last executing test programs:

10.469465611s ago: executing program 1 (id=1911):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='kmem_cache_free\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

10.323270278s ago: executing program 1 (id=1915):
r0 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x77, 0x141301)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
ioctl$USBDEVFS_RELEASE_PORT(r0, 0x4004550d, 0x0)

9.933904923s ago: executing program 1 (id=1925):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f00000005c0), &(0x7f0000000600)}, 0x20)
r1 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000002000000380000000000000000191bda000020000100006b5e0200000000000003"], 0x69)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

9.908114806s ago: executing program 1 (id=1928):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000083850000002d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)

9.849052643s ago: executing program 1 (id=1929):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, 0x0, 0x4040080)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x28, r1, 0x1, 0x0, 0x0, {0x2}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}}, 0x0)

9.848566013s ago: executing program 1 (id=1930):
open_tree(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='fdb_delete\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000800))
r1 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f0000000f40), 0x1, 0x503, &(0x7f0000000880)="$eJzs3c9vI1cdAPDvOL+cNG3S0gMgoEspLGi1TuJto6oHWE4IoUqIHkHahsQbRbHjKHZKE/aQ/g9IVOIER/4Azj1x54LgxmU5IPEjAm1W4mA040nWm7U3ZpPYUfz5SKN5b2bs73trzXv21xu/AEbWjYg4iIjJiPgwIuby40m+xd32ll736PDB6tHhg9UkWq0P/plk59Nj0fGY1Ev5cxYj4kffi/hp8mzcxt7+5kq1WtlpV6cXmrXthcbe/u2N2sp6Zb2yVS4vLy0vvnvnnfKF9fWN2mRe+vLDPxx86+dps2bzI539uEjtrk+cxEmNR8QPLiPYEIzl/ZkcdkN4IYWIeC0i3szu/7kYy15NAOA6a7XmojXXWQcArrtClgNLCqU8FzAbhUKp1M7hvR4zhWq90bx1v767tdbOlc3HROH+RrWymOcK52MiSetLWflJvXyqficiXo2IX0xNZ/XSar26Nsw3PgAwwl46Nf//Z6o9/wMA11xx2A0AAAbO/A8Ao8f8DwCjx/wPAKPnyfx/d6jtAAAGx+d/ABg95n8AGCk/fP/9dGsd5b9/vfbR3u5m/aPba5XGZqm2u1pare9sl9br9fXsN3tqZz1ftV7fXno7dj+e//Z2o7nQ2Nu/V6vvbjXvZb/rfa8yMZBeAQDP8+obn/05iYiD96azLTrWcjBXw/VWGHYDgKEZG3YDgKGx2heMrnN8xpcegGuiyxK9TylGxPTpg61Wq3V5TQIu2c0vyP/DqOrI//tfwDBi5P9hdMn/w+hqtZJ+1/yPfi8EAK42OX6gx/f/r+X73+ZfDvxk7fQVn15mqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBqO17/t5SvBT4bhUKpFPFyRMzHRHJ/o1pZjIhXIuJPUxNTaX1pyG0GAM6r8LckX//r5txbs6fPTiaPp7J9RPzsVx/88uOVZnPnj+nxf50cb36aHy8Po/0AwFmO5+ls3/FB/tHhg9XjbZDt+ft3I6LYjn90OBlHJ/HHYzzbF2MiImb+neT1tqQjd3EeB59ExOe79T+J2SwH0l759HT8NPbLA41feCp+ITvX3qf/Fp+7gLbAqPksHX/udrv/CnEj23e//4vZCHV++fiXPtXqUTYGPol/PP6N9Rj/bvQb4+3ff79dmn723CcRXxyPOI591DH+HMdPesR/q8/4f/nSV97sda7164ib0T1+Z6yFZm17obG3f3ujtrJeWa9slcvLS8uL7955p7yQ5agXes8G/3jv1itZocslaf9nesQvntH/r/fZ/9/898Mff7XHuTT+N7/WLX4hXn9O/HRO/Eaf8VdmflfsdS6Nv9aj/2e9/rf6jP/wr/vPLBsOAAxPY29/c6VarewMsnD8RmKgQRX6K0zlL85Vac9ThSvbsM2V6ncGFWsy/q9HtVovFKvXiHERWTfgKji56SPi8bAbAwAAAAAAAAAAAAAAdHWpf6iUtAvD7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//8jOyzo=")
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
add_key$fscrypt_provisioning(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000380)={0x3}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRESDEC=r1, @ANYRES16=0x0, @ANYRESDEC=r2, @ANYBLOB='\x00'/27], 0x50)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0xf3a, 0x0)
ptrace(0x10, 0x1)
syz_usb_connect(0x0, 0x24, &(0x7f00000003c0)=ANY=[@ANYRES8], 0x0)

1.365022563s ago: executing program 4 (id=2173):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f00000028c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6423cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa727bb13e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b47b5cca96c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263f49863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0f34d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf169c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f816c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a9779571bf38ae1981c4238ecaee6f75cd0a6881bd1517b8250ddc8274152f94e3a409e2a3bce109b60000000000100000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee35e3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa544920605d3a78a1e73393d548961429549b083dbd334b47f067bbab40743b2a42010082008df75c1081920386f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f8005000000bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d3d80067d5fec121ea0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d7b0fdf974fcf36cbf6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e73979216faf565ef8df69e720413267a6ccea92753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97d8ecc467ace45feeb685c5870d05f88a0f463db88d373442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af975336e2172e3fcc01b8babb757a5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba291110000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc5d258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4e4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c6821000000000000000791ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68d4739f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c5100000000ff00000000000000001fd173f4c76085f035b092d94a40cda79e8f32ff2de749c21252e41809f1b9b529c0b9e02578e77c7f74dfbadc57e26a73528aa9b3404202c69e89d66156f4ef0ebb5036a4df0e4ddf2b75d96d5bec3135ac538720a0c5c704eba21d440b3fc7c3b17eee66800821d8a408f783b9338bb35696abe6cf46798661074e60adbd51550c663d3f0653829d0a612b2e378a1233097c38ad5595abe9f1b0e1924f75673ba3cdf88a2572d202dd462c75fd8d2f5cc680cbf36ca32a123faa00"/3985], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, 0x0, 0x0)
recvmsg(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x0)

726.748236ms ago: executing program 0 (id=2196):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2202, 0x0)
sendmsg$netlink(r2, 0x0, 0x2000080)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x48)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="16000000d906000004000000030000", @ANYRES32=0x1, @ANYBLOB="00000000000000af4be36afae1670d0000000e9a28ec323b062c55a857967505", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f00000006c0)={0x0, 0x0, 0x2c, 0x9, 0x200, 0x2})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fremovexattr(0xffffffffffffffff, 0x0)
r4 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f00000006c0)='cpu>\'\'\x1d|\t\xd4N\x9b\x1aO\xb7\xcf\xce\x8a\x1a\xe6\x833KW2N\xdb\x00\x00\\\xa9\xc4^\xc1\x84Ie\x05\xb1y\xb5\x1b\xe3\x1c\xa7\x85\xa2\x0f\xb8C\xf7\x9cIS{z?u\x1b\'\x1c\xebv\xbc\xad\xe0OWp\xe9X\xbc\xe2\';JIp\xb3\xc0\xa9n\xf13\x84=\xdd\xde\x02K\xd7\x06\xa0^\xa2$5\xb3m\x8c\x1f.\xf1|\f=v-n!N\xe9\xf7\x9c\xa0Lq\x1a\x0e\xd4T\xfdpY\x9d\xbb34M\xcd\xf0_\xceC\xf2\x13\x8bx\xaaOd\x96\x06\x00\x00\x00\x00\x00\x00\x00\xef*\xe7:E\xdd\xe3\x16\xdd\xdbM\x92f\xcb\xa2\xb7W\xed}@\xc1\xed\x02\r\xa2s\x9b\x19\n\x93\x9aj\xe2\xa0\xef{\xac\xca\x97\xc3r\x85\xd6^\x90\r\x12\x80\x91>\xd0\x92\xde\xda\xf9\xd35x\x18\xc9#\xd7\xb2=\xb8\xaf\x15o\xc1E\xbc\x92\x1c\xe1\xeb\xd5^\\\x0eZ\x90(\xff\xdc5\xe3Y7\xcf/\xf2\x82k\xb7cF\x03b\xda\xe6\xfe\xe0;\x8ea \xf8\xc6\xab\x19a\xd3\xb3c&\x9d\x02\xd06g\x9a\xbc\xd6\xa1o\xcb\xcf\x04\xd4t\xff\x95\xb2\xc1\xeb\xb5C\x84\xe0\x8as<\xdaPY\xe9\x91\x94E\t\xe3\xd7X\xbb|+4\x89\x1d\xf8-{\xd8\xdes\b\xa8F\x825wN\x15\xd0W9M<\xef\xf6\xda\xd0\x14\x8e\xbd')
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0xd, 0x0, 0x0)
socket(0xa, 0x2, 0x0)
getpid()
setreuid(0xee00, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)

612.246169ms ago: executing program 0 (id=2199):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}, 0x3, 0x0, 0x0, 0x20000011}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = creat(0x0, 0xd931d3864d39dcca)
write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000002000000380000000000000000191bda000020000100006b5e0200000000000003"], 0x69)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

582.308633ms ago: executing program 0 (id=2200):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x20, r1, 0x311, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}]}]}, 0x20}}, 0x0)

569.829605ms ago: executing program 2 (id=2202):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000b60000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r1}, 0x18)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x1c)
connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

491.061553ms ago: executing program 0 (id=2203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x99, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xc}, {0xffff, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0x5a, 0x3}}, @qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x2}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0x2}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8}]}}]}, 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)
sendfile(r4, r4, 0x0, 0x80000000)
write$binfmt_script(r4, &(0x7f0000000600)={'#! ', './file0', [{0x20, 'basic\x00'}, {}], 0xa, "57ac38bb328ed8071c3174a79088da2d02a68845ed6ca4ffcd3b00c45babe7b5263a03ee383108ddde0525a34f3c9e95"}, 0x43)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=<r6=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl2\x00', <r7=>0x0, 0x2f, 0x3, 0x1c, 0x0, 0x2, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x8000, 0x2, 0x5}})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0300000004000051dbb71567753d00040000000a92a4f0ea59ca5a194c1cb68ec0989f9704490ac9d2fb7b20b18b0ab625a16313bdd0dd0e6a3049f469635671858d396a07b7792ea2ad7fa8962b43fd07b270f59bcb4a8ce93d1ee2b1e9b46505e8c879087582156775212a0700eaeb460cfcbe2fec5cc2c67fface955342d24091371a23631bf8ca2d4edf6e388b78f7297792213052049d", @ANYRES32=r0, @ANYBLOB='@\x00'/20, @ANYRES32=r7, @ANYRES32, @ANYBLOB="04000000050000000400"/28], 0x50)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000580)='kmem_cache_free\x00', r8, 0x0, 0x7}, 0x18)
r9 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r9, &(0x7f0000000040), 0x10)
ioctl$SIOCPNENABLEPIPE(r9, 0x89ed, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10, 0x0, 0x5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r11 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$clear(0x7, r11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000200)={0x400000, {{0xa, 0x4e22, 0x80000, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES64=r6, @ANYBLOB="0902aa536d0000000000000000f599828373"], 0x38}}, 0x0)
flistxattr(0xffffffffffffffff, &(0x7f0000000a40)=""/4096, 0x1000)

373.937577ms ago: executing program 2 (id=2204):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="700000001900010000000000000000001d0109004d00118025b57efaa223b473fe7783bc4a500cf756740574b89d316a176f88d6e1db9b2bb2e5c90fafb663cdebaede447dc8f6f61c6615fcf718bf7f4f40adda4853b2d23adb370000000c000500"], 0x70}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0a000000020000000200000007"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xd2, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffbfff00000000000086dd600489f1009c1100fc010000000000000025030000000000ff02000000000000000000000000000100000e"], 0x0)

354.022999ms ago: executing program 2 (id=2205):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000001e2000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

289.917757ms ago: executing program 4 (id=2206):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}, 0x3, 0x0, 0x0, 0x20000011}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f00000005c0), &(0x7f0000000600)}, 0x20)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000002000000380000000000000000191bda000020000100006b5e02000000000000"], 0x69)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

289.672747ms ago: executing program 3 (id=2207):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4}}}, 0x90)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000000080045000028000000000006907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c10000090780000"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r2=>0x0)
sched_setscheduler(r2, 0x6, &(0x7f00000000c0)=0x8)
ioprio_set$pid(0x1, 0x0, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x42002, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000180)={'syzkaller1\x00', {0x2, 0x4e24, @multicast1}})
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r4, 0x40106614, &(0x7f0000000300))
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x0, 0x2, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x1}, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, r5, 0x0, 0xffffffffffffffff, 0xc)
sendfile(r3, r4, 0x0, 0x20000023896)
r6 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil)
shmctl$SHM_INFO(r6, 0xe, &(0x7f0000000080)=""/166)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
timer_create(0x3, 0x0, &(0x7f0000000680))
r7 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$bt_BT_SECURITY(r7, 0x10e, 0xc, 0x0, 0x20000000)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)

289.333777ms ago: executing program 4 (id=2208):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r6=>0x0})
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005400e501000000000000000007000000", @ANYRES32=r4, @ANYBLOB="20000100", @ANYRES32=r6, @ANYBLOB="01000000ffffffff00000000000000000001000086dd"], 0x38}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x8000000000000000}, 0x18)
syz_emit_ethernet(0x46f, &(0x7f00000007c0)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "f53a13", 0x439, 0x73, 0xff, @private0={0xfc, 0x0, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {[@fragment={0x88, 0x0, 0x4, 0x0, 0x0, 0x1d, 0x65}, @hopopts={0x84, 0x18, '\x00', [@generic={0x4, 0x5, "e913760c61"}, @hao={0xc9, 0x10, @mcast2}, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}, @generic={0x8, 0x65, "af9cbbf03bf6fddca6e198c69c72185b19b5b62075aee2b0d78b777cb1a3e24f5953564669b0fd148ecb3be13a437c89e95dcd873ebbff795552cd1e9a0fb8ee7f6a51e9250b11fb2b18e21677794f6699f336f5fe75a9f2a1a73f8c2ed2c1eb7a83ac3f85"}, @jumbo={0xc2, 0x4, 0x400}, @generic={0x3, 0x27, "5dff69e22a265a28f87b51f8b52f6598a7e6ee667e67d7bc36096a592a2350e80f7ea31f8c245b"}, @padn={0x1, 0x2, [0x0, 0x0]}]}, @srh={0x3c, 0x2, 0x4, 0x1, 0x15, 0x18, 0x7ff, [@local]}, @srh={0x2f, 0x2, 0x4, 0x1, 0x7, 0x68, 0x401, [@mcast2]}, @srh={0x84, 0x6, 0x4, 0x3, 0x6, 0xb8, 0x9, [@ipv4={'\x00', '\xff\xff', @loopback}, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}, @fragment={0x2b, 0x0, 0xf, 0x0, 0x0, 0x15, 0x66}, @hopopts={0x6c, 0x36, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @calipso={0x7, 0x30, {0x3, 0xa, 0x10, 0x8, [0x2, 0x8000, 0xffffffff, 0x7, 0x9]}}, @enc_lim={0x4, 0x1, 0x5}, @generic={0x7, 0xfc, "4e83005a69d86cddbdff4c700c687ac8cae883a60eb40b69c9232ee4cb74fd183348cd209f6bf8d62a10d85ab6c59b88ab6604b7520038b8ef9836596b720fef703dd1d545c5991bd991f0509dda4fb26a0416ff65bd026ffe7b9f8f79b14a1b01b73dbd76d3eb4a6e62b33f58e898ca0b7cdf5cd75c2f4fbfbd2f163d972d5db795323cf985bd85ece1ab66dc44e908da66f658732268e66d8bcf53a3a03869520b050138bc4fc28e7533d5a9437583cbb2bdd351f909b19e8d516850d8a2d1d33219cf55e1b7eb98c73e21aeebba6607cafdac6bd67a12fc95de79f968ac931335890ca27b89882c733eb4f3f6156fe436dfc24c752b24d17adee2"}, @pad1, @hao={0xc9, 0x10, @private0}, @calipso={0x7, 0x30, {0x3, 0xa, 0x0, 0x4, [0x1, 0x2909a199, 0x6, 0x200, 0x1]}}, @calipso={0x7, 0x20, {0x2, 0x6, 0x3, 0xffff, [0x4a52, 0x83b, 0x2c4]}}, @jumbo={0xc2, 0x4, 0x8001}]}, @hopopts={0x78, 0x1, '\x00', [@padn={0x1, 0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}, @srh={0x6, 0x8, 0x4, 0x4, 0x7, 0x20, 0x0, [@loopback, @private1={0xfc, 0x1, '\x00', 0x1}, @private1, @rand_addr=' \x01\x00']}, @fragment={0x8, 0x0, 0x7, 0x0, 0x0, 0x2, 0x68}], "f85b136c6d912e91e2d76ed38443284a325fa35cebaab6aebb411268367ee1111767cae3072d9fd506df6bcd8ba75caa5fe0448cad0e167208a6bb2e4035cbff048335b2402023f7b2162ae4ac4b765bd216c232f1a04ac1eb6364982a247ed689a45c22a36e0c278a10ed6b88fa5241639b447daceb742f9d14db3f40fc2df761d080873131ff39c0b43e652f299e5b1de4370ca193d925dd048f9eceb1197403ae66bec606c4b6cacf87635c6b3bc4862080dacc47dfbb737f4a1050f912e0beb756264619018858"}}}}}, 0x0)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r8, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddb357f7adf97affffffff7d1800"})
r9 = syz_open_pts(r8, 0x0)
ioctl$TIOCVHANGUP(r9, 0x5437, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.parent_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r10, 0x0)
dup3(r8, r9, 0x0)
ioctl$TCSETA(r9, 0x5406, &(0x7f0000000000)={0x0, 0x8000, 0x0, 0x0, 0x11, '\x00\x00\x00\x00 #\x00'})
ioctl$TIOCGPTPEER(r8, 0x5441, 0x0)

251.184521ms ago: executing program 0 (id=2209):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
chdir(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_genetlink_get_family_id$smc(&(0x7f0000001280), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000001340)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001300)={&(0x7f00000012c0)={0x1c, r3, 0x10, 0x70bd2b, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0xae4a1cb41f5b0e9}, 0x40014)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x12, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r1}, &(0x7f0000000880), &(0x7f00000008c0)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{}, &(0x7f0000000540), &(0x7f0000000580)}, 0x20)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000340)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x7}}, {@bsdgroups}, {@noload}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@resuid={'resuid', 0x3d, 0xee01}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x10, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000474000"], &(0x7f0000000280)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000b40)={[{@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@noinit_itable}, {@nodelalloc}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x0, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_read_part_table(0x1059, &(0x7f0000000000)="$eJzsz7GNwkAQBdDv2/P5JCMhOiCiHBJERYgqqAACWqAfEhpAWgQ2lAAE7yWzs/8nEz6q9ONjl5Jpsjl2+U9Kkp8h+Ev6ZDkZtmut9T6bPBrny3w79jLbJ2m7cRvm6re0TdI+f2rJafHKy/rwvksBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HvdAgAA//8YdA0R")
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000001200)={0x42, 0x3}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r6, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000011c0)={0x14, r7, 0x4196ccce67868bab}, 0x14}}, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000680)=@mangle={'mangle\x00', 0x64, 0x6, 0x600, 0x0, 0x0, 0x1d0, 0x0, 0x1d0, 0x530, 0x530, 0x530, 0x530, 0x530, 0x6, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'vcan0\x00', 'veth1_virt_wifi\x00'}, 0x0, 0xa8, 0xe8, 0x0, {0x7a00000000000000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x9}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'syzkaller1\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@private0}}}, {{@ipv6={@rand_addr=' \x01\x00', @mcast2, [], [], 'veth1_to_batadv\x00', 'vlan1\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@inet=@ecn={{0x28}}, @common=@ipv6header={{0x28}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@empty}}}, {{@ipv6={@private0, @mcast2, [], [], 'veth1_to_team\x00', 'veth0_macvtap\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@hbh={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@remote}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@local}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x660)

241.707332ms ago: executing program 2 (id=2210):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}, 0x3, 0x0, 0x0, 0x20000011}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = creat(0x0, 0xd931d3864d39dcca)
write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000002000000380000000000000000191bda000020000100006b5e0200000000000003"], 0x69)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

234.534243ms ago: executing program 4 (id=2211):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000001e20000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x800084}, 0xfffffffffffffea9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r2, 0x40047451, 0x2000000c)
bpf$PROG_LOAD(0x5, 0x0, 0x32)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000004c0)=ANY=[], 0xfdef)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x21, &(0x7f0000000200), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='kmem_cache_free\x00'}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

197.825327ms ago: executing program 3 (id=2212):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r1 = socket$inet6(0xa, 0x2, 0x3a)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) (async)
sendmmsg$inet6(r1, &(0x7f0000000340)=[{{&(0x7f0000000380)={0xa, 0x0, 0x0, @mcast2={0x0, 0x2, '\x00', 0x0}}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="a0002883781ecc0e", 0x8}], 0x1}}], 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x50)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000005c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0xc970, @void, @value}, 0x94) (async)
open_tree(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x1801) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
statx(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x80, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = eventfd(0x0) (async)
r7 = gettid()
readv(r6, &(0x7f0000000340)=[{&(0x7f0000006a40)=""/158, 0x9e}], 0x1) (async)
tkill(r7, 0xb) (async)
r8 = geteuid() (async)
lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r11}, 0x10) (async)
creat(0x0, 0x0) (async)
syz_emit_ethernet(0x3e, &(0x7f0000000340)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd605d35c200080000fc010000000000000000000000000000fc00000000000000000000000000000000000007"], 0x0) (async)
r12 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r13 = syz_genetlink_get_family_id$tipc2(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r12, &(0x7f00000009c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000980)={&(0x7f0000000800)={0x144, r13, 0x122, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x80000000}]}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3671f683}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}]}, @TIPC_NLA_MEDIA={0x50, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe9ed}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5b}]}, @TIPC_NLA_NODE={0x74, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "3e8e8242d0839bce6b40d8939866db3464b95bec7cc172cec6c91ad885"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x144}, 0x1, 0x0, 0x0, 0x8011}, 0x4004045)
getgroups(0x9, &(0x7f0000000300)=[0xee01, 0xffffffffffffffff, 0xee00, 0xee01, <r14=>0xffffffffffffffff, 0xee01, 0xee00, 0xee00, 0xffffffffffffffff]) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000700)={0xffffffffffffffff, 0x20, &(0x7f00000006c0)={&(0x7f0000000600)=""/24, 0x18, <r15=>0x0, &(0x7f0000000640)=""/70, 0x46}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000740)=r15, 0x4) (async)
fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000a00)=ANY=[@ANYBLOB="02000000010001000000000002000200", @ANYRES32=r5, @ANYBLOB="02000100", @ANYRES32=r8, @ANYBLOB="020002003898f63443f7d9829d4d404046ccb5eb58ec374aaa966fab1ac69e5593afa6c179ecb8faba3a352f7541c07ea8b70b983ae7ce84c17dce5f3bdc9643e04f0beded38d40e14a09101bff9e88d6126a638cf75bc8eadd5d7890a8c40b96119931577e76cddc5f6d17ebbd6468c350f5cafbb1c7cc6a1a37677735e4e5d376c274f342a105065f7326fd9a269fdabed48daa7367933d2d420e2dc5c14aa8efdfc306dfe95de3291551d79a221612b00f5963b575e446c21373bf829680c9562e0f403bc9a5e551d3b35742715c453a43810c636b474", @ANYRES32, @ANYBLOB="02000100", @ANYRES32=r9, @ANYBLOB="040000000000000008000400", @ANYRES32=r14, @ANYBLOB="10000700000000002000010000000000"], 0x4c, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000400)='cachefiles_write\x00', r4, 0x0, 0x5}, 0x18)
sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001480)=ANY=[@ANYBLOB="1401000025000100000000000000000003"], 0x114}], 0x1}, 0x0)

187.882488ms ago: executing program 2 (id=2213):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000b40)={[{@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@noinit_itable}, {@nodelalloc}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x0, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000680)=@mangle={'mangle\x00', 0x64, 0x6, 0x600, 0x0, 0x0, 0x1d0, 0x0, 0x1d0, 0x530, 0x530, 0x530, 0x530, 0x530, 0x6, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'vcan0\x00', 'veth1_virt_wifi\x00'}, 0x0, 0xa8, 0xe8, 0x0, {0x7a00000000000000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x9}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'syzkaller1\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@private0}}}, {{@ipv6={@rand_addr=' \x01\x00', @mcast2, [], [], 'veth1_to_batadv\x00', 'vlan1\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@inet=@ecn={{0x28}}, @common=@ipv6header={{0x28}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@empty}}}, {{@ipv6={@private0, @mcast2, [], [], 'veth1_to_team\x00', 'veth0_macvtap\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@hbh={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@remote}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@local}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x660)

117.880697ms ago: executing program 3 (id=2214):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900070006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x0)

117.400937ms ago: executing program 3 (id=2215):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000b60000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r1}, 0x18)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x1c)
connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

99.853498ms ago: executing program 4 (id=2216):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x20, 0x1, 0x8, 0x3, 0x0, 0x0, {0xa, 0x0, 0x2}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x4040080)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r0, 0x0, 0x0)

69.440832ms ago: executing program 0 (id=2217):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x31)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x2000000, 0xfffffffffffffef9, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x80000001}, 0x50)

42.605505ms ago: executing program 3 (id=2218):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}, 0x3, 0x0, 0x0, 0x20000011}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f00000005c0), &(0x7f0000000600)}, 0x20)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000002000000380000000000000000191bda000020000100006b5e02000000000000"], 0x69)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

779.14µs ago: executing program 4 (id=2219):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0a000000020000000200000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000000)={[{@bsdgroups}, {@grpquota}, {@init_itable}, {@user_xattr}, {@nomblk_io_submit}]}, 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
truncate(&(0x7f0000001080)='./file1\x00', 0x0)

431.64µs ago: executing program 3 (id=2220):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000fd0f000003"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r0}, &(0x7f0000000680), &(0x7f00000006c0)=r1}, 0x20)
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000280)=ANY=[], 0x835, 0x4000000)

0s ago: executing program 2 (id=2221):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000001e2000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='kmem_cache_free\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

kernel console output (not intermixed with test programs):

gnoring removed oldalloc option
[  117.019780][ T8273] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.034362][ T8273] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.044359][ T8479] __nla_validate_parse: 2 callbacks suppressed
[  117.044373][ T8479] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1436'.
[  117.056795][ T8486] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.1437: Parent and EA inode have the same ino 15
[  117.059701][ T8479] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1436'.
[  117.073333][ T8486] EXT4-fs (loop1): 1 orphan inode deleted
[  117.152485][ T8486] xt_TPROXY: Can be used only with -p tcp or -p udp
[  117.176054][ T8497] loop0: detected capacity change from 0 to 512
[  117.185632][ T8497] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  117.220044][ T8497] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1438: bg 0: block 248: padding at end of block bitmap is not set
[  117.234785][ T8497] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.1438: Failed to acquire dquot type 1
[  117.246836][ T8497] EXT4-fs (loop0): 1 truncate cleaned up
[  117.253033][ T8497] ext4 filesystem being mounted at /191/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  117.283602][ T8497] syz.0.1438 (8497) used greatest stack depth: 9344 bytes left
[  117.323995][ T8514] tipc: Enabled bearer <udp:syz2>, priority 10
[  117.331366][ T8514] tipc: Disabling bearer <udp:syz2>
[  117.367811][ T8521] netlink: 'syz.2.1448': attribute type 1 has an invalid length.
[  117.450692][ T8527] syzkaller0: entered promiscuous mode
[  117.456337][ T8527] syzkaller0: entered allmulticast mode
[  117.465004][ T8531] loop0: detected capacity change from 0 to 2048
[  117.516963][ T8531] loop0: detected capacity change from 2048 to 0
[  117.551579][ T8538] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  117.601514][ T8541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1457'.
[  117.610416][ T8541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1457'.
[  117.714881][ T8553] loop0: detected capacity change from 0 to 512
[  117.721946][ T8553] EXT4-fs: Ignoring removed oldalloc option
[  117.729915][ T8553] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1462: Parent and EA inode have the same ino 15
[  117.742515][ T8553] EXT4-fs (loop0): 1 orphan inode deleted
[  117.792190][ T8553] xt_TPROXY: Can be used only with -p tcp or -p udp
[  117.828989][ T8558] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  117.961965][ T8567] loop1: detected capacity change from 0 to 2048
[  117.981671][ T8567] loop1: detected capacity change from 0 to 164
[  118.019050][ T8573] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1470'.
[  118.028011][ T8573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1470'.
[  118.053217][ T8577] loop0: detected capacity change from 0 to 512
[  118.067738][ T8577] loop0: detected capacity change from 0 to 1024
[  118.086654][ T8577] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.128143][ T8581] syzkaller0: entered promiscuous mode
[  118.133650][ T8581] syzkaller0: entered allmulticast mode
[  118.450064][ T8595] loop4: detected capacity change from 0 to 2048
[  118.463181][ T8595] loop4: detected capacity change from 0 to 164
[  118.800740][ T8598] loop1: detected capacity change from 0 to 512
[  118.807381][ T8598] EXT4-fs: Ignoring removed oldalloc option
[  118.814795][ T8598] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.1479: Parent and EA inode have the same ino 15
[  118.828209][ T8598] EXT4-fs (loop1): 1 orphan inode deleted
[  118.845321][ T8601] loop2: detected capacity change from 0 to 512
[  118.852104][ T8601] EXT4-fs: Ignoring removed oldalloc option
[  118.860799][ T8601] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1480: Parent and EA inode have the same ino 15
[  118.873547][ T8601] EXT4-fs (loop2): 1 orphan inode deleted
[  118.911942][ T8598] xt_TPROXY: Can be used only with -p tcp or -p udp
[  118.946413][ T8601] xt_TPROXY: Can be used only with -p tcp or -p udp
[  119.048238][ T8617] loop2: detected capacity change from 0 to 512
[  119.054863][ T8617] EXT4-fs: Ignoring removed oldalloc option
[  119.064374][ T8617] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1487: Parent and EA inode have the same ino 15
[  119.078590][ T8617] EXT4-fs (loop2): 1 orphan inode deleted
[  119.126585][ T8623] loop0: detected capacity change from 0 to 2048
[  119.166679][ T8623] loop0: detected capacity change from 0 to 164
[  119.173707][ T8617] xt_TPROXY: Can be used only with -p tcp or -p udp
[  119.229482][ T8632] loop2: detected capacity change from 0 to 512
[  119.237086][ T8632] EXT4-fs: Ignoring removed oldalloc option
[  119.247415][ T8632] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1494: Parent and EA inode have the same ino 15
[  119.262583][ T8632] EXT4-fs (loop2): 1 orphan inode deleted
[  119.266396][ T8639] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1496'.
[  119.276988][ T8632] xt_TPROXY: Can be used only with -p tcp or -p udp
[  119.308416][ T8641] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1499'.
[  119.317472][ T8641] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1499'.
[  119.360347][ T8652] tipc: Started in network mode
[  119.365269][ T8652] tipc: Node identity ac1414aa, cluster identity 4711
[  119.372202][ T8652] tipc: Enabled bearer <udp:syz2>, priority 10
[  119.408118][ T8657] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  119.441036][ T8664] tipc: Disabling bearer <udp:syz2>
[  119.447619][ T8665] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  119.470579][ T8667] loop2: detected capacity change from 0 to 2048
[  119.482659][ T8667] loop2: detected capacity change from 0 to 164
[  119.596387][ T8673] loop4: detected capacity change from 0 to 128
[  119.603053][ T8673] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  119.978596][ T8687] loop0: detected capacity change from 0 to 256
[  119.992061][ T8687] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  120.002639][ T8687] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  120.020858][ T8687] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  120.029659][ T8687] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  120.200648][ T8694] loop1: detected capacity change from 0 to 4096
[  120.208193][ T8694] EXT4-fs: Ignoring removed nomblk_io_submit option
[  120.218590][ T8694] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1516: corrupted inode contents
[  120.230793][ T8694] EXT4-fs error (device loop1): ext4_dirty_inode:5984: inode #15: comm syz.1.1516: mark_inode_dirty error
[  120.242328][ T8694] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1516: corrupted inode contents
[  120.254418][ T8694] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1516: mark_inode_dirty error
[  120.266095][ T8694] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1516: corrupted inode contents
[  120.278587][ T8694] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1516: mark_inode_dirty error
[  120.290394][ T8694] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1516: corrupted inode contents
[  120.302690][ T8694] EXT4-fs error (device loop1): ext4_truncate:4208: inode #15: comm syz.1.1516: mark_inode_dirty error
[  120.314787][ T8694] EXT4-fs error (device loop1) in ext4_setattr:5523: Corrupt filesystem
[  120.320165][ T8697] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  120.378249][ T8705] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1522'.
[  120.481474][ T8717] loop2: detected capacity change from 0 to 512
[  120.495462][ T8717] EXT4-fs: Ignoring removed oldalloc option
[  120.511524][ T8723] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  120.521445][ T8721] loop1: detected capacity change from 0 to 4096
[  120.528208][ T8717] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1528: Parent and EA inode have the same ino 15
[  120.545636][ T8721] EXT4-fs: Ignoring removed nomblk_io_submit option
[  120.550622][ T8717] EXT4-fs (loop2): 1 orphan inode deleted
[  120.580317][ T8731] loop4: detected capacity change from 0 to 512
[  120.582227][ T8717] xt_TPROXY: Can be used only with -p tcp or -p udp
[  120.587134][ T8731] EXT4-fs: Ignoring removed oldalloc option
[  120.618012][ T8731] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1533: Parent and EA inode have the same ino 15
[  120.630943][ T8721] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1529: corrupted inode contents
[  120.631434][ T8731] EXT4-fs (loop4): 1 orphan inode deleted
[  120.645965][ T8721] EXT4-fs error (device loop1): ext4_dirty_inode:5984: inode #15: comm syz.1.1529: mark_inode_dirty error
[  120.661278][ T8721] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1529: corrupted inode contents
[  120.680455][ T8721] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1529: mark_inode_dirty error
[  120.709049][ T8721] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1529: corrupted inode contents
[  120.728439][ T8721] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1529: mark_inode_dirty error
[  120.744295][ T8731] xt_TPROXY: Can be used only with -p tcp or -p udp
[  120.772464][ T8721] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1529: corrupted inode contents
[  120.802176][ T8741] loop0: detected capacity change from 0 to 512
[  120.811302][ T8721] EXT4-fs error (device loop1): ext4_truncate:4208: inode #15: comm syz.1.1529: mark_inode_dirty error
[  120.837039][ T8721] EXT4-fs error (device loop1) in ext4_setattr:5523: Corrupt filesystem
[  120.865827][ T8746] loop4: detected capacity change from 0 to 512
[  120.872423][ T8746] EXT4-fs: Ignoring removed oldalloc option
[  120.886957][ T8741] ext4 filesystem being mounted at /219/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  120.900278][ T8746] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1539: Parent and EA inode have the same ino 15
[  120.913461][ T8746] EXT4-fs (loop4): 1 orphan inode deleted
[  120.928838][ T8746] xt_TPROXY: Can be used only with -p tcp or -p udp
[  120.934388][ T8753] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  120.999056][ T8762] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  121.075777][ T8776] FAULT_INJECTION: forcing a failure.
[  121.075777][ T8776] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.088897][ T8776] CPU: 1 UID: 0 PID: 8776 Comm: syz.4.1548 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  121.099678][ T8776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  121.109841][ T8776] Call Trace:
[  121.113140][ T8776]  <TASK>
[  121.116221][ T8776]  dump_stack_lvl+0xf2/0x150
[  121.120821][ T8776]  dump_stack+0x15/0x20
[  121.124990][ T8776]  should_fail_ex+0x223/0x230
[  121.129679][ T8776]  should_fail+0xb/0x10
[  121.133851][ T8776]  should_fail_usercopy+0x1a/0x20
[  121.138968][ T8776]  _copy_from_user+0x1e/0xd0
[  121.143569][ T8776]  input_event_from_user+0x126/0x1e0
[  121.148930][ T8776]  evdev_write+0x29d/0x440
[  121.153387][ T8776]  ? __pfx_evdev_write+0x10/0x10
[  121.158436][ T8776]  vfs_write+0x26c/0x910
[  121.162687][ T8776]  ? __rcu_read_unlock+0x4e/0x70
[  121.167679][ T8776]  ? __fget_files+0x1d4/0x210
[  121.172423][ T8776]  ksys_write+0xeb/0x1b0
[  121.176678][ T8776]  __x64_sys_write+0x42/0x50
[  121.181416][ T8776]  x64_sys_call+0x27dd/0x2d60
[  121.186108][ T8776]  do_syscall_64+0xc9/0x1c0
[  121.190766][ T8776]  ? clear_bhb_loop+0x55/0xb0
[  121.195719][ T8776]  ? clear_bhb_loop+0x55/0xb0
[  121.200434][ T8776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.206410][ T8776] RIP: 0033:0x7f53aa5adff9
[  121.210964][ T8776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.230767][ T8776] RSP: 002b:00007f53a9206038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  121.239423][ T8776] RAX: ffffffffffffffda RBX: 00007f53aa766058 RCX: 00007f53aa5adff9
[  121.247562][ T8776] RDX: 00000000000012d8 RSI: 0000000020000040 RDI: 0000000000000007
[  121.255632][ T8776] RBP: 00007f53a9206090 R08: 0000000000000000 R09: 0000000000000000
[  121.263613][ T8776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.271774][ T8776] R13: 0000000000000000 R14: 00007f53aa766058 R15: 00007ffc11c56598
[  121.279775][ T8776]  </TASK>
[  121.330678][ T8792] netlink: 'syz.0.1559': attribute type 1 has an invalid length.
[  121.358276][ T8796] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  121.485729][ T8816] netlink: 'syz.0.1570': attribute type 1 has an invalid length.
[  121.493036][ T8818] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  121.528611][ T8822] loop0: detected capacity change from 0 to 1024
[  121.535741][ T8822] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  121.547270][ T8822] xt_TPROXY: Can be used only with -p tcp or -p udp
[  121.572765][ T8827] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  121.721588][ T8838] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  121.784539][ T8846] netlink: 'syz.0.1581': attribute type 1 has an invalid length.
[  121.822002][ T8850] loop0: detected capacity change from 0 to 512
[  121.832177][ T8850] EXT4-fs: Ignoring removed oldalloc option
[  121.841723][ T8852] tipc: Started in network mode
[  121.846691][ T8852] tipc: Node identity ac1414aa, cluster identity 4711
[  121.853876][ T8852] tipc: Enabled bearer <udp:s>, priority 10
[  121.854179][ T8850] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1583: Parent and EA inode have the same ino 15
[  121.873533][ T8850] EXT4-fs (loop0): 1 orphan inode deleted
[  121.934431][ T8857] loop1: detected capacity change from 0 to 1024
[  121.942474][   T29] kauditd_printk_skb: 155 callbacks suppressed
[  121.942487][   T29] audit: type=1400 audit(1729788411.049:2687): avc:  denied  { create } for  pid=8858 comm="syz.4.1587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  121.974680][   T29] audit: type=1400 audit(1729788411.049:2688): avc:  denied  { read } for  pid=8858 comm="syz.4.1587" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  121.999037][   T29] audit: type=1400 audit(1729788411.049:2689): avc:  denied  { open } for  pid=8858 comm="syz.4.1587" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  122.030139][ T8857] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  122.066425][ T8862] loop0: detected capacity change from 0 to 512
[  122.087604][ T8862] ext4 filesystem being mounted at /242/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  122.186525][ T8871] loop1: detected capacity change from 0 to 4096
[  122.193773][ T8871] EXT4-fs: Ignoring removed nomblk_io_submit option
[  122.200653][   T29] audit: type=1400 audit(1729788411.289:2690): avc:  denied  { ioctl } for  pid=8858 comm="syz.4.1587" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  122.251324][ T8871] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1591: corrupted inode contents
[  122.281071][ T8871] EXT4-fs error (device loop1): ext4_dirty_inode:5984: inode #15: comm syz.1.1591: mark_inode_dirty error
[  122.293932][ T8871] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1591: corrupted inode contents
[  122.339698][ T8886] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  122.347373][ T8884] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  122.356531][ T8871] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1591: mark_inode_dirty error
[  122.401183][ T8871] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1591: corrupted inode contents
[  122.432098][ T8871] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1591: mark_inode_dirty error
[  122.456706][ T8871] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1591: corrupted inode contents
[  122.476990][ T8890] loop0: detected capacity change from 0 to 512
[  122.489394][ T8890] EXT4-fs: Ignoring removed oldalloc option
[  122.495859][ T8871] EXT4-fs error (device loop1): ext4_truncate:4208: inode #15: comm syz.1.1591: mark_inode_dirty error
[  122.509228][ T8871] EXT4-fs error (device loop1) in ext4_setattr:5523: Corrupt filesystem
[  122.533846][ T8890] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1599: Parent and EA inode have the same ino 15
[  122.580526][ T8890] EXT4-fs (loop0): 1 orphan inode deleted
[  122.592913][ T8899] loop1: detected capacity change from 0 to 1024
[  122.603595][ T8897] loop2: detected capacity change from 0 to 512
[  122.636223][ T8899] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  122.647985][ T8899] tproxy_tg6_check: 2 callbacks suppressed
[  122.647999][ T8899] xt_TPROXY: Can be used only with -p tcp or -p udp
[  122.662618][ T8897] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  122.700440][ T8890] xt_TPROXY: Can be used only with -p tcp or -p udp
[  122.716977][ T8904] loop1: detected capacity change from 0 to 2048
[  122.735961][ T8904] loop1: detected capacity change from 0 to 164
[  122.890029][   T29] audit: type=1400 audit(1729788411.989:2691): avc:  denied  { create } for  pid=8915 comm="syz.4.1610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  122.890361][ T8916] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  122.910651][   T29] audit: type=1400 audit(1729788411.989:2692): avc:  denied  { write } for  pid=8915 comm="syz.4.1610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  122.938648][   T29] audit: type=1400 audit(1729788411.989:2693): avc:  denied  { read } for  pid=8915 comm="syz.4.1610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  122.965348][ T3323] tipc: Node number set to 2886997162
[  122.993309][   T29] audit: type=1400 audit(1729788412.019:2694): avc:  denied  { read write } for  pid=8273 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  123.017554][   T29] audit: type=1400 audit(1729788412.019:2695): avc:  denied  { open } for  pid=8273 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  123.041909][   T29] audit: type=1400 audit(1729788412.019:2696): avc:  denied  { ioctl } for  pid=8273 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  123.062491][ T8926] loop4: detected capacity change from 0 to 4096
[  123.074576][ T8926] EXT4-fs: Ignoring removed nomblk_io_submit option
[  123.085644][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.100818][ T8930] loop0: detected capacity change from 0 to 512
[  123.116281][ T8926] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1613: corrupted inode contents
[  123.133610][ T8930] ext4 filesystem being mounted at /251/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.145213][ T8926] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #15: comm syz.4.1613: mark_inode_dirty error
[  123.158541][ T8926] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1613: corrupted inode contents
[  123.182157][ T8926] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.1613: mark_inode_dirty error
[  123.193978][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.204916][ T8926] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1613: corrupted inode contents
[  123.233833][ T8926] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.1613: mark_inode_dirty error
[  123.254394][ T8926] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1613: corrupted inode contents
[  123.266464][ T8948] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  123.267323][ T8926] EXT4-fs error (device loop4): ext4_truncate:4208: inode #15: comm syz.4.1613: mark_inode_dirty error
[  123.289728][ T8926] EXT4-fs error (device loop4) in ext4_setattr:5523: Corrupt filesystem
[  123.302862][   T11] bond0: (slave netdevsim1): Releasing backup interface
[  123.313147][ T8950] loop0: detected capacity change from 0 to 512
[  123.321628][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.333482][ T8950] EXT4-fs: Ignoring removed oldalloc option
[  123.343034][ T8950] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1620: Parent and EA inode have the same ino 15
[  123.357825][ T8950] EXT4-fs (loop0): 1 orphan inode deleted
[  123.409666][ T8957] loop4: detected capacity change from 0 to 256
[  123.429830][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.475218][ T8957] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  123.475387][ T8918] chnl_net:caif_netlink_parms(): no params data found
[  123.493950][ T8963] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  123.496390][ T8957] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  123.553277][ T8957] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  123.567484][ T8950] xt_TPROXY: Can be used only with -p tcp or -p udp
[  123.574310][ T8957] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  123.634376][ T8975] __nla_validate_parse: 6 callbacks suppressed
[  123.634392][ T8975] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1629'.
[  123.649612][ T8977] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  123.651454][ T8979] loop1: detected capacity change from 0 to 4096
[  123.663886][ T8979] EXT4-fs: Ignoring removed nomblk_io_submit option
[  123.672868][ T8918] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.676884][ T8982] loop0: detected capacity change from 0 to 512
[  123.680005][ T8918] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.693363][ T8918] bridge_slave_0: entered allmulticast mode
[  123.701601][ T8918] bridge_slave_0: entered promiscuous mode
[  123.708436][ T8982] EXT4-fs: Ignoring removed oldalloc option
[  123.718275][ T8918] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.725548][ T8918] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.727290][ T8979] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1631: corrupted inode contents
[  123.733316][ T8918] bridge_slave_1: entered allmulticast mode
[  123.751080][ T8918] bridge_slave_1: entered promiscuous mode
[  123.752876][ T8979] EXT4-fs error (device loop1): ext4_dirty_inode:5984: inode #15: comm syz.1.1631: mark_inode_dirty error
[  123.763029][ T8982] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1632: Parent and EA inode have the same ino 15
[  123.769715][ T8979] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1631: corrupted inode contents
[  123.788245][ T8982] EXT4-fs (loop0): 1 orphan inode deleted
[  123.800785][ T8979] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1631: mark_inode_dirty error
[  123.812325][ T8979] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1631: corrupted inode contents
[  123.824563][ T8979] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1631: mark_inode_dirty error
[  123.846072][ T8979] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1631: corrupted inode contents
[  123.858183][   T11] bridge_slave_1: left allmulticast mode
[  123.859512][ T8979] EXT4-fs error (device loop1): ext4_truncate:4208: inode #15: comm syz.1.1631: mark_inode_dirty error
[  123.863833][   T11] bridge_slave_1: left promiscuous mode
[  123.863977][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.888764][   T11] bridge_slave_0: left allmulticast mode
[  123.894531][   T11] bridge_slave_0: left promiscuous mode
[  123.900232][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.910530][ T8992] FAULT_INJECTION: forcing a failure.
[  123.910530][ T8992] name failslab, interval 1, probability 0, space 0, times 0
[  123.917596][ T8991] loop0: detected capacity change from 0 to 1024
[  123.923255][ T8992] CPU: 1 UID: 0 PID: 8992 Comm: syz.2.1636 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  123.940167][ T8992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  123.950275][ T8992] Call Trace:
[  123.953540][ T8992]  <TASK>
[  123.956481][ T8992]  dump_stack_lvl+0xf2/0x150
[  123.961066][ T8992]  dump_stack+0x15/0x20
[  123.965216][ T8992]  should_fail_ex+0x223/0x230
[  123.969941][ T8992]  ? __alloc_skb+0x10b/0x310
[  123.974541][ T8992]  should_failslab+0x8f/0xb0
[  123.979275][ T8992]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  123.985167][ T8992]  __alloc_skb+0x10b/0x310
[  123.989577][ T8992]  alloc_skb_with_frags+0x80/0x450
[  123.994778][ T8992]  sock_alloc_send_pskb+0x435/0x4f0
[  123.999979][ T8992]  ? unwind_next_frame+0xa19/0xc80
[  124.005117][ T8992]  ? arch_stack_walk+0xe5/0x150
[  124.010035][ T8992]  __ip6_append_data+0x178a/0x2170
[  124.015280][ T8992]  ? cgroup_rstat_updated+0x99/0x550
[  124.020576][ T8992]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  124.026135][ T8992]  ? __rcu_read_unlock+0x4e/0x70
[  124.031140][ T8992]  ? ip6_mtu+0xfb/0x120
[  124.035289][ T8992]  ? __pfx_ip6_mtu+0x10/0x10
[  124.039871][ T8992]  ip6_make_skb+0x28f/0x510
[  124.044374][ T8992]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  124.050000][ T8992]  udpv6_sendmsg+0x14ac/0x1590
[  124.055037][ T8992]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  124.060743][ T8992]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  124.065868][ T8992]  inet6_sendmsg+0xaf/0xd0
[  124.070300][ T8992]  __sock_sendmsg+0x8b/0x180
[  124.074974][ T8992]  ____sys_sendmsg+0x312/0x410
[  124.079761][ T8992]  __sys_sendmmsg+0x259/0x500
[  124.084455][ T8992]  __x64_sys_sendmmsg+0x57/0x70
[  124.089325][ T8992]  x64_sys_call+0xa49/0x2d60
[  124.093978][ T8992]  do_syscall_64+0xc9/0x1c0
[  124.098541][ T8992]  ? clear_bhb_loop+0x55/0xb0
[  124.103318][ T8992]  ? clear_bhb_loop+0x55/0xb0
[  124.108057][ T8992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.113993][ T8992] RIP: 0033:0x7f514d1cdff9
[  124.118481][ T8992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.138145][ T8992] RSP: 002b:00007f514be47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  124.146631][ T8992] RAX: ffffffffffffffda RBX: 00007f514d385f80 RCX: 00007f514d1cdff9
[  124.154680][ T8992] RDX: 0400000000000172 RSI: 0000000020003cc0 RDI: 0000000000000004
[  124.162667][ T8992] RBP: 00007f514be47090 R08: 0000000000000000 R09: 0000000000000000
[  124.170716][ T8992] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[  124.178740][ T8992] R13: 0000000000000000 R14: 00007f514d385f80 R15: 00007ffd88c74138
[  124.186806][ T8992]  </TASK>
[  124.191239][ T8979] EXT4-fs error (device loop1) in ext4_setattr:5523: Corrupt filesystem
[  124.200669][ T8991] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  124.222767][ T8995] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  124.234776][ T8991] xt_TPROXY: Can be used only with -p tcp or -p udp
[  124.327861][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  124.339502][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  124.350151][   T11] bond0 (unregistering): Released all slaves
[  124.359558][ T8918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  124.370557][ T8997] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1637'.
[  124.379475][ T8997] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1637'.
[  124.391254][   T11] tipc: Disabling bearer <udp:s>
[  124.396475][   T11] tipc: Left network mode
[  124.403975][ T8918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  124.464023][ T9009] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1642'.
[  124.483267][ T9013] loop0: detected capacity change from 0 to 512
[  124.489945][ T9013] EXT4-fs: Ignoring removed oldalloc option
[  124.520742][ T9027] loop1: detected capacity change from 0 to 512
[  124.535876][ T9013] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1644: Parent and EA inode have the same ino 15
[  124.562268][ T9013] EXT4-fs (loop0): 1 orphan inode deleted
[  124.562467][   T11] hsr_slave_0: left promiscuous mode
[  124.582444][   T11] hsr_slave_1: left promiscuous mode
[  124.590182][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.597794][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  124.606914][ T9027] ext4 filesystem being mounted at /61/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  124.638074][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.645534][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  124.654529][   T11] veth1_macvtap: left promiscuous mode
[  124.660178][   T11] veth0_macvtap: left promiscuous mode
[  124.666015][   T11] veth1_vlan: left promiscuous mode
[  124.671351][   T11] veth0_vlan: left promiscuous mode
[  124.705865][ T9045] loop0: detected capacity change from 0 to 1024
[  124.743355][ T9045] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  124.763333][ T9050] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  124.767609][ T9045] xt_TPROXY: Can be used only with -p tcp or -p udp
[  124.857002][ T9032] bond1: entered promiscuous mode
[  124.862042][ T9032] bond1: entered allmulticast mode
[  124.867597][ T9032] 8021q: adding VLAN 0 to HW filter on device bond1
[  124.878407][ T9032] bond1 (unregistering): Released all slaves
[  124.887677][ T9017] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  124.901408][ T8918] team0: Port device team_slave_0 added
[  124.909008][ T8918] team0: Port device team_slave_1 added
[  124.968248][ T8918] batman_adv: batadv0: Adding interface: batadv_slave_0
[  124.975326][ T8918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.001422][ T8918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  125.037697][ T8918] batman_adv: batadv0: Adding interface: batadv_slave_1
[  125.043665][ T9063] loop4: detected capacity change from 0 to 512
[  125.044780][ T8918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.067090][ T9063] EXT4-fs: Ignoring removed oldalloc option
[  125.078009][ T8918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  125.113693][ T9072] loop2: detected capacity change from 0 to 512
[  125.130665][ T9072] EXT4-fs: Ignoring removed oldalloc option
[  125.137505][ T9062] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1657'.
[  125.160111][ T9063] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1658: Parent and EA inode have the same ino 15
[  125.187769][ T9072] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1659: Parent and EA inode have the same ino 15
[  125.204336][ T9063] EXT4-fs (loop4): 1 orphan inode deleted
[  125.210810][ T9063] EXT4-fs mount: 161 callbacks suppressed
[  125.210863][ T9063] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.215744][ T9072] EXT4-fs (loop2): 1 orphan inode deleted
[  125.260926][ T8918] hsr_slave_0: entered promiscuous mode
[  125.276283][ T8918] hsr_slave_1: entered promiscuous mode
[  125.286188][ T9083] loop0: detected capacity change from 0 to 256
[  125.288850][ T9072] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.351776][ T8273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.390783][ T9090] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  125.401585][ T9083] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  125.406588][ T9063] xt_TPROXY: Can be used only with -p tcp or -p udp
[  125.430192][ T5714] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.441314][ T9083] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  125.490285][ T9097] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  125.498891][ T9103] loop4: detected capacity change from 0 to 1024
[  125.507848][ T9083] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  125.527300][ T9099] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  125.582266][ T9121] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1670'.
[  125.591308][ T9123] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1669'.
[  125.605840][ T9121] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1670'.
[  125.653232][ T9129] loop4: detected capacity change from 0 to 512
[  125.661509][ T9129] EXT4-fs: Ignoring removed oldalloc option
[  125.668751][ T9129] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1673: Parent and EA inode have the same ino 15
[  125.671751][ T9128] loop1: detected capacity change from 0 to 1024
[  125.683399][ T9129] EXT4-fs (loop4): 1 orphan inode deleted
[  125.693619][ T9129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.718290][ T9131] loop0: detected capacity change from 0 to 1024
[  125.758067][ T9131] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  125.780681][ T9129] xt_TPROXY: Can be used only with -p tcp or -p udp
[  125.783620][ T9131] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.803800][ T9131] xt_TPROXY: Can be used only with -p tcp or -p udp
[  125.822281][ T5714] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.835456][ T9142] loop2: detected capacity change from 0 to 512
[  125.847562][ T5872] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.874637][ T8918] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  125.884226][ T8918] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  125.893507][ T9128] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  125.906209][ T8918] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  125.921538][ T9142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.934214][ T8918] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  125.947106][ T9128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.957938][ T9142] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  125.982251][ T9128] xt_TPROXY: Can be used only with -p tcp or -p udp
[  125.985245][ T9159] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  126.015600][ T9165] loop0: detected capacity change from 0 to 2048
[  126.033533][ T8273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.035540][ T9169] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1681'.
[  126.059845][ T8918] 8021q: adding VLAN 0 to HW filter on device bond0
[  126.073982][ T8918] 8021q: adding VLAN 0 to HW filter on device team0
[  126.085029][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.092255][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.107608][ T7785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.120171][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.127268][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.133204][ T9165] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.185963][ T9165] FAULT_INJECTION: forcing a failure.
[  126.185963][ T9165] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.199210][ T9165] CPU: 1 UID: 0 PID: 9165 Comm: syz.0.1679 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  126.209999][ T9165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  126.220043][ T9165] Call Trace:
[  126.223344][ T9165]  <TASK>
[  126.226326][ T9165]  dump_stack_lvl+0xf2/0x150
[  126.230909][ T9165]  dump_stack+0x15/0x20
[  126.235054][ T9165]  should_fail_ex+0x223/0x230
[  126.239804][ T9165]  should_fail+0xb/0x10
[  126.244021][ T9165]  should_fail_usercopy+0x1a/0x20
[  126.249109][ T9165]  _copy_from_user+0x1e/0xd0
[  126.253688][ T9165]  memdup_user+0x64/0xc0
[  126.257927][ T9165]  strndup_user+0x68/0xa0
[  126.262316][ T9165]  __se_sys_mount+0x4e/0x2d0
[  126.266914][ T9165]  ? do_mkdirat+0x26b/0x2a0
[  126.271453][ T9165]  __x64_sys_mount+0x67/0x80
[  126.276117][ T9165]  x64_sys_call+0x203e/0x2d60
[  126.280789][ T9165]  do_syscall_64+0xc9/0x1c0
[  126.285344][ T9165]  ? clear_bhb_loop+0x55/0xb0
[  126.290029][ T9165]  ? clear_bhb_loop+0x55/0xb0
[  126.294772][ T9165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.300755][ T9165] RIP: 0033:0x7f28d7a5f79a
[  126.305162][ T9165] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.324798][ T9165] RSP: 002b:00007f28d66d6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  126.333214][ T9165] RAX: ffffffffffffffda RBX: 00007f28d66d6ef0 RCX: 00007f28d7a5f79a
[  126.341224][ T9165] RDX: 0000000020000180 RSI: 0000000020000100 RDI: 0000000000000000
[  126.349255][ T9165] RBP: 0000000020000180 R08: 00007f28d66d6ef0 R09: 00000000000000e1
[  126.357224][ T9165] R10: 00000000000000e1 R11: 0000000000000246 R12: 0000000020000100
[  126.365197][ T9165] R13: 00007f28d66d6eb0 R14: 0000000000000000 R15: 00000000200001c0
[  126.373227][ T9165]  </TASK>
[  126.441471][ T5872] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.461779][ T9190] loop1: detected capacity change from 0 to 512
[  126.476439][ T9190] EXT4-fs: Ignoring removed oldalloc option
[  126.514060][   T11] IPVS: stop unused estimator thread 0...
[  126.530675][ T9200] loop4: detected capacity change from 0 to 512
[  126.532512][ T8918] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.582176][ T9190] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.1683: Parent and EA inode have the same ino 15
[  126.597744][ T9190] EXT4-fs (loop1): 1 orphan inode deleted
[  126.600928][ T9200] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.604045][ T9190] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.616989][ T9200] ext4 filesystem being mounted at /301/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  126.641053][ T9213] tipc: Enabled bearer <udp:s>, priority 10
[  126.649313][ T7785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.656837][ T9211] loop0: detected capacity change from 0 to 512
[  126.664898][ T9211] EXT4-fs: Ignoring removed oldalloc option
[  126.672608][ T9211] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1686: Parent and EA inode have the same ino 15
[  126.690300][ T9211] EXT4-fs (loop0): 1 orphan inode deleted
[  126.703985][ T9223] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1692'.
[  126.744119][ T9211] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.759100][ T5714] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.804215][ T9229] loop2: detected capacity change from 0 to 4096
[  126.831955][ T8918] veth0_vlan: entered promiscuous mode
[  126.839080][ T9229] EXT4-fs: Ignoring removed nomblk_io_submit option
[  126.843779][ T9241] loop1: detected capacity change from 0 to 1024
[  126.856640][ T8918] veth1_vlan: entered promiscuous mode
[  126.867492][ T9241] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  126.885093][ T9229] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.908573][ T8918] veth0_macvtap: entered promiscuous mode
[  126.915818][ T9241] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.924513][ T8918] veth1_macvtap: entered promiscuous mode
[  126.939343][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.947563][ T9241] xt_TPROXY: Can be used only with -p tcp or -p udp
[  126.949837][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.949853][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.949868][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.949881][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.975043][ T9229] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1693: corrupted inode contents
[  126.976745][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.987244][ T9229] EXT4-fs error (device loop2): ext4_dirty_inode:5984: inode #15: comm syz.2.1693: mark_inode_dirty error
[  126.997057][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.997074][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.998131][ T8918] batman_adv: batadv0: Interface activated: batadv_slave_0
[  127.009583][ T7785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.019823][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.077353][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.082046][ T9229] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1693: corrupted inode contents
[  127.087333][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.087347][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.087359][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.087370][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.087383][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.129665][ T9229] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.1693: mark_inode_dirty error
[  127.129874][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.150251][ T9229] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1693: corrupted inode contents
[  127.168985][ T8918] batman_adv: batadv0: Interface activated: batadv_slave_1
[  127.191916][ T8918] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.200691][ T8918] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.209616][ T8918] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.218342][ T8918] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.227508][ T9229] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.1693: mark_inode_dirty error
[  127.243016][ T9250] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  127.260899][   T29] kauditd_printk_skb: 124 callbacks suppressed
[  127.260912][   T29] audit: type=1400 audit(1729788416.359:2821): avc:  denied  { mounton } for  pid=8918 comm="syz-executor" path="/root/syzkaller.BdFVVp/syz-tmp" dev="sda1" ino=1970 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  127.291580][   T29] audit: type=1400 audit(1729788416.359:2822): avc:  denied  { mount } for  pid=8918 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  127.327348][   T29] audit: type=1400 audit(1729788416.369:2823): avc:  denied  { mount } for  pid=8918 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  127.327515][ T9229] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1693: corrupted inode contents
[  127.349317][   T29] audit: type=1400 audit(1729788416.369:2824): avc:  denied  { mounton } for  pid=8918 comm="syz-executor" path="/root/syzkaller.BdFVVp/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  127.349466][   T29] audit: type=1400 audit(1729788416.369:2825): avc:  denied  { mounton } for  pid=8918 comm="syz-executor" path="/root/syzkaller.BdFVVp/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=25113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  127.415760][   T29] audit: type=1400 audit(1729788416.409:2826): avc:  denied  { mounton } for  pid=8918 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=454 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  127.446777][   T29] audit: type=1400 audit(1729788416.519:2827): avc:  denied  { write } for  pid=9255 comm="syz.4.1701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  127.464892][ T9229] EXT4-fs error (device loop2): ext4_truncate:4208: inode #15: comm syz.2.1693: mark_inode_dirty error
[  127.466275][   T29] audit: type=1400 audit(1729788416.519:2828): avc:  denied  { read } for  pid=9255 comm="syz.4.1701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  127.496564][   T29] audit: type=1400 audit(1729788416.539:2829): avc:  denied  { create } for  pid=9257 comm="syz.4.1702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  127.513670][ T9229] EXT4-fs error (device loop2) in ext4_setattr:5523: Corrupt filesystem
[  127.516099][   T29] audit: type=1400 audit(1729788416.539:2830): avc:  denied  { connect } for  pid=9257 comm="syz.4.1702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  127.520298][ T9261] netlink: 'syz.3.1609': attribute type 1 has an invalid length.
[  127.525210][ T5872] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.594163][ T9263] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  127.602355][ T8273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.612852][ T9265] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  127.674205][ T9275] loop0: detected capacity change from 0 to 1024
[  127.693176][ T9275] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  127.707881][ T9278] loop2: detected capacity change from 0 to 512
[  127.718176][ T9278] EXT4-fs: Ignoring removed oldalloc option
[  127.751012][ T9275] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.765158][ T3342] tipc: Node number set to 2886997162
[  127.773495][ T9278] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1709: Parent and EA inode have the same ino 15
[  127.788118][ T9275] tproxy_tg6_check: 1 callbacks suppressed
[  127.788132][ T9275] xt_TPROXY: Can be used only with -p tcp or -p udp
[  127.797566][ T9278] EXT4-fs (loop2): 1 orphan inode deleted
[  127.805561][ T9294] loop4: detected capacity change from 0 to 4096
[  127.814501][ T5872] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.819066][ T9294] EXT4-fs: Ignoring removed nomblk_io_submit option
[  127.838693][ T9278] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.852647][ T9298] netlink: 'syz.3.1718': attribute type 1 has an invalid length.
[  127.887336][ T9294] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.958890][ T9294] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1715: corrupted inode contents
[  128.012399][ T9294] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #15: comm syz.4.1715: mark_inode_dirty error
[  128.026624][ T9294] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1715: corrupted inode contents
[  128.083490][ T9294] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.1715: mark_inode_dirty error
[  128.100404][ T9278] xt_TPROXY: Can be used only with -p tcp or -p udp
[  128.101657][ T9308] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  128.129869][ T9294] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1715: corrupted inode contents
[  128.158040][ T8273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.169381][ T9294] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.1715: mark_inode_dirty error
[  128.196110][ T9294] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1715: corrupted inode contents
[  128.217840][ T9328] netlink: 'syz.1.1730': attribute type 1 has an invalid length.
[  128.230847][ T9294] EXT4-fs error (device loop4): ext4_truncate:4208: inode #15: comm syz.4.1715: mark_inode_dirty error
[  128.245966][ T9331] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  128.263186][ T9294] EXT4-fs error (device loop4) in ext4_setattr:5523: Corrupt filesystem
[  128.286828][ T5714] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.301141][ T9344] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  128.466537][ T9364] loop1: detected capacity change from 0 to 512
[  128.475624][ T9364] EXT4-fs: Ignoring removed oldalloc option
[  128.496517][ T9364] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.1738: Parent and EA inode have the same ino 15
[  128.520560][ T9364] EXT4-fs (loop1): 1 orphan inode deleted
[  128.553434][ T9364] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.585622][ T9375] netlink: 'syz.3.1743': attribute type 1 has an invalid length.
[  128.660381][ T9364] xt_TPROXY: Can be used only with -p tcp or -p udp
[  128.667926][ T9380] loop2: detected capacity change from 0 to 4096
[  128.674601][ T9380] EXT4-fs: Ignoring removed nomblk_io_submit option
[  128.688306][ T7785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.706742][ T9380] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.735773][ T9380] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1744: corrupted inode contents
[  128.751725][ T9380] EXT4-fs error (device loop2): ext4_dirty_inode:5984: inode #15: comm syz.2.1744: mark_inode_dirty error
[  128.802460][ T9380] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1744: corrupted inode contents
[  128.814585][ T9380] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.1744: mark_inode_dirty error
[  128.855708][ T9380] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1744: corrupted inode contents
[  128.862029][ T9395] __nla_validate_parse: 7 callbacks suppressed
[  128.862044][ T9395] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1749'.
[  128.883630][ T9380] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.1744: mark_inode_dirty error
[  128.888772][ T9395] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1749'.
[  128.941535][ T9380] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1744: corrupted inode contents
[  128.957955][ T9380] EXT4-fs error (device loop2): ext4_truncate:4208: inode #15: comm syz.2.1744: mark_inode_dirty error
[  128.990836][ T9380] EXT4-fs error (device loop2) in ext4_setattr:5523: Corrupt filesystem
[  129.017685][ T8273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.027110][ T9407] veth0_vlan: entered allmulticast mode
[  129.051232][ T9411] FAULT_INJECTION: forcing a failure.
[  129.051232][ T9411] name failslab, interval 1, probability 0, space 0, times 0
[  129.064028][ T9411] CPU: 1 UID: 0 PID: 9411 Comm: syz.3.1757 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  129.074711][ T9411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  129.084767][ T9411] Call Trace:
[  129.088075][ T9411]  <TASK>
[  129.091004][ T9411]  dump_stack_lvl+0xf2/0x150
[  129.095640][ T9411]  dump_stack+0x15/0x20
[  129.099796][ T9411]  should_fail_ex+0x223/0x230
[  129.104565][ T9411]  ? io_ring_ctx_alloc+0x38/0xd90
[  129.109639][ T9411]  should_failslab+0x8f/0xb0
[  129.114243][ T9411]  __kmalloc_cache_noprof+0x4b/0x2a0
[  129.119544][ T9411]  io_ring_ctx_alloc+0x38/0xd90
[  129.124421][ T9411]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  129.130079][ T9411]  io_uring_create+0x1cf/0x940
[  129.134864][ T9411]  __se_sys_io_uring_setup+0x1d2/0x1e0
[  129.140412][ T9411]  __x64_sys_io_uring_setup+0x31/0x40
[  129.145789][ T9411]  x64_sys_call+0x1f7e/0x2d60
[  129.150482][ T9411]  do_syscall_64+0xc9/0x1c0
[  129.155002][ T9411]  ? clear_bhb_loop+0x55/0xb0
[  129.159739][ T9411]  ? clear_bhb_loop+0x55/0xb0
[  129.164476][ T9411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.170468][ T9411] RIP: 0033:0x7fac16b3dff9
[  129.173505][ T9413] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1758'.
[  129.174926][ T9411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.174946][ T9411] RSP: 002b:00007fac157b0fc8 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  129.174964][ T9411] RAX: ffffffffffffffda RBX: 00007fac16cf5f80 RCX: 00007fac16b3dff9
[  129.183835][ T9413] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1758'.
[  129.203393][ T9411] RDX: 0000000020000000 RSI: 0000000020000300 RDI: 0000000000001114
[  129.203412][ T9411] RBP: 0000000020000300 R08: 0000000000000000 R09: 0000000020000000
[  129.203424][ T9411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.203436][ T9411] R13: 0000000020000140 R14: 0000000000001114 R15: 0000000020000000
[  129.260671][ T9411]  </TASK>
[  129.349962][ T9426] loop0: detected capacity change from 0 to 512
[  129.360071][ T9424] loop2: detected capacity change from 0 to 512
[  129.369645][ T9424] EXT4-fs: Ignoring removed oldalloc option
[  129.380560][ T9424] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1761: Parent and EA inode have the same ino 15
[  129.390455][ T9428] loop1: detected capacity change from 0 to 1024
[  129.401035][ T9428] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  129.410289][ T9424] EXT4-fs (loop2): 1 orphan inode deleted
[  129.417197][ T9424] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.418352][ T9428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.448665][ T9426] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.450365][ T9428] xt_TPROXY: Can be used only with -p tcp or -p udp
[  129.490749][ T9426] ext4 filesystem being mounted at /286/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  129.542034][ T7785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.559487][ T9445] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1770'.
[  129.560277][ T9443] loop3: detected capacity change from 0 to 2048
[  129.568411][ T9445] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1770'.
[  129.577533][ T5872] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.628574][ T9424] xt_TPROXY: Can be used only with -p tcp or -p udp
[  129.656358][ T8273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.739166][ T9471] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  129.749851][ T9467] loop1: detected capacity change from 0 to 1024
[  129.779600][ T9467] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  129.796328][ T9476] loop4: detected capacity change from 0 to 512
[  129.807441][ T9467] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.842763][ T9481] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1782'.
[  129.843379][ T9483] loop0: detected capacity change from 0 to 164
[  129.851710][ T9481] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1782'.
[  129.852796][ T9467] xt_TPROXY: Can be used only with -p tcp or -p udp
[  129.879791][ T9476] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.897429][ T9476] ext4 filesystem being mounted at /321/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  129.908594][ T7785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.931972][ T9490] loop1: detected capacity change from 0 to 512
[  129.938744][ T9490] EXT4-fs: Ignoring removed oldalloc option
[  129.963993][ T9490] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.1784: Parent and EA inode have the same ino 15
[  129.977021][ T9490] EXT4-fs (loop1): 1 orphan inode deleted
[  129.978173][ T5714] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.983111][ T9490] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.067682][ T9490] xt_TPROXY: Can be used only with -p tcp or -p udp
[  130.075001][ T9494] loop2: detected capacity change from 0 to 2048
[  130.083287][ T7785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.169180][ T9494] loop2: detected capacity change from 0 to 164
[  130.195269][ T9515] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1796'.
[  130.204235][ T9515] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1796'.
[  130.238333][ T9518] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  130.260784][ T9520] loop3: detected capacity change from 0 to 1024
[  130.268167][ T9520] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  130.275354][ T9522] loop4: detected capacity change from 0 to 256
[  130.284626][ T9520] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.289899][ T9522] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  130.298067][ T9520] xt_TPROXY: Can be used only with -p tcp or -p udp
[  130.312644][ T9522] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  130.331507][ T8918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.337267][ T9522] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  130.372527][ T9526] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  130.382838][ T9528] loop3: detected capacity change from 0 to 512
[  130.391159][ T9528] EXT4-fs: Ignoring removed oldalloc option
[  130.400417][ T9528] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.1800: Parent and EA inode have the same ino 15
[  130.419116][ T9528] EXT4-fs (loop3): 1 orphan inode deleted
[  130.425619][ T9528] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.501890][ T9528] xt_TPROXY: Can be used only with -p tcp or -p udp
[  130.518046][ T8918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.627628][ T9554] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  130.634052][ T9556] loop3: detected capacity change from 0 to 256
[  130.661252][ T9556] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  130.683414][ T9556] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  130.700334][ T9560] loop4: detected capacity change from 0 to 4096
[  130.707028][ T9560] EXT4-fs: Ignoring removed nomblk_io_submit option
[  130.724300][ T9556] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  130.725415][ T9562] loop0: detected capacity change from 0 to 512
[  130.742299][ T9562] EXT4-fs: Ignoring removed oldalloc option
[  130.749390][ T9560] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.771501][ T9560] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1815: corrupted inode contents
[  130.772363][ T9562] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1816: Parent and EA inode have the same ino 15
[  130.783785][ T9560] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #15: comm syz.4.1815: mark_inode_dirty error
[  130.815475][ T9562] EXT4-fs (loop0): 1 orphan inode deleted
[  130.817781][ T9560] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1815: corrupted inode contents
[  130.821568][ T9562] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.843714][ T9560] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.1815: mark_inode_dirty error
[  130.883685][ T9560] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1815: corrupted inode contents
[  130.901910][ T9560] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.1815: mark_inode_dirty error
[  130.913925][ T9560] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.1815: corrupted inode contents
[  130.926839][ T9560] EXT4-fs error (device loop4): ext4_truncate:4208: inode #15: comm syz.4.1815: mark_inode_dirty error
[  130.938787][ T9560] EXT4-fs error (device loop4) in ext4_setattr:5523: Corrupt filesystem
[  130.986195][ T9562] xt_TPROXY: Can be used only with -p tcp or -p udp
[  131.007586][ T5714] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.017637][ T5872] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.047937][ T9578] tipc: Started in network mode
[  131.052872][ T9578] tipc: Node identity ac1414aa, cluster identity 4711
[  131.078499][ T9591] loop0: detected capacity change from 0 to 164
[  131.096569][ T9578] tipc: Enabled bearer <udp:s>, priority 10
[  131.106376][ T9588] loop4: detected capacity change from 0 to 2048
[  131.122182][ T9594] netlink: 'syz.2.1829': attribute type 1 has an invalid length.
[  131.155337][ T9597] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  131.172177][ T9588] loop4: detected capacity change from 0 to 164
[  131.197275][ T9604] loop2: detected capacity change from 0 to 512
[  131.203943][ T9604] EXT4-fs: Ignoring removed oldalloc option
[  131.234413][ T9604] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1834: Parent and EA inode have the same ino 15
[  131.249159][ T9611] loop1: detected capacity change from 0 to 1024
[  131.261801][ T9611] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  131.263081][ T9604] EXT4-fs (loop2): 1 orphan inode deleted
[  131.276791][ T9604] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.300667][ T9611] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.330294][ T7785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.361388][ T8273] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.403854][ T9620] netlink: 'syz.2.1840': attribute type 1 has an invalid length.
[  131.406312][ T9622] syz.3.1839[9622] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  131.411851][ T9622] syz.3.1839[9622] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  131.424247][ T9622] syz.3.1839[9622] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  131.465444][ T9631] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  131.491770][ T9633] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  131.653277][ T9642] loop3: detected capacity change from 0 to 512
[  131.659939][ T9642] EXT4-fs: Ignoring removed oldalloc option
[  131.668254][ T9642] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.1849: Parent and EA inode have the same ino 15
[  131.680909][ T9642] EXT4-fs (loop3): 1 orphan inode deleted
[  131.687034][ T9642] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.752764][ T8918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.871694][ T9649] netlink: 'syz.3.1852': attribute type 1 has an invalid length.
[  131.973148][ T9661] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  132.071911][ T9677] netlink: 'syz.3.1864': attribute type 1 has an invalid length.
[  132.173362][ T9685] loop4: detected capacity change from 0 to 2048
[  132.214600][ T9685] loop4: detected capacity change from 0 to 164
[  132.225145][ T3342] tipc: Node number set to 2886997162
[  132.298644][ T9703] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  132.329246][ T9709] netlink: 'syz.0.1879': attribute type 1 has an invalid length.
[  132.334057][ T9702] loop1: detected capacity change from 0 to 4096
[  132.354941][ T9702] EXT4-fs: Ignoring removed nomblk_io_submit option
[  132.392469][ T9702] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.411363][ T9702] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1875: corrupted inode contents
[  132.425684][ T9702] EXT4-fs error (device loop1): ext4_dirty_inode:5984: inode #15: comm syz.1.1875: mark_inode_dirty error
[  132.461917][ T9702] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1875: corrupted inode contents
[  132.475501][ T9721] loop3: detected capacity change from 0 to 512
[  132.520434][ T9702] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1875: mark_inode_dirty error
[  132.533565][ T9721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.548502][ T9702] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1875: corrupted inode contents
[  132.560856][ T9721] ext4 filesystem being mounted at /55/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  132.572261][ T9702] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.1875: mark_inode_dirty error
[  132.584505][ T9702] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.1875: corrupted inode contents
[  132.585342][ T8918] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.597567][ T9702] EXT4-fs error (device loop1): ext4_truncate:4208: inode #15: comm syz.1.1875: mark_inode_dirty error
[  132.622796][ T9702] EXT4-fs error (device loop1) in ext4_setattr:5523: Corrupt filesystem
[  132.665561][ T9735] netlink: 'syz.0.1891': attribute type 1 has an invalid length.
[  132.673184][ T9739] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  132.686595][ T7785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.811992][ T9757] loop1: detected capacity change from 0 to 256
[  132.831752][ T9757] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  132.852280][ T9757] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  132.861358][ T9760] loop2: detected capacity change from 0 to 1024
[  132.871888][ T9757] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  132.883930][ T9760] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  132.900759][ T9760] tproxy_tg6_check: 3 callbacks suppressed
[  132.900773][ T9760] xt_TPROXY: Can be used only with -p tcp or -p udp
[  132.917844][ T9767] netlink: 'syz.1.1905': attribute type 1 has an invalid length.
[  132.983108][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  132.983122][   T29] audit: type=1400 audit(1729788422.079:2950): avc:  denied  { name_connect } for  pid=9770 comm="syz.3.1908" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  133.041876][ T9781] loop0: detected capacity change from 0 to 2048
[  133.122338][ T9789] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  133.129589][ T9775] IPv6: sit1: Disabled Multicast RS
[  133.135186][   T29] audit: type=1400 audit(1729788422.219:2951): avc:  denied  { shutdown } for  pid=9770 comm="syz.3.1908" laddr=fe80::12 lport=34994 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  133.198677][ T9799] netlink: 'syz.0.1918': attribute type 1 has an invalid length.
[  133.225841][ T9801] FAULT_INJECTION: forcing a failure.
[  133.225841][ T9801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.239046][ T9801] CPU: 0 UID: 0 PID: 9801 Comm: syz.0.1919 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  133.249758][ T9801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  133.259875][ T9801] Call Trace:
[  133.263163][ T9801]  <TASK>
[  133.266138][ T9801]  dump_stack_lvl+0xf2/0x150
[  133.270737][ T9801]  dump_stack+0x15/0x20
[  133.270890][ T9805] loop4: detected capacity change from 0 to 512
[  133.274945][ T9801]  should_fail_ex+0x223/0x230
[  133.285930][ T9801]  should_fail+0xb/0x10
[  133.290176][ T9801]  should_fail_usercopy+0x1a/0x20
[  133.295263][ T9801]  _copy_from_user+0x1e/0xd0
[  133.299893][ T9801]  copy_msghdr_from_user+0x54/0x2a0
[  133.305150][ T9801]  __sys_sendmsg+0x171/0x270
[  133.309760][ T9801]  __x64_sys_sendmsg+0x46/0x50
[  133.314605][ T9801]  x64_sys_call+0x2689/0x2d60
[  133.319353][ T9801]  do_syscall_64+0xc9/0x1c0
[  133.323853][ T9801]  ? clear_bhb_loop+0x55/0xb0
[  133.328620][ T9801]  ? clear_bhb_loop+0x55/0xb0
[  133.333322][ T9801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.339229][ T9801] RIP: 0033:0x7f28d7a5dff9
[  133.343668][ T9801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.363267][ T9801] RSP: 002b:00007f28d66d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  133.371737][ T9801] RAX: ffffffffffffffda RBX: 00007f28d7c15f80 RCX: 00007f28d7a5dff9
[  133.379698][ T9801] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000005
[  133.387663][ T9801] RBP: 00007f28d66d7090 R08: 0000000000000000 R09: 0000000000000000
[  133.395691][ T9801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.403668][ T9801] R13: 0000000000000000 R14: 00007f28d7c15f80 R15: 00007ffdbd884278
[  133.411739][ T9801]  </TASK>
[  133.473750][ T9809] loop2: detected capacity change from 0 to 2048
[  133.486643][ T9805] ext4 filesystem being mounted at /347/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  133.542001][ T9822] loop0: detected capacity change from 0 to 1024
[  133.544225][ T9809] loop2: detected capacity change from 0 to 164
[  133.560533][ T9822] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  133.591167][ T9822] xt_TPROXY: Can be used only with -p tcp or -p udp
[  133.603092][ T9830] loop1: detected capacity change from 0 to 512
[  133.626764][ T9830] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.633190][ T9833] loop4: detected capacity change from 0 to 512
[  133.645848][ T9833] EXT4-fs: Ignoring removed oldalloc option
[  133.649996][ T9833] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1931: Parent and EA inode have the same ino 15
[  133.668685][ T9833] EXT4-fs (loop4): 1 orphan inode deleted
[  133.669568][ T9835] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  133.701046][   T29] audit: type=1400 audit(1729788422.799:2952): avc:  denied  { read write } for  pid=9829 comm="syz.1.1930" name="raw-gadget" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  133.702653][ T9842] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.727335][   T29] audit: type=1400 audit(1729788422.799:2953): avc:  denied  { open } for  pid=9829 comm="syz.1.1930" path="/dev/raw-gadget" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  133.757164][   T29] audit: type=1400 audit(1729788422.799:2954): avc:  denied  { ioctl } for  pid=9829 comm="syz.1.1930" path="/dev/raw-gadget" dev="devtmpfs" ino=118 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  133.758154][ T9842] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.818515][   T29] audit: type=1400 audit(1729788422.919:2955): avc:  denied  { read } for  pid=2952 comm="acpid" name="mouse(" dev="devtmpfs" ino=1166 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  133.825842][ T9847] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  133.842431][   T29] audit: type=1400 audit(1729788422.919:2956): avc:  denied  { open } for  pid=2952 comm="acpid" path="/dev/input/mouse(" dev="devtmpfs" ino=1166 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  133.870757][   T29] audit: type=1400 audit(1729788422.919:2957): avc:  denied  { ioctl } for  pid=2952 comm="acpid" path="/dev/input/mouse(" dev="devtmpfs" ino=1166 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  133.902634][   T29] audit: type=1400 audit(1729788422.999:2958): avc:  denied  { read write } for  pid=9844 comm="syz.4.1934" name="uhid" dev="devtmpfs" ino=228 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  133.926106][   T29] audit: type=1400 audit(1729788422.999:2959): avc:  denied  { open } for  pid=9844 comm="syz.4.1934" path="/dev/uhid" dev="devtmpfs" ino=228 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  133.988096][ T9858] loop4: detected capacity change from 0 to 2048
[  134.000004][ T9858] loop4: detected capacity change from 0 to 164
[  134.048522][ T9865] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  134.076057][ T9868] loop3: detected capacity change from 0 to 512
[  134.108091][ T9868] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  134.197488][ T9879] loop0: detected capacity change from 0 to 256
[  134.210536][ T9879] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  134.221235][ T9879] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  134.232961][ T9879] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  134.256340][ T9883] __nla_validate_parse: 11 callbacks suppressed
[  134.256373][ T9883] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1947'.
[  134.290369][ T9886] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  134.323097][ T9892] netlink: 'syz.0.1951': attribute type 1 has an invalid length.
[  134.372230][ T9896] loop0: detected capacity change from 0 to 512
[  134.396630][ T9896] ext4 filesystem being mounted at /329/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  134.430224][ T9900] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  134.539260][ T9913] loop3: detected capacity change from 0 to 2048
[  134.553315][ T9913] loop3: detected capacity change from 0 to 164
[  134.583360][ T9920] netlink: 'syz.2.1962': attribute type 1 has an invalid length.
[  134.600924][ T9922] FAULT_INJECTION: forcing a failure.
[  134.600924][ T9922] name failslab, interval 1, probability 0, space 0, times 0
[  134.613608][ T9922] CPU: 1 UID: 0 PID: 9922 Comm: syz.0.1963 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  134.624432][ T9922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  134.634490][ T9922] Call Trace:
[  134.634594][ T9924] loop2: detected capacity change from 0 to 4096
[  134.637759][ T9922]  <TASK>
[  134.637790][ T9922]  dump_stack_lvl+0xf2/0x150
[  134.651210][ T9924] EXT4-fs: Ignoring removed nomblk_io_submit option
[  134.651564][ T9922]  dump_stack+0x15/0x20
[  134.662503][ T9922]  should_fail_ex+0x223/0x230
[  134.667201][ T9922]  ? __alloc_skb+0x10b/0x310
[  134.671877][ T9922]  should_failslab+0x8f/0xb0
[  134.676535][ T9922]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  134.682419][ T9922]  __alloc_skb+0x10b/0x310
[  134.686890][ T9922]  audit_log_start+0x368/0x6b0
[  134.691650][ T9922]  audit_seccomp+0x4b/0x130
[  134.696147][ T9922]  __seccomp_filter+0x6fa/0x1180
[  134.701078][ T9922]  ? proc_fail_nth_write+0x12a/0x150
[  134.706413][ T9922]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  134.712099][ T9922]  ? vfs_write+0x580/0x910
[  134.716527][ T9922]  ? __fget_files+0x1d4/0x210
[  134.721230][ T9922]  __secure_computing+0x9f/0x1c0
[  134.726167][ T9922]  syscall_trace_enter+0xd1/0x1f0
[  134.731187][ T9922]  ? fpregs_assert_state_consistent+0x83/0xa0
[  134.737256][ T9922]  do_syscall_64+0xaa/0x1c0
[  134.741756][ T9922]  ? clear_bhb_loop+0x55/0xb0
[  134.746566][ T9922]  ? clear_bhb_loop+0x55/0xb0
[  134.751303][ T9922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.757193][ T9922] RIP: 0033:0x7f28d7a5dff9
[  134.761614][ T9922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.781374][ T9922] RSP: 002b:00007f28d66d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000033
[  134.789853][ T9922] RAX: ffffffffffffffda RBX: 00007f28d7c15f80 RCX: 00007f28d7a5dff9
[  134.797811][ T9922] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  134.805770][ T9922] RBP: 00007f28d66d7090 R08: 0000000000000000 R09: 0000000000000000
[  134.813800][ T9922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.821819][ T9922] R13: 0000000000000000 R14: 00007f28d7c15f80 R15: 00007ffdbd884278
[  134.829787][ T9922]  </TASK>
[  134.844066][ T9924] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1964: corrupted inode contents
[  134.867836][ T9924] EXT4-fs error (device loop2): ext4_dirty_inode:5984: inode #15: comm syz.2.1964: mark_inode_dirty error
[  134.890865][ T9932] netlink: 'syz.0.1966': attribute type 1 has an invalid length.
[  134.900768][ T9924] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1964: corrupted inode contents
[  134.920027][ T9934] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  134.927477][ T9924] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.1964: mark_inode_dirty error
[  134.941980][ T9924] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1964: corrupted inode contents
[  134.954224][ T9924] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.1964: mark_inode_dirty error
[  134.968233][ T9924] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.1964: corrupted inode contents
[  134.981345][ T9924] EXT4-fs error (device loop2): ext4_truncate:4208: inode #15: comm syz.2.1964: mark_inode_dirty error
[  134.993241][ T9924] EXT4-fs error (device loop2) in ext4_setattr:5523: Corrupt filesystem
[  135.137160][ T9953] loop2: detected capacity change from 0 to 2048
[  135.156761][ T9953] loop2: detected capacity change from 0 to 164
[  135.217913][ T9961] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  135.258728][ T9964] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  135.310359][ T9970] netlink: 'syz.4.1984': attribute type 1 has an invalid length.
[  135.333118][ T9972] loop4: detected capacity change from 0 to 512
[  135.339692][ T9972] EXT4-fs: Ignoring removed oldalloc option
[  135.347441][ T9972] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1985: Parent and EA inode have the same ino 15
[  135.360330][ T9972] EXT4-fs (loop4): 1 orphan inode deleted
[  135.470863][ T9985] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1990'.
[  135.476256][ T9983] loop3: detected capacity change from 0 to 1024
[  135.486951][ T9983] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  135.499495][ T9983] xt_TPROXY: Can be used only with -p tcp or -p udp
[  135.520673][ T9990] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  135.537958][ T9992] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  135.570194][ T9996] loop4: detected capacity change from 0 to 512
[  135.579866][ T9996] EXT4-fs: Ignoring removed oldalloc option
[  135.583459][ T9998] netlink: 'syz.3.1996': attribute type 1 has an invalid length.
[  135.596107][ T9996] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1995: Parent and EA inode have the same ino 15
[  135.609775][ T9996] EXT4-fs (loop4): 1 orphan inode deleted
[  135.678653][ T9996] xt_TPROXY: Can be used only with -p tcp or -p udp
[  135.732676][T10014] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2001'.
[  135.785000][T10018] loop4: detected capacity change from 0 to 1024
[  135.789019][T10020] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  135.820126][T10018] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  135.830975][T10018] xt_TPROXY: Can be used only with -p tcp or -p udp
[  135.847559][T10022] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  135.878975][T10025] loop4: detected capacity change from 0 to 4096
[  135.888604][T10025] EXT4-fs: Ignoring removed nomblk_io_submit option
[  135.896428][T10027] netlink: 'syz.3.2008': attribute type 1 has an invalid length.
[  135.921059][T10025] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2007: corrupted inode contents
[  135.938805][T10025] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #15: comm syz.4.2007: mark_inode_dirty error
[  135.944862][T10032] loop3: detected capacity change from 0 to 512
[  135.958768][T10025] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2007: corrupted inode contents
[  135.977391][T10032] EXT4-fs: Ignoring removed oldalloc option
[  135.983477][T10025] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.2007: mark_inode_dirty error
[  135.996545][T10025] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2007: corrupted inode contents
[  136.017083][T10041] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2014'.
[  136.026672][T10032] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.2010: Parent and EA inode have the same ino 15
[  136.028362][T10025] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.2007: mark_inode_dirty error
[  136.042271][T10032] EXT4-fs (loop3): 1 orphan inode deleted
[  136.057443][T10025] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2007: corrupted inode contents
[  136.082759][T10025] EXT4-fs error (device loop4): ext4_truncate:4208: inode #15: comm syz.4.2007: mark_inode_dirty error
[  136.121845][T10047] loop2: detected capacity change from 0 to 2048
[  136.122514][T10025] EXT4-fs error (device loop4) in ext4_setattr:5523: Corrupt filesystem
[  136.170555][T10047] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  136.187945][T10047] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 22 with error 28
[  136.200341][T10047] EXT4-fs (loop2): This should not happen!! Data will be lost
[  136.200341][T10047] 
[  136.210060][T10047] EXT4-fs (loop2): Total free blocks count 0
[  136.216178][T10047] EXT4-fs (loop2): Free/Dirty block details
[  136.222121][T10047] EXT4-fs (loop2): free_blocks=2415919104
[  136.227946][T10047] EXT4-fs (loop2): dirty_blocks=32
[  136.233062][T10047] EXT4-fs (loop2): Block reservation details
[  136.239099][T10047] EXT4-fs (loop2): i_reserved_data_blocks=2
[  136.258248][T10032] xt_TPROXY: Can be used only with -p tcp or -p udp
[  136.290061][T10058] loop0: detected capacity change from 0 to 1024
[  136.318300][T10058] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.340377][T10061] loop3: detected capacity change from 0 to 2048
[  136.341642][T10058] netlink: 'syz.0.2021': attribute type 10 has an invalid length.
[  136.359705][T10061] loop3: detected capacity change from 0 to 164
[  136.394457][T10058] team0: Failed to send options change via netlink (err -105)
[  136.401992][T10058] team0: Port device netdevsim1 added
[  136.409593][   T50] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  136.420078][   T11] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  136.432325][   T11] EXT4-fs (loop2): This should not happen!! Data will be lost
[  136.432325][   T11] 
[  136.444438][T10066] team0: Failed to send options change via netlink (err -105)
[  136.453339][T10066] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  136.463085][T10066] team0: Port device netdevsim1 removed
[  136.478983][T10066] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  136.490871][T10072] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2024'.
[  136.509301][T10074] loop4: detected capacity change from 0 to 512
[  136.515181][T10072] pimreg: entered allmulticast mode
[  136.521564][T10072] pimreg: left allmulticast mode
[  136.529389][T10074] ext4 filesystem being mounted at /377/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  136.548552][T10078] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2027'.
[  136.569748][T10080] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  136.612158][T10088] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2032'.
[  136.739048][T10100] loop4: detected capacity change from 0 to 1024
[  136.747682][T10100] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  136.760068][T10100] xt_TPROXY: Can be used only with -p tcp or -p udp
[  136.785240][T10106] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2039'.
[  136.801413][T10108] loop2: detected capacity change from 0 to 512
[  136.809362][T10108] EXT4-fs: Ignoring removed oldalloc option
[  136.832715][T10108] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.2040: Parent and EA inode have the same ino 15
[  136.859240][T10108] EXT4-fs (loop2): 1 orphan inode deleted
[  136.897452][T10117] loop0: detected capacity change from 0 to 4096
[  136.917319][T10117] EXT4-fs: Ignoring removed nomblk_io_submit option
[  136.938077][T10122] FAULT_INJECTION: forcing a failure.
[  136.938077][T10122] name failslab, interval 1, probability 0, space 0, times 0
[  136.950820][T10122] CPU: 0 UID: 0 PID: 10122 Comm: syz.4.2046 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  136.961606][T10122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  136.964603][T10117] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2043: corrupted inode contents
[  136.971656][T10122] Call Trace:
[  136.971669][T10122]  <TASK>
[  136.971677][T10122]  dump_stack_lvl+0xf2/0x150
[  136.983823][T10117] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #15: comm syz.0.2043: mark_inode_dirty error
[  136.986771][T10122]  dump_stack+0x15/0x20
[  136.986792][T10122]  should_fail_ex+0x223/0x230
[  136.989946][T10117] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2043: corrupted inode contents
[  136.994278][T10122]  ? sel_netport_sid+0x1e0/0x420
[  137.005788][T10117] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #15: comm syz.0.2043: mark_inode_dirty error
[  137.009670][T10122]  should_failslab+0x8f/0xb0
[  137.009694][T10122]  __kmalloc_cache_noprof+0x4b/0x2a0
[  137.014559][T10117] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2043: corrupted inode contents
[  137.026103][T10122]  sel_netport_sid+0x1e0/0x420
[  137.026134][T10122]  selinux_socket_connect_helper+0x37c/0x4b0
[  137.026158][T10122]  selinux_socket_connect+0x31/0x70
[  137.031453][T10117] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #15: comm syz.0.2043: mark_inode_dirty error
[  137.042252][T10122]  security_socket_connect+0x47/0x80
[  137.047123][T10117] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2043: corrupted inode contents
[  137.052210][T10122]  __sys_connect+0x12f/0x1b0
[  137.064654][T10117] EXT4-fs error (device loop0): ext4_truncate:4208: inode #15: comm syz.0.2043: mark_inode_dirty error
[  137.068867][T10122]  __x64_sys_connect+0x41/0x50
[  137.068898][T10122]  x64_sys_call+0x2220/0x2d60
[  137.075300][T10117] EXT4-fs error (device loop0) in ext4_setattr:5523: Corrupt filesystem
[  137.080101][T10122]  do_syscall_64+0xc9/0x1c0
[  137.080125][T10122]  ? clear_bhb_loop+0x55/0xb0
[  137.080153][T10122]  ? clear_bhb_loop+0x55/0xb0
[  137.117455][T10126] loop2: detected capacity change from 0 to 128
[  137.124053][T10122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.130150][T10126] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978)
[  137.133581][T10122] RIP: 0033:0x7f53aa5adff9
[  137.152848][T10125] bond_slave_0: entered promiscuous mode
[  137.155640][T10122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.155661][T10122] RSP: 002b:00007f53a9227038 EFLAGS: 00000246
[  137.161917][T10125] bond_slave_1: entered promiscuous mode
[  137.167740][T10122]  ORIG_RAX: 000000000000002a
[  137.167748][T10122] RAX: ffffffffffffffda RBX: 00007f53aa765f80 RCX: 00007f53aa5adff9
[  137.167761][T10122] RDX: 0000000000000010 RSI: 00000000200000c0 RDI: 0000000000000003
[  137.167774][T10122] RBP: 00007f53a9227090 R08: 0000000000000000 R09: 0000000000000000
[  137.178175][T10125] macsec1: entered promiscuous mode
[  137.181803][T10122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.181819][T10122] R13: 0000000000000000 R14: 00007f53aa765f80 R15: 00007ffc11c56598
[  137.187447][T10125] bond0: entered promiscuous mode
[  137.207008][T10122]  </TASK>
[  137.278030][T10125] macsec1: entered allmulticast mode
[  137.283299][T10125] bond0: entered allmulticast mode
[  137.288418][T10125] bond_slave_0: entered allmulticast mode
[  137.294148][T10125] bond_slave_1: entered allmulticast mode
[  137.319450][T10125] bond0: left allmulticast mode
[  137.324354][T10125] bond_slave_0: left allmulticast mode
[  137.329951][T10125] bond_slave_1: left allmulticast mode
[  137.335553][T10125] bond0: left promiscuous mode
[  137.340873][T10125] bond_slave_0: left promiscuous mode
[  137.346368][T10125] bond_slave_1: left promiscuous mode
[  137.379657][T10138] loop0: detected capacity change from 0 to 1024
[  137.387620][T10138] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  137.398920][T10138] xt_TPROXY: Can be used only with -p tcp or -p udp
[  137.524417][T10151] loop3: detected capacity change from 0 to 512
[  137.531695][T10151] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  137.540935][T10151] EXT4-fs (loop3): #clusters per group too big: 2130739200
[  137.606386][T10151] net_ratelimit: 11 callbacks suppressed
[  137.606401][T10151] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  137.618519][T10151] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  137.641070][T10155] loop3: detected capacity change from 0 to 512
[  137.648767][T10155] EXT4-fs: Ignoring removed oldalloc option
[  137.654904][T10152] FAULT_INJECTION: forcing a failure.
[  137.654904][T10152] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.662093][T10155] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.2056: Parent and EA inode have the same ino 15
[  137.668096][T10152] CPU: 1 UID: 0 PID: 10152 Comm: syz.0.2054 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  137.682256][T10155] EXT4-fs (loop3): 1 orphan inode deleted
[  137.691071][T10152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  137.691086][T10152] Call Trace:
[  137.710154][T10152]  <TASK>
[  137.713083][T10152]  dump_stack_lvl+0xf2/0x150
[  137.717721][T10152]  dump_stack+0x15/0x20
[  137.721943][T10152]  should_fail_ex+0x223/0x230
[  137.726611][T10152]  should_fail+0xb/0x10
[  137.730848][T10152]  should_fail_usercopy+0x1a/0x20
[  137.735882][T10152]  _copy_to_user+0x1e/0xa0
[  137.740370][T10152]  simple_read_from_buffer+0xa0/0x110
[  137.745823][T10152]  proc_fail_nth_read+0xf9/0x140
[  137.750835][T10152]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.756367][T10152]  vfs_read+0x195/0x720
[  137.760531][T10152]  ? __rcu_read_unlock+0x4e/0x70
[  137.765456][T10152]  ? __fget_files+0x1d4/0x210
[  137.770120][T10152]  ksys_read+0xeb/0x1b0
[  137.774314][T10152]  __x64_sys_read+0x42/0x50
[  137.778899][T10152]  x64_sys_call+0x27d3/0x2d60
[  137.783621][T10152]  do_syscall_64+0xc9/0x1c0
[  137.788164][T10152]  ? clear_bhb_loop+0x55/0xb0
[  137.791137][T10158] program syz.4.2058 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  137.792923][T10152]  ? clear_bhb_loop+0x55/0xb0
[  137.806718][T10152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.812660][T10152] RIP: 0033:0x7f28d7a5ca3c
[  137.817060][T10152] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  137.836653][T10152] RSP: 002b:00007f28d66b6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  137.845086][T10152] RAX: ffffffffffffffda RBX: 00007f28d7c16058 RCX: 00007f28d7a5ca3c
[  137.853109][T10152] RDX: 000000000000000f RSI: 00007f28d66b60a0 RDI: 0000000000000004
[  137.861083][T10152] RBP: 00007f28d66b6090 R08: 0000000000000000 R09: 0000000000000000
[  137.869060][T10152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.877018][T10152] R13: 0000000000000001 R14: 00007f28d7c16058 R15: 00007ffdbd884278
[  137.885217][T10152]  </TASK>
[  137.900740][T10158] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  137.930317][T10164] loop0: detected capacity change from 0 to 2048
[  137.945784][T10166] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2060'.
[  137.953181][T10164] loop0: detected capacity change from 0 to 164
[  137.975811][T10168] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  138.055672][T10173] FAULT_INJECTION: forcing a failure.
[  138.055672][T10173] name failslab, interval 1, probability 0, space 0, times 0
[  138.068325][T10173] CPU: 1 UID: 0 PID: 10173 Comm: syz.4.2063 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  138.079102][T10173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  138.089300][T10173] Call Trace:
[  138.092569][T10173]  <TASK>
[  138.095499][T10173]  dump_stack_lvl+0xf2/0x150
[  138.100166][T10173]  dump_stack+0x15/0x20
[  138.104447][T10173]  should_fail_ex+0x223/0x230
[  138.109199][T10173]  ? getname_flags+0x81/0x3b0
[  138.113927][T10173]  should_failslab+0x8f/0xb0
[  138.118662][T10173]  kmem_cache_alloc_noprof+0x4c/0x290
[  138.124042][T10173]  getname_flags+0x81/0x3b0
[  138.128545][T10173]  __x64_sys_link+0x33/0x70
[  138.133057][T10173]  x64_sys_call+0x22a2/0x2d60
[  138.137734][T10173]  do_syscall_64+0xc9/0x1c0
[  138.142231][T10173]  ? clear_bhb_loop+0x55/0xb0
[  138.146980][T10173]  ? clear_bhb_loop+0x55/0xb0
[  138.151797][T10173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.157739][T10173] RIP: 0033:0x7f53aa5adff9
[  138.162297][T10173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.181935][T10173] RSP: 002b:00007f53a9227038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  138.190409][T10173] RAX: ffffffffffffffda RBX: 00007f53aa765f80 RCX: 00007f53aa5adff9
[  138.198371][T10173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000040
[  138.206329][T10173] RBP: 00007f53a9227090 R08: 0000000000000000 R09: 0000000000000000
[  138.214364][T10173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.222332][T10173] R13: 0000000000000000 R14: 00007f53aa765f80 R15: 00007ffc11c56598
[  138.230340][T10173]  </TASK>
[  138.299748][T10184] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  138.346417][T10188] validate_nla: 1 callbacks suppressed
[  138.346521][T10188] netlink: 'syz.4.2070': attribute type 3 has an invalid length.
[  138.373358][   T29] kauditd_printk_skb: 70 callbacks suppressed
[  138.373373][   T29] audit: type=1400 audit(1729788427.469:3028): avc:  denied  { recv } for  pid=10189 comm="syz.3.2071" saddr=10.128.0.163 src=30030 daddr=10.128.1.47 dest=43752 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  138.411356][   T29] audit: type=1400 audit(1729788427.509:3029): avc:  denied  { ioctl } for  pid=10189 comm="syz.3.2071" path="socket:[27435]" dev="sockfs" ino=27435 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  138.442075][T10192] loop4: detected capacity change from 0 to 512
[  138.463898][T10192] EXT4-fs: Ignoring removed oldalloc option
[  138.504225][T10192] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.2072: Parent and EA inode have the same ino 15
[  138.521704][   T29] audit: type=1400 audit(1729788427.599:3030): avc:  denied  { egress } for  pid=15 comm="ksoftirqd/0" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  138.538642][T10203] loop3: detected capacity change from 0 to 4096
[  138.545290][   T29] audit: type=1400 audit(1729788427.599:3031): avc:  denied  { sendto } for  pid=15 comm="ksoftirqd/0" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  138.554843][T10203] EXT4-fs: Ignoring removed nomblk_io_submit option
[  138.586052][T10192] EXT4-fs (loop4): 1 orphan inode deleted
[  138.600048][T10203] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #15: comm syz.3.2073: corrupted inode contents
[  138.635032][T10203] EXT4-fs error (device loop3): ext4_dirty_inode:5984: inode #15: comm syz.3.2073: mark_inode_dirty error
[  138.667773][T10203] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #15: comm syz.3.2073: corrupted inode contents
[  138.683480][T10192] xt_TPROXY: Can be used only with -p tcp or -p udp
[  138.688785][T10203] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.2073: mark_inode_dirty error
[  138.705065][T10203] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #15: comm syz.3.2073: corrupted inode contents
[  138.718373][T10203] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.2073: mark_inode_dirty error
[  138.729923][T10203] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #15: comm syz.3.2073: corrupted inode contents
[  138.742067][T10203] EXT4-fs error (device loop3): ext4_truncate:4208: inode #15: comm syz.3.2073: mark_inode_dirty error
[  138.758601][T10203] EXT4-fs error (device loop3) in ext4_setattr:5523: Corrupt filesystem
[  138.774468][T10223] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  138.807162][T10227] loop0: detected capacity change from 0 to 256
[  138.831425][T10227] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  138.867430][T10234] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  138.883430][T10237] loop4: detected capacity change from 0 to 1024
[  138.901487][T10237] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  138.942143][T10237] xt_TPROXY: Can be used only with -p tcp or -p udp
[  138.968962][T10249] loop3: detected capacity change from 0 to 512
[  138.979013][T10249] EXT4-fs: Ignoring removed oldalloc option
[  138.987119][T10249] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.2084: Parent and EA inode have the same ino 15
[  139.002375][T10249] EXT4-fs (loop3): 1 orphan inode deleted
[  139.016603][T10254] loop0: detected capacity change from 0 to 1024
[  139.037116][T10254] ext4 filesystem being mounted at /369/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.059493][T10254] netlink: 'syz.0.2087': attribute type 10 has an invalid length.
[  139.072546][T10254] bond0: (slave netdevsim1): Releasing backup interface
[  139.078905][T10261] loop3: detected capacity change from 0 to 2048
[  139.087634][T10254] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  139.108756][T10263] loop4: detected capacity change from 0 to 4096
[  139.115551][T10263] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.118990][T10254] team0: Failed to send options change via netlink (err -105)
[  139.129849][T10254] team0: Port device netdevsim1 added
[  139.136734][T10264] netlink: 'syz.0.2087': attribute type 10 has an invalid length.
[  139.147164][T10264] team0: Failed to send options change via netlink (err -105)
[  139.153575][T10263] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2089: corrupted inode contents
[  139.154670][T10264] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  139.168155][T10263] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #15: comm syz.4.2089: mark_inode_dirty error
[  139.179077][T10264] team0: Port device netdevsim1 removed
[  139.188400][T10263] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2089: corrupted inode contents
[  139.194749][T10264] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  139.214493][T10263] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.2089: mark_inode_dirty error
[  139.224216][T10268] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  139.241666][T10263] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2089: corrupted inode contents
[  139.261738][T10263] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.2089: mark_inode_dirty error
[  139.274015][T10263] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2089: corrupted inode contents
[  139.287030][T10263] EXT4-fs error (device loop4): ext4_truncate:4208: inode #15: comm syz.4.2089: mark_inode_dirty error
[  139.290618][T10272] loop0: detected capacity change from 0 to 256
[  139.299797][T10263] EXT4-fs error (device loop4) in ext4_setattr:5523: Corrupt filesystem
[  139.331688][T10272] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  139.332295][T10276] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  139.374662][T10280] loop0: detected capacity change from 0 to 1024
[  139.394301][T10280] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  139.410188][T10280] xt_TPROXY: Can be used only with -p tcp or -p udp
[  139.489046][T10292] loop3: detected capacity change from 0 to 1024
[  139.514779][T10295] loop2: detected capacity change from 0 to 512
[  139.523648][T10295] EXT4-fs: Ignoring removed oldalloc option
[  139.541199][T10292] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.556372][T10295] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.2103: Parent and EA inode have the same ino 15
[  139.581618][T10295] EXT4-fs (loop2): 1 orphan inode deleted
[  139.591437][T10292] netlink: 'syz.3.2102': attribute type 10 has an invalid length.
[  139.658117][   T29] audit: type=1400 audit(1729788428.759:3032): avc:  denied  { create } for  pid=10302 comm="syz.4.2105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  139.677898][   T29] audit: type=1400 audit(1729788428.759:3033): avc:  denied  { write } for  pid=10302 comm="syz.4.2105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  139.710121][T10292] team0: Failed to send options change via netlink (err -105)
[  139.717630][T10292] team0: Port device netdevsim1 added
[  139.741326][T10308] xt_TPROXY: Can be used only with -p tcp or -p udp
[  139.746170][   T29] audit: type=1400 audit(1729788428.839:3034): avc:  denied  { write } for  pid=10302 comm="syz.4.2105" name="map_files" dev="proc" ino=28412 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  139.755995][T10305] netlink: 'syz.3.2102': attribute type 10 has an invalid length.
[  139.770187][   T29] audit: type=1400 audit(1729788428.839:3035): avc:  denied  { add_name } for  pid=10302 comm="syz.4.2105" name="freezer.self_freezing" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  139.800307][   T29] audit: type=1400 audit(1729788428.839:3036): avc:  denied  { create } for  pid=10302 comm="syz.4.2105" name="freezer.self_freezing" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[  139.821831][   T29] audit: type=1400 audit(1729788428.849:3037): avc:  denied  { associate } for  pid=10302 comm="syz.4.2105" name="freezer.self_freezing" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  139.844867][T10305] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  139.875970][T10305] team0: Failed to send options change via netlink (err -105)
[  139.883605][T10305] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  139.897206][T10305] team0: Port device netdevsim1 removed
[  139.903843][T10310] loop0: detected capacity change from 0 to 4096
[  139.904905][T10305] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  139.912229][T10310] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.927078][T10313] netlink: 'syz.2.2107': attribute type 10 has an invalid length.
[  139.947313][T10313] team0: Port device netdevsim1 added
[  139.971989][T10310] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2106: corrupted inode contents
[  139.986715][T10310] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #15: comm syz.0.2106: mark_inode_dirty error
[  139.998367][T10310] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2106: corrupted inode contents
[  140.011441][T10310] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #15: comm syz.0.2106: mark_inode_dirty error
[  140.028137][T10310] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2106: corrupted inode contents
[  140.040649][T10310] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #15: comm syz.0.2106: mark_inode_dirty error
[  140.063423][T10318] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  140.071981][T10310] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2106: corrupted inode contents
[  140.085307][T10310] EXT4-fs error (device loop0): ext4_truncate:4208: inode #15: comm syz.0.2106: mark_inode_dirty error
[  140.097629][T10310] EXT4-fs error (device loop0) in ext4_setattr:5523: Corrupt filesystem
[  140.238566][T10332] FAULT_INJECTION: forcing a failure.
[  140.238566][T10332] name failslab, interval 1, probability 0, space 0, times 0
[  140.251209][T10332] CPU: 0 UID: 0 PID: 10332 Comm: syz.3.2115 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  140.262280][T10332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  140.272414][T10332] Call Trace:
[  140.276127][T10332]  <TASK>
[  140.279151][T10332]  dump_stack_lvl+0xf2/0x150
[  140.283776][T10332]  dump_stack+0x15/0x20
[  140.287961][T10332]  should_fail_ex+0x223/0x230
[  140.292798][T10332]  ? rtm_new_nexthop+0x1464/0x4ad0
[  140.297969][T10332]  should_failslab+0x8f/0xb0
[  140.302567][T10332]  __kmalloc_cache_noprof+0x4b/0x2a0
[  140.307932][T10332]  rtm_new_nexthop+0x1464/0x4ad0
[  140.312881][T10332]  ? __kfree_skb+0x102/0x150
[  140.317503][T10332]  ? packet_rcv+0xd4/0x990
[  140.321979][T10332]  ? sk_skb_reason_drop+0xba/0x290
[  140.327121][T10332]  ? security_capable+0x81/0x90
[  140.332043][T10332]  ? ns_capable+0x7d/0xb0
[  140.336374][T10332]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  140.341690][T10332]  rtnetlink_rcv_msg+0x6aa/0x710
[  140.346627][T10332]  ? ref_tracker_free+0x3a5/0x410
[  140.351693][T10332]  ? __dev_queue_xmit+0x161/0x2040
[  140.356941][T10332]  ? ref_tracker_alloc+0x1f5/0x2f0
[  140.362070][T10332]  netlink_rcv_skb+0x12c/0x230
[  140.366841][T10332]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  140.372434][T10332]  rtnetlink_rcv+0x1c/0x30
[  140.376876][T10332]  netlink_unicast+0x599/0x670
[  140.381671][T10332]  netlink_sendmsg+0x5cc/0x6e0
[  140.386461][T10332]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.391754][T10332]  __sock_sendmsg+0x140/0x180
[  140.396444][T10332]  ____sys_sendmsg+0x312/0x410
[  140.401277][T10332]  __sys_sendmsg+0x1d9/0x270
[  140.405894][T10332]  __x64_sys_sendmsg+0x46/0x50
[  140.410674][T10332]  x64_sys_call+0x2689/0x2d60
[  140.415426][T10332]  do_syscall_64+0xc9/0x1c0
[  140.419948][T10332]  ? clear_bhb_loop+0x55/0xb0
[  140.424674][T10332]  ? clear_bhb_loop+0x55/0xb0
[  140.429417][T10332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.435323][T10332] RIP: 0033:0x7fac16b3dff9
[  140.439727][T10332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.459373][T10332] RSP: 002b:00007fac157b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  140.467777][T10332] RAX: ffffffffffffffda RBX: 00007fac16cf5f80 RCX: 00007fac16b3dff9
[  140.475738][T10332] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006
[  140.483746][T10332] RBP: 00007fac157b1090 R08: 0000000000000000 R09: 0000000000000000
[  140.491709][T10332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.499672][T10332] R13: 0000000000000000 R14: 00007fac16cf5f80 R15: 00007fff62a7f568
[  140.507637][T10332]  </TASK>
[  140.572347][T10342] netlink: 'syz.0.2120': attribute type 10 has an invalid length.
[  140.575068][T10340] loop3: detected capacity change from 0 to 512
[  140.589819][T10340] EXT4-fs: Ignoring removed oldalloc option
[  140.596210][T10342] bond0: (slave netdevsim1): Releasing backup interface
[  140.597282][T10338] loop4: detected capacity change from 0 to 1024
[  140.611106][T10342] team0: Port device netdevsim1 added
[  140.618507][T10340] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.2118: Parent and EA inode have the same ino 15
[  140.633290][T10340] EXT4-fs (loop3): 1 orphan inode deleted
[  140.647113][T10345] loop0: detected capacity change from 0 to 1024
[  140.654358][T10338] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.668773][T10338] netlink: 'syz.4.2119': attribute type 10 has an invalid length.
[  140.679506][T10338] team0: Failed to send options change via netlink (err -105)
[  140.687064][T10338] team0: Port device netdevsim1 added
[  140.698022][T10345] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.706249][T10338] netlink: 'syz.4.2119': attribute type 10 has an invalid length.
[  140.716758][T10338] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  140.727574][T10338] team0: Failed to send options change via netlink (err -105)
[  140.735365][T10338] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  140.744960][T10338] team0: Port device netdevsim1 removed
[  140.752573][T10338] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  140.761693][T10345] netlink: 'syz.0.2121': attribute type 10 has an invalid length.
[  140.770523][T10350] xt_TPROXY: Can be used only with -p tcp or -p udp
[  140.835002][T10352] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  140.842278][T10355] loop4: detected capacity change from 0 to 2048
[  140.858691][T10355] loop4: detected capacity change from 0 to 164
[  140.908102][T10364] __nla_validate_parse: 3 callbacks suppressed
[  140.908118][T10364] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2127'.
[  140.923272][T10364] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2127'.
[  140.982527][T10372] loop3: detected capacity change from 0 to 4096
[  140.989196][T10372] EXT4-fs: Ignoring removed nomblk_io_submit option
[  140.992039][T10376] loop0: detected capacity change from 0 to 512
[  141.002632][T10376] EXT4-fs: Ignoring removed oldalloc option
[  141.014144][T10376] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.2133: Parent and EA inode have the same ino 15
[  141.014519][T10372] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #15: comm syz.3.2132: corrupted inode contents
[  141.027811][T10376] EXT4-fs (loop0): 1 orphan inode deleted
[  141.039048][T10372] EXT4-fs error (device loop3): ext4_dirty_inode:5984: inode #15: comm syz.3.2132: mark_inode_dirty error
[  141.059411][T10372] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #15: comm syz.3.2132: corrupted inode contents
[  141.079271][T10372] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.2132: mark_inode_dirty error
[  141.094823][T10380] team0: Port device netdevsim1 removed
[  141.103510][T10380] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  141.112707][T10372] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #15: comm syz.3.2132: corrupted inode contents
[  141.123488][T10376] xt_TPROXY: Can be used only with -p tcp or -p udp
[  141.134829][T10372] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #15: comm syz.3.2132: mark_inode_dirty error
[  141.148547][T10372] EXT4-fs error (device loop3): ext4_do_update_inode:5121: inode #15: comm syz.3.2132: corrupted inode contents
[  141.163850][T10372] EXT4-fs error (device loop3): ext4_truncate:4208: inode #15: comm syz.3.2132: mark_inode_dirty error
[  141.175534][T10372] EXT4-fs error (device loop3) in ext4_setattr:5523: Corrupt filesystem
[  141.217852][T10384] loop0: detected capacity change from 0 to 512
[  141.261208][T10384] ext4 filesystem being mounted at /386/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  141.280474][T10392] loop2: detected capacity change from 0 to 256
[  141.296515][T10392] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  141.325410][T10394] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  141.332825][T10397] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2142'.
[  141.341735][T10397] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2142'.
[  141.360413][T10401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2143'.
[  141.369322][T10401] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2143'.
[  141.438253][T10411] loop2: detected capacity change from 0 to 512
[  141.444833][T10411] EXT4-fs: Ignoring removed oldalloc option
[  141.475965][T10419] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2150'.
[  141.492475][T10411] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.2146: Parent and EA inode have the same ino 15
[  141.505565][T10411] EXT4-fs (loop2): 1 orphan inode deleted
[  141.573678][T10411] xt_TPROXY: Can be used only with -p tcp or -p udp
[  141.610598][T10426] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  141.660694][T10433] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2156'.
[  141.669627][T10433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2156'.
[  141.691318][T10437] loop4: detected capacity change from 0 to 1024
[  141.699025][T10437] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  141.710337][T10437] xt_TPROXY: Can be used only with -p tcp or -p udp
[  141.737346][T10442] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  141.774113][T10450] loop0: detected capacity change from 0 to 256
[  141.791536][T10450] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  141.841148][T10456] loop4: detected capacity change from 0 to 512
[  141.864542][T10456] EXT4-fs: Ignoring removed oldalloc option
[  141.881230][T10456] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.2165: Parent and EA inode have the same ino 15
[  141.916922][T10456] EXT4-fs (loop4): 1 orphan inode deleted
[  141.964332][T10466] loop0: detected capacity change from 0 to 4096
[  141.970273][T10469] loop2: detected capacity change from 0 to 512
[  141.982208][T10469] EXT4-fs: Ignoring removed oldalloc option
[  141.986401][T10466] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.007954][T10469] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.2172: Parent and EA inode have the same ino 15
[  142.030755][T10466] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2170: corrupted inode contents
[  142.037209][T10456] xt_TPROXY: Can be used only with -p tcp or -p udp
[  142.049545][T10469] EXT4-fs (loop2): 1 orphan inode deleted
[  142.059739][T10466] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #15: comm syz.0.2170: mark_inode_dirty error
[  142.071644][T10466] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2170: corrupted inode contents
[  142.085497][T10466] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #15: comm syz.0.2170: mark_inode_dirty error
[  142.102752][T10466] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2170: corrupted inode contents
[  142.117521][T10466] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #15: comm syz.0.2170: mark_inode_dirty error
[  142.129168][T10466] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.2170: corrupted inode contents
[  142.142008][T10466] EXT4-fs error (device loop0): ext4_truncate:4208: inode #15: comm syz.0.2170: mark_inode_dirty error
[  142.152193][T10476] loop3: detected capacity change from 0 to 512
[  142.163749][T10466] EXT4-fs error (device loop0) in ext4_setattr:5523: Corrupt filesystem
[  142.184630][T10476] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  142.251984][T10485] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2177'.
[  142.295707][T10492] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  142.341081][T10498] loop2: detected capacity change from 0 to 256
[  142.360168][T10498] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  142.408139][T10502] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  142.432091][T10503] process '/newroot/128/file0' started with executable stack
[  142.462441][T10506] loop2: detected capacity change from 0 to 4096
[  142.477191][T10506] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.494485][T10506] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.2187: corrupted inode contents
[  142.507795][T10506] EXT4-fs error (device loop2): ext4_dirty_inode:5984: inode #15: comm syz.2.2187: mark_inode_dirty error
[  142.519260][T10506] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.2187: corrupted inode contents
[  142.531350][T10506] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.2187: mark_inode_dirty error
[  142.542959][T10506] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.2187: corrupted inode contents
[  142.560221][T10506] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.2187: mark_inode_dirty error
[  142.571930][T10506] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #15: comm syz.2.2187: corrupted inode contents
[  142.591855][T10506] EXT4-fs error (device loop2): ext4_truncate:4208: inode #15: comm syz.2.2187: mark_inode_dirty error
[  142.617719][T10506] EXT4-fs error (device loop2) in ext4_setattr:5523: Corrupt filesystem
[  142.643349][T10526] loop0: detected capacity change from 0 to 512
[  142.670958][T10528] loop2: detected capacity change from 0 to 512
[  142.671418][T10526] ext4 filesystem being mounted at /403/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  142.680276][T10528] EXT4-fs: Ignoring removed oldalloc option
[  142.709692][T10528] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.2195: Parent and EA inode have the same ino 15
[  142.724134][T10528] EXT4-fs (loop2): 1 orphan inode deleted
[  142.774403][T10536] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  142.806170][T10528] xt_TPROXY: Can be used only with -p tcp or -p udp
[  142.841498][T10540] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  142.874705][T10542] FAULT_INJECTION: forcing a failure.
[  142.874705][T10542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.888232][T10542] CPU: 1 UID: 0 PID: 10542 Comm: syz.3.2201 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  142.899028][T10542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  142.909192][T10542] Call Trace:
[  142.912480][T10542]  <TASK>
[  142.915415][T10542]  dump_stack_lvl+0xf2/0x150
[  142.920037][T10542]  dump_stack+0x15/0x20
[  142.924293][T10542]  should_fail_ex+0x223/0x230
[  142.929000][T10542]  should_fail+0xb/0x10
[  142.933619][T10542]  should_fail_usercopy+0x1a/0x20
[  142.938752][T10542]  _copy_from_user+0x1e/0xd0
[  142.943347][T10542]  copy_msghdr_from_user+0x54/0x2a0
[  142.948561][T10542]  __sys_sendmsg+0x171/0x270
[  142.953246][T10542]  __x64_sys_sendmsg+0x46/0x50
[  142.958023][T10542]  x64_sys_call+0x2689/0x2d60
[  142.962696][T10542]  do_syscall_64+0xc9/0x1c0
[  142.967258][T10542]  ? clear_bhb_loop+0x55/0xb0
[  142.972088][T10542]  ? clear_bhb_loop+0x55/0xb0
[  142.976794][T10542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.982766][T10542] RIP: 0033:0x7fac16b3dff9
[  142.987212][T10542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.007110][T10542] RSP: 002b:00007fac157b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  143.015579][T10542] RAX: ffffffffffffffda RBX: 00007fac16cf5f80 RCX: 00007fac16b3dff9
[  143.023711][T10542] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  143.031676][T10542] RBP: 00007fac157b1090 R08: 0000000000000000 R09: 0000000000000000
[  143.039636][T10542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.047668][T10542] R13: 0000000000000000 R14: 00007fac16cf5f80 R15: 00007fff62a7f568
[  143.055663][T10542]  </TASK>
[  143.221277][T10564] loop0: detected capacity change from 0 to 512
[  143.240230][T10564] EXT4-fs: Ignoring removed oldalloc option
[  143.253342][T10564] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.2209: Parent and EA inode have the same ino 15
[  143.269565][T10564] EXT4-fs (loop0): 1 orphan inode deleted
[  143.310836][T10573] loop2: detected capacity change from 0 to 1024
[  143.367615][T10573] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  143.424458][ T3455] ==================================================================
[  143.432563][ T3455] BUG: KCSAN: data-race in generic_fillattr / shmem_mknod
[  143.436633][T10587] loop4: detected capacity change from 0 to 4096
[  143.439664][ T3455] 
[  143.439672][ T3455] write to 0xffff888102e806c4 of 4 bytes by task 3573 on cpu 1:
[  143.439688][ T3455]  shmem_mknod+0x136/0x180
[  143.439709][ T3455]  shmem_create+0x34/0x40
[  143.439724][ T3455]  path_openat+0xe92/0x1fa0
[  143.439747][ T3455]  do_filp_open+0xf7/0x200
[  143.439770][ T3455]  do_sys_openat2+0xab/0x120
[  143.446508][T10587] EXT4-fs: Ignoring removed nomblk_io_submit option
[  143.448377][ T3455]  __x64_sys_openat+0xf3/0x120
[  143.489483][ T3455]  x64_sys_call+0x1025/0x2d60
[  143.494172][ T3455]  do_syscall_64+0xc9/0x1c0
[  143.498680][ T3455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.504582][ T3455] 
[  143.506904][ T3455] read to 0xffff888102e806c4 of 4 bytes by task 3455 on cpu 0:
[  143.514446][ T3455]  generic_fillattr+0x1a6/0x2f0
[  143.519294][ T3455]  shmem_getattr+0x17b/0x200
[  143.523877][ T3455]  vfs_getattr+0x19b/0x1e0
[  143.528286][ T3455]  vfs_statx+0x134/0x2f0
[  143.532520][ T3455]  vfs_fstatat+0xec/0x110
[  143.536837][ T3455]  __se_sys_newfstatat+0x58/0x260
[  143.541853][ T3455]  __x64_sys_newfstatat+0x55/0x70
[  143.546868][ T3455]  x64_sys_call+0x141f/0x2d60
[  143.551537][ T3455]  do_syscall_64+0xc9/0x1c0
[  143.556039][ T3455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.561943][ T3455] 
[  143.564281][ T3455] value changed: 0x1d2ef41e -> 0x1ef8b79f
[  143.569994][ T3455] 
[  143.572307][ T3455] Reported by Kernel Concurrency Sanitizer on:
[  143.578447][ T3455] CPU: 0 UID: 0 PID: 3455 Comm: udevd Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  143.588689][ T3455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  143.599022][ T3455] ==================================================================
[  143.632260][T10587] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2219: corrupted inode contents
[  143.644451][T10587] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #15: comm syz.4.2219: mark_inode_dirty error
[  143.657177][T10587] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2219: corrupted inode contents
[  143.669974][T10587] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.2219: mark_inode_dirty error
[  143.682223][T10587] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2219: corrupted inode contents
[  143.694450][T10587] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.2219: mark_inode_dirty error
[  143.707904][T10587] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #15: comm syz.4.2219: corrupted inode contents
[  143.721447][T10587] EXT4-fs error (device loop4): ext4_truncate:4208: inode #15: comm syz.4.2219: mark_inode_dirty error
[  143.733719][T10587] EXT4-fs error (device loop4) in ext4_setattr:5523: Corrupt filesystem