring removed nobh option
[   87.572230][ T6450] loop5: detected capacity change from 0 to 8192
[   87.587837][   T29] audit: type=1326 audit(1761592975.842:3140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62bacaefc9 code=0x7ffc0000
[   87.678539][   T29] audit: type=1326 audit(1761592975.882:3141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62bacaefc9 code=0x7ffc0000
[   87.702969][   T29] audit: type=1326 audit(1761592975.882:3142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f62bacaefc9 code=0x7ffc0000
[   87.728015][   T29] audit: type=1326 audit(1761592975.882:3143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.2.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f62bace1885 code=0x7ffc0000
[   87.752151][   T29] audit: type=1326 audit(1761592975.882:3144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62bacaefc9 code=0x7ffc0000
[   87.777132][   T29] audit: type=1326 audit(1761592975.882:3145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62bacaefc9 code=0x7ffc0000
[   87.801352][   T29] audit: type=1326 audit(1761592975.882:3146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f62bacaefc9 code=0x7ffc0000
[   87.906245][ T6484] loop5: detected capacity change from 0 to 128
[   87.933724][ T6483] loop3: detected capacity change from 0 to 8192
[   87.942329][ T6484] syz.5.1051: attempt to access beyond end of device
[   87.942329][ T6484] loop5: rw=2049, sector=154, nr_sectors = 6 limit=128
[   87.947331][ T6483] FAT-fs (loop3): bogus logical sector size 659
[   87.963230][ T6484] syz.5.1051: attempt to access beyond end of device
[   87.963230][ T6484] loop5: rw=2049, sector=158, nr_sectors = 2 limit=128
[   87.963655][ T6483] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   87.978509][ T6484] Buffer I/O error on dev loop5, logical block 79, lost async page write
[   87.997385][ T6483] FAT-fs (loop3): Can't find a valid FAT filesystem
[   88.023526][ T6484] syz.5.1051: attempt to access beyond end of device
[   88.023526][ T6484] loop5: rw=2049, sector=160, nr_sectors = 2 limit=128
[   88.037490][ T6484] Buffer I/O error on dev loop5, logical block 80, lost async page write
[   88.076112][ T6484] syz.5.1051: attempt to access beyond end of device
[   88.076112][ T6484] loop5: rw=2049, sector=162, nr_sectors = 6 limit=128
[   88.091757][ T6484] syz.5.1051: attempt to access beyond end of device
[   88.091757][ T6484] loop5: rw=2049, sector=166, nr_sectors = 2 limit=128
[   88.105752][ T6484] Buffer I/O error on dev loop5, logical block 83, lost async page write
[   88.118169][ T6484] syz.5.1051: attempt to access beyond end of device
[   88.118169][ T6484] loop5: rw=2049, sector=168, nr_sectors = 2 limit=128
[   88.132342][ T6484] Buffer I/O error on dev loop5, logical block 84, lost async page write
[   88.148186][ T6484] syz.5.1051: attempt to access beyond end of device
[   88.148186][ T6484] loop5: rw=2049, sector=186, nr_sectors = 6 limit=128
[   88.163403][ T6484] Buffer I/O error on dev loop5, logical block 95, lost async page write
[   88.176666][ T6484] Buffer I/O error on dev loop5, logical block 96, lost async page write
[   88.192178][ T6484] Buffer I/O error on dev loop5, logical block 99, lost async page write
[   88.265408][ T6489] xt_hashlimit: max too large, truncated to 1048576
[   88.279447][ T6489] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   88.318482][ T6491] syzkaller0: entered promiscuous mode
[   88.324879][ T6491] syzkaller0: entered allmulticast mode
[   88.401770][ T6495] loop5: detected capacity change from 0 to 512
[   88.428952][ T6495] EXT4-fs: Ignoring removed nobh option
[   88.445761][ T6497] loop0: detected capacity change from 0 to 128
[   88.467949][ T6495] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #3: comm syz.5.1057: corrupted inode contents
[   88.507403][ T6495] EXT4-fs (loop5): Remounting filesystem read-only
[   88.524906][ T6495] EXT4-fs (loop5): 1 truncate cleaned up
[   88.531726][ T6495] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.566688][ T6495] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.599611][ T6511] loop1: detected capacity change from 0 to 1024
[   88.621192][ T6511] EXT4-fs: Ignoring removed orlov option
[   88.658492][ T5863] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.675324][ T6511] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.714515][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.745951][ T6499] syzkaller0: entered promiscuous mode
[   88.746011][ T6521] netlink: 'syz.5.1063': attribute type 10 has an invalid length.
[   88.751786][ T6499] syzkaller0: entered allmulticast mode
[   88.760228][   T10] usb usb4-port1: unable to enumerate USB device
[   88.799650][ T6522] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1063'.
[   88.824228][ T6525] loop2: detected capacity change from 0 to 1024
[   88.843816][ T6522] bridge_slave_1: left allmulticast mode
[   88.850006][ T6522] bridge_slave_1: left promiscuous mode
[   88.856067][ T6522] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.864565][ T6525] EXT4-fs: inline encryption not supported
[   88.874292][ T6522] bridge_slave_0: left allmulticast mode
[   88.880889][ T6522] bridge_slave_0: left promiscuous mode
[   88.886902][ T6522] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.894138][ T6525] loop2: detected capacity change from 0 to 1024
[   88.909204][ T6525] atomic_op ffff88811aa16128 conn xmit_atomic 0000000000000000
[   89.214545][ T6531] loop5: detected capacity change from 0 to 1024
[   89.237030][ T6531] EXT4-fs: Ignoring removed orlov option
[   89.248766][ T6534] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1070'.
[   89.264721][ T6531] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.268099][ T6535] loop3: detected capacity change from 0 to 128
[   89.352059][ T6538] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1071'.
[   90.040597][ T5863] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.211919][ T6585] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1083'.
[   90.222363][ T6586] loop2: detected capacity change from 0 to 128
[   90.344390][ T6591] loop0: detected capacity change from 0 to 8192
[   90.466895][ T6614] xt_hashlimit: max too large, truncated to 1048576
[   90.483506][ T6614] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   90.545762][ T6621] netlink: '+}[@': attribute type 8 has an invalid length.
[   90.656459][ T6635] loop0: detected capacity change from 0 to 128
[   90.672294][ T6633] loop2: detected capacity change from 0 to 8192
[   90.764701][ T6645] xt_hashlimit: max too large, truncated to 1048576
[   90.772590][ T6645] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   91.210764][ T6655] loop1: detected capacity change from 0 to 128
[   91.233193][ T6662] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[   91.240180][ T6662] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   91.248378][ T6662] vhci_hcd vhci_hcd.0: Device attached
[   91.489173][ T6676] netlink: '+}[@': attribute type 8 has an invalid length.
[   91.530993][ T6659] loop0: detected capacity change from 0 to 1024
[   91.538929][    T9] usb 12-1: SetAddress Request (2) to port 0
[   91.569030][    T9] usb 12-1: new SuperSpeed USB device number 2 using vhci_hcd
[   91.664186][ T6659] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.003828][ T6663] vhci_hcd: connection reset by peer
[   92.013204][ T5316] vhci_hcd: stop threads
[   92.017739][ T5316] vhci_hcd: release socket
[   92.022800][ T5316] vhci_hcd: disconnect device
[   92.052819][ T6691] loop3: detected capacity change from 0 to 8192
[   92.074033][ T3322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.117488][   T29] kauditd_printk_skb: 323 callbacks suppressed
[   92.117502][   T29] audit: type=1326 audit(1761592980.372:3468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6705 comm="syz.0.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   92.180083][ T6711] loop2: detected capacity change from 0 to 128
[   92.229585][   T29] audit: type=1326 audit(1761592980.372:3469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6705 comm="syz.0.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   92.254096][   T29] audit: type=1326 audit(1761592980.372:3470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6705 comm="syz.0.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   92.278856][   T29] audit: type=1326 audit(1761592980.372:3471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6705 comm="syz.0.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   92.304047][   T29] audit: type=1326 audit(1761592980.372:3472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6705 comm="syz.0.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   92.329208][   T29] audit: type=1326 audit(1761592980.372:3473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6705 comm="syz.0.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   92.354825][   T29] audit: type=1326 audit(1761592980.372:3474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6705 comm="syz.0.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   92.377692][ T6720] loop3: detected capacity change from 0 to 512
[   92.380766][   T29] audit: type=1326 audit(1761592980.372:3475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6705 comm="syz.0.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   92.390124][ T6720] EXT4-fs: Ignoring removed nobh option
[   92.412958][   T29] audit: type=1326 audit(1761592980.372:3476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6705 comm="syz.0.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   92.412990][   T29] audit: type=1326 audit(1761592980.412:3477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6705 comm="syz.0.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18ffd6efc9 code=0x7ffc0000
[   92.458025][ T6720] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #3: comm syz.3.1117: corrupted inode contents
[   92.484998][ T6720] EXT4-fs (loop3): Remounting filesystem read-only
[   92.494222][ T6720] EXT4-fs (loop3): 1 truncate cleaned up
[   92.500853][ T6720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.516761][ T6720] ext4 filesystem being mounted at /266/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.519275][ T6726] netlink: '+}[@': attribute type 8 has an invalid length.
[   92.553579][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.628348][ T6736] loop2: detected capacity change from 0 to 128
[   92.658813][ T6740] xt_hashlimit: max too large, truncated to 1048576
[   92.670935][ T6740] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   92.767154][ T6749] loop3: detected capacity change from 0 to 128
[   92.827962][ T6742] loop5: detected capacity change from 0 to 1024
[   92.855203][ T6752] loop1: detected capacity change from 0 to 512
[   92.865906][ T6752] EXT4-fs: Ignoring removed nobh option
[   92.892966][ T6742] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.094802][ T6752] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #3: comm syz.1.1129: corrupted inode contents
[   93.125143][ T6752] EXT4-fs (loop1): Remounting filesystem read-only
[   93.133300][ T6752] EXT4-fs (loop1): 1 truncate cleaned up
[   93.140034][ T6752] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.153948][ T6752] ext4 filesystem being mounted at /230/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.204067][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.216961][ T6742] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.1125: Allocating blocks 449-513 which overlap fs metadata
[   93.259673][ T6741] EXT4-fs (loop5): pa ffff8881076a58c0: logic 48, phys. 177, len 21
[   93.268294][ T6741] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[   93.275487][ T6774] xt_hashlimit: max too large, truncated to 1048576
[   93.290171][ T6773] loop0: detected capacity change from 0 to 128
[   93.311084][ T6774] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   93.336846][ T5863] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.353320][ T6749] bio_check_eod: 42 callbacks suppressed
[   93.353397][ T6749] syz.3.1128: attempt to access beyond end of device
[   93.353397][ T6749] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   93.374540][ T6749] buffer_io_error: 28 callbacks suppressed
[   93.374555][ T6749] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   93.390608][ T6750] syz.3.1128: attempt to access beyond end of device
[   93.390608][ T6750] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   93.405127][ T6750] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   93.426714][ T6750] syz.3.1128: attempt to access beyond end of device
[   93.426714][ T6750] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   93.441690][ T6750] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   93.559853][ T6791] loop3: detected capacity change from 0 to 1024
[   93.567164][ T6791] EXT4-fs: inline encryption not supported
[   93.582590][ T6791] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.613923][ T6791] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.1143: Allocating blocks 449-513 which overlap fs metadata
[   93.629052][ T6791] EXT4-fs (loop3): Remounting filesystem read-only
[   93.643458][ T6791] EXT4-fs warning (device loop3): ext4_xattr_inode_lookup_create:1602: inode #19: comm syz.3.1143: cleanup dec ref error -117
[   93.684917][ T6791] atomic_op ffff888129ae5928 conn xmit_atomic 0000000000000000
[   93.983709][ T6780] syz.0.1137: attempt to access beyond end of device
[   93.983709][ T6780] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   93.998378][ T6780] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   94.013726][ T6773] syz.0.1137: attempt to access beyond end of device
[   94.013726][ T6773] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   94.028335][ T6773] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   94.064563][ T6773] syz.0.1137: attempt to access beyond end of device
[   94.064563][ T6773] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[   94.078741][ T6773] Buffer I/O error on dev loop0, logical block 128, lost async page write
[   94.170621][ T6807] loop0: detected capacity change from 0 to 164
[   94.218482][ T6807] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   94.234514][ T6807] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   94.244827][ T6807] Symlink component flag not implemented
[   94.251103][ T6807] Symlink component flag not implemented
[   94.258087][ T6807] Symlink component flag not implemented (7)
[   94.264319][ T6807] Symlink component flag not implemented (116)
[   94.343834][ T6819] xt_hashlimit: max too large, truncated to 1048576
[   94.362400][ T6819] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   94.363249][ T6820] loop5: detected capacity change from 0 to 128
[   94.503795][ T6820] ==================================================================
[   94.512310][ T6820] BUG: KCSAN: data-race in __writeback_single_inode / xas_set_mark
[   94.512946][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.521024][ T6820] 
[   94.521036][ T6820] write to 0xffff888119c35d14 of 4 bytes by task 6829 on cpu 0:
[   94.521050][ T6820]  xas_set_mark+0x12b/0x140
[   94.546084][ T6820]  __folio_start_writeback+0x155/0x390
[   94.552216][ T6820]  __block_write_full_folio+0x53a/0x8f0
[   94.558029][ T6820]  block_write_full_folio+0x2c2/0x2e0
[   94.563679][ T6820]  mpage_writepages+0x6cf/0x1250
[   94.569056][ T6820]  fat_writepages+0x24/0x30
[   94.573787][ T6820]  do_writepages+0x1c6/0x310
[   94.579188][ T6820]  file_write_and_wait_range+0x156/0x2c0
[   94.585180][ T6820]  __generic_file_fsync+0x46/0x140
[   94.590589][ T6820]  fat_file_fsync+0x49/0x100
[   94.595483][ T6820]  vfs_fsync_range+0x10d/0x130
[   94.600536][ T6820]  generic_file_write_iter+0x1b8/0x2f0
[   94.606172][ T6820]  iter_file_splice_write+0x666/0xa60
[   94.611810][ T6820]  direct_splice_actor+0x156/0x2a0
[   94.617369][ T6820]  splice_direct_to_actor+0x312/0x680
[   94.622830][ T6820]  do_splice_direct+0xda/0x150
[   94.627851][ T6820]  do_sendfile+0x380/0x650
[   94.632373][ T6820]  __x64_sys_sendfile64+0x105/0x150
[   94.637659][ T6820]  x64_sys_call+0x2bb4/0x3000
[   94.642588][ T6820]  do_syscall_64+0xd2/0x200
[   94.647172][ T6820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.653421][ T6820] 
[   94.655758][ T6820] read to 0xffff888119c35d14 of 4 bytes by task 6820 on cpu 1:
[   94.663554][ T6820]  __writeback_single_inode+0x1f9/0x7c0
[   94.669359][ T6820]  writeback_single_inode+0x16d/0x3f0
[   94.675008][ T6820]  sync_inode_metadata+0x5b/0x90
[   94.680080][ T6820]  __generic_file_fsync+0xf8/0x140
[   94.685277][ T6820]  fat_file_fsync+0x49/0x100
[   94.689957][ T6820]  vfs_fsync_range+0x10d/0x130
[   94.695184][ T6820]  generic_file_write_iter+0x1b8/0x2f0
[   94.700726][ T6820]  iter_file_splice_write+0x666/0xa60
[   94.706344][ T6820]  direct_splice_actor+0x156/0x2a0
[   94.711554][ T6820]  splice_direct_to_actor+0x312/0x680
[   94.717106][ T6820]  do_splice_direct+0xda/0x150
[   94.722183][ T6820]  do_sendfile+0x380/0x650
[   94.726966][ T6820]  __x64_sys_sendfile64+0x105/0x150
[   94.732269][ T6820]  x64_sys_call+0x2bb4/0x3000
[   94.737033][ T6820]  do_syscall_64+0xd2/0x200
[   94.741997][ T6820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.748766][ T6820] 
[   94.751171][ T6820] value changed: 0x0a000021 -> 0x00000021
[   94.757005][ T6820] 
[   94.759446][ T6820] Reported by Kernel Concurrency Sanitizer on:
[   94.765876][ T6820] CPU: 1 UID: 0 PID: 6820 Comm: syz.5.1154 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.777266][ T6820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   94.788035][ T6820] ==================================================================
[   94.834533][ T6837] loop3: detected capacity change from 0 to 128
[   95.087413][ T6820] syz.5.1154: attempt to access beyond end of device
[   95.087413][ T6820] loop5: rw=2049, sector=128, nr_sectors = 1 limit=128
[   95.101228][ T6820] Buffer I/O error on dev loop5, logical block 128, lost async page write
[   95.111201][ T6820] syz.5.1154: attempt to access beyond end of device
[   95.111201][ T6820] loop5: rw=2049, sector=128, nr_sectors = 1 limit=128
[   95.125565][ T6820] Buffer I/O error on dev loop5, logical block 128, lost async page write
[   95.177122][ T6839] syz.3.1160: attempt to access beyond end of device
[   95.177122][ T6839] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   95.191454][ T6839] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   95.200953][ T6837] syz.3.1160: attempt to access beyond end of device
[   95.200953][ T6837] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[   95.214750][ T6837] Buffer I/O error on dev loop3, logical block 128, lost async page write
[   96.666598][    T9] usb 12-1: device descriptor read/8, error -110
[   96.776643][    T9] usb 12-1: new SuperSpeed USB device number 2 using vhci_hcd
[   96.796598][    T9] usb 12-1: enqueue for inactive port 0
[   96.802804][    T9] usb 12-1: enqueue for inactive port 0
[   96.808443][    T9] usb 12-1: enqueue for inactive port 0
[   97.826823][    T9] usb usb12-port1: attempt power cycle
[   99.646810][    T9] usb usb12-port1: unable to enumerate USB device