last executing test programs:

3.761113077s ago: executing program 3 (id=1327):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

2.60351314s ago: executing program 3 (id=1344):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)

2.07924534s ago: executing program 3 (id=1354):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

1.734823656s ago: executing program 0 (id=1358):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000006cf430000000000000000008500000041000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f00000002c0)={'team0\x00', <r4=>0x0})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x18)
r7 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r8 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0))
keyctl$KEYCTL_MOVE(0x1e, r7, 0xffffffffffffffff, r8, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0xfffffffe, {0x0, 0x0, 0x12, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x3, [], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffd], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}]}}]}, 0x8c}}, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x81}, &(0x7f0000000140)=0x8)

1.646098898s ago: executing program 1 (id=1360):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x1200890, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)

1.622046058s ago: executing program 4 (id=1361):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r2, 0x0, 0xfffffffffffffff7}, 0x18)
syz_emit_ethernet(0x66, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000003e000701fcfffffff6dbdf25017c000008"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

1.600237789s ago: executing program 4 (id=1362):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x2)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, 0x0, 0x0)
io_setup(0x3ff, &(0x7f0000000500))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x11, 0x0, 0x0, 0x0, 0xa, 0x10590, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000440), r0)
io_setup(0x9f, &(0x7f00000005c0)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000480)=[&(0x7f0000000d80)={0xf, 0x400000000000, 0x0, 0x8, 0x0, r2, &(0x7f0000000180)=')2', 0x2}])
close_range(r0, 0xffffffffffffffff, 0x0)

1.588863159s ago: executing program 0 (id=1364):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f0000003200)='./file2\x00', 0x4204, &(0x7f0000003240)=ANY=[], 0x3, 0x335, &(0x7f0000000a40)="$eJzs3M9rG0cUwPEnWZYlGVs6lJYWiof20l4WW+25VBQbSgU1tlVqFwxre9UKbSWjFS4qpbZPvZbccwrkYHz0zZD4H/Alt+SSS266BHKICSEb9pf107asyJFjfz8QdjQzTzujGYW3i1f1X///s5i3tLxelXBMSUhE5EQkJWEJhPxj2C1HpdmOfD3+4vHni8srP2Wy2dkFpeYyS9+klVKTUw/++ifudzsck+PUav15+tnxx8ef1t8s/VGwVMFSpXJV6Wqt/LSqr5mG2ihYRU2pedPQLUMVSpZR8drLXnveLG9u1pRe2phIbFYMy1J6qaaKRk1Vy6paqSn9d71QUpqmqYmE4ALOgi7omT6j1wc8GlyRSiWjj4hIvKMltzeUAQEAgKFqz//DTkrfV/4vk27+73Ru5P/7XxxVx385mDx0Ylfrh9Fu+f+3T7z3asn/YyLST/5/Vy6R/3dmRLdLbm+h//wf18NUtKMq1PLKyf8T/vfXtfvb/rRbIP8HAAAAAAAAAAAAAAAAAAAAAOBDcGLbSdu2k8Ex+Nd4hMB/jRvprPUfE5GYs/o263+TLS6vSMx9cM9ZY/O/rdxWzjv6HY5ExBRDpiUpr9394HPKwZNHypGSh+a2G//KOY64LZm8FNz4GUlKqj3etud+zM7OKI8ff/qYUqI5Pi1J+ah7fLo13hn/9lYuKl992RSvSVIerUtZTNlw93Uj/t8ZpX74OdsWH/dOAgAAAADADaApFfIvn1Ot17/e9bumKdW93fuVkUzevU10xv0B7/p6uuv1eST5WWTYswcAAAAA4Hawan8XddM0KucU4nJxn/4Lkd46R9tqRs/rPNI0w17HE3VvZIi867zu9fipthSCP6RoaYr5lf2NJ5j/wNZrp7kmLD1ERdoHP+VUqEuefdefyGlNcNsoesbnLPOd7xM+ZyeMDmw/f3Ln/svBfUG+Owh2wMWdd/s9V6x917mF0av+fwcAAADA+9dI+oOa75ubQ0MZFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAt8yV/KRfW2HYcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACui7cBAAD//5Oa+gc=")
r2 = open(&(0x7f00000006c0)='./file2\x00', 0x105142, 0x120)
sendfile(r2, r2, 0x0, 0x800000009)

1.588430549s ago: executing program 1 (id=1365):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

1.519467631s ago: executing program 1 (id=1366):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
preadv2(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x40, 0x80, 0x3)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="020000000100000000000000040d06000000000010120400000000002000030000000000"], 0x24, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f0000000000)={0x0, 0x0, 0x8})
openat$cgroup(r3, &(0x7f0000000180)='syz1\x00', 0x200002, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$PIO_SCRNMAP(r4, 0x4b41, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0ffb}]})
brk(0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r7, 0x29, 0x39, &(0x7f0000000580)=ANY=[@ANYBLOB="880201050000e7ff02000000ef000000000000000000000000000000000000f221f01c676aa753e4108a3c8f1050cdda906daa1b397b65b6ee5052f10001061d9d21aee9aef685c5b33a0137304d43a699602f42226307e9bea31d93755487ccc485acb5bddc0462481fddc6cc5d4e1c2f69cbd61c8feddcd1c4963898e0afdc53db18e7916e7ecf97e6f26e64df5e"], 0x8)
ioperm(0x0, 0x2, 0x7e)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
acct(&(0x7f0000000140)='./file0\x00')

1.491551131s ago: executing program 0 (id=1367):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000041001007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x73, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x0)
close(r4)
socket(0x10, 0x3, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)

1.393219643s ago: executing program 4 (id=1369):
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000000c0)={@local, @multicast1, <r0=>0x0}, &(0x7f0000000140)=0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r3)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01030000000000000000320000000c009900000000000000000005001801"], 0x40}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r2, &(0x7f0000000640)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8022040}, 0xc, &(0x7f0000000480)={&(0x7f0000000f80)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00022abd7000fcdbdf253800000008000300c48c169f9467f1c4fb214e80827c23d4cd82ac962ffaf1d4b528fd7fa2f152522d1739b44a8ca487c89a4103fc", @ANYRES32=r5, @ANYBLOB="0c00580076000000000000000c00580012000000000000000c0058000f000000000000000c00580059000000000000000c0058004a000000000000000c00580071000000000000000c00580009000000000000000c0058004100000000000000"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000001)
r6 = socket$inet6(0xa, 0x800000000000002, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x10000})
setrlimit(0x40000000000008, &(0x7f0000000000))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002500)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000001080)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES8, @ANYBLOB="00000800000085000000950000009500000000000000fddd9a28401fa4917e6948d498566467fdbda51f4db05635b3b16d37026b6cbf69bca79dfe427cccb1014eecf6a219510f73291ba4a9133bf4bfd3729238332f93624ca4a9d6c3607ea9815d1bc64f32485b8fac879dd95da896cb57a32629a14797fe82d3ba22ebb11673e1f76a33cfd3e575255ce9b15f16bf6d469308f7e5a28b9545422e657654764430d7fa549524e869c46e9509eebd4d543c367a05e2a4143e0e1671a1eba3727146716cb5b5b5ab854c0c104ab08782a98f4ae25e7be907a9406402207b4b89d43c2dbd170b9f72c090f64e2144"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r7}, 0x10)
setsockopt$sock_linger(r6, 0x1, 0x3c, &(0x7f0000000600)={0x200000000000001, 0x3}, 0x8)
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x12, r8, 0x0)
open(&(0x7f0000000180)='./file0\x00', 0x20000, 0x20)
sendto$inet6(r6, 0x0, 0x0, 0xc884, &(0x7f0000000540)={0xa, 0x4e23, 0x6, @loopback, 0x8}, 0x1c)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmmsg$inet6(r6, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)='\x00', 0x1}], 0x1}}], 0x2, 0x404c484)

1.303988095s ago: executing program 4 (id=1370):
r0 = creat(&(0x7f00000000c0)='./file1\x00', 0xb8)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x140020, &(0x7f0000000580)={[], [{@fsuuid={'fsuuid', 0x3d, {[0x36, 0x31, 0x0, 0x31, 0x36, 0x39, 0x31, 0x64], 0x2d, [0x62, 0x61, 0x39, 0x63], 0x2d, [0x64, 0x33, 0x63, 0x32], 0x2d, [0x34, 0x65, 0x31, 0x34], 0x2d, [0x36, 0x30, 0x32, 0x33, 0x5d, 0x37, 0x34, 0x34]}}}, {@euid_eq}, {@audit}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r2 = syz_io_uring_setup(0x53a4, &(0x7f0000000440)={0x0, 0x46c0, 0x3189, 0x2001, 0x40024f}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x6, 0x0, r2, 0x0, 0x0, 0x0, 0x2})
syz_io_uring_submit(r3, r4, &(0x7f00000003c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x5c, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x0)
pipe2$9p(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r7 = dup(r6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb0100180000000007000028000000280000000400000002000000000000110000190004000000001200000000007ac5c94bac5bbcc261003aa51060a940eedb9a3522d1"], 0x0, 0x44}, 0x28)
r8 = socket$key(0xf, 0x3, 0x2)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r9}, 0x4d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00'}, 0x10)
sendmsg$key(r8, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000a40)=ANY=[@ANYBLOB="020300030f0000002cbd7040fcdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af030006000000000002004e22ac1414bb000000000000000002000100000000000000070c00000080030005000000000002004e22ac14140a00000000000000000200130002"], 0x78}, 0x1, 0x7}, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r7, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe001811", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r10, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
socket(0x10, 0x80002, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])

652.319157ms ago: executing program 1 (id=1376):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

547.22314ms ago: executing program 0 (id=1378):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="05000000020c"], 0x80}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x6c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x20, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x8100}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x2}}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x17, &(0x7f0000000340)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4}, @ldst={0x2, 0xb50ee8554d19cd55, 0x3, 0xa, 0x1, 0xffffffffffffffff, 0xfffffffffffffff0}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x101}}, @cb_func={0x18, 0x3, 0x4, 0x0, 0x7}, @generic={0xd9, 0xe, 0x1, 0x401, 0x10000}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xb}}], &(0x7f0000000080)='GPL\x00', 0x0, 0x27, &(0x7f0000000400)=""/39, 0x41000, 0x21, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0x5, 0x6, 0x6}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000680)=[r4, r0, r1, r1, r4, r0], &(0x7f00000006c0)=[{0x0, 0x1, 0x10, 0x8}, {0x0, 0x1, 0x7, 0x2}, {0x4, 0x1, 0x5, 0x9}, {0x1, 0x2, 0xe, 0xc}, {0x2, 0x3, 0x10, 0xc}], 0x10, 0x10}, 0x94)

546.792169ms ago: executing program 1 (id=1379):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x4, 0x2, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x9b, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000f407abd7f4d156b286c7f6075d9a949d015f757deb8dd852dfe2e8761ed7e319485fe359f3f0e96a9f2b4e45a62b9a557f11c77f"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
arch_prctl$ARCH_REQ_XCOMP_GUEST_PERM(0x1025, 0x13)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=<r4=>r2, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0501000000160012000a00ff120048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x20000090)
r6 = inotify_init()
syz_mount_image$iso9660(&(0x7f0000000300), &(0x7f0000000080)='./file1\x00', 0x1808004, &(0x7f0000000180)=ANY=[@ANYRES16=<r7=>0x0, @ANYRES32], 0x7, 0x7e2, &(0x7f0000001740)="$eJzs3U1sHOXdAPD/ODEJRsqLeF/lfRWFMAm8UpDArNdg6nKAZT22B9a71u66SlRVNAIHWXGAQlFLLhBVgrZqVfXUI+XKrTeqSq3UQ9tTpXLopTckThWV+iWqCsnVzK4Tf+zaSXDM1+9n2c/szH/meZ7Z8fxn1t5nAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIpD5TqUwk0ci/sXQmHa4+024t7LB8fXu/2lRs8timeiOS4jsOH44P/96b9z9XFx8tfpyK471Hx+NwURyOS7cdvf2R/z44sr7+Dg26USevMS6JeK1o1IVzq6vLL96Ehuyj7//iulf511rxcy5r5p1WvlCby9K800qnp6YqD8zPdtLZvJF1zna62UJab2e1bqudnq7fm05MT0+m2fjZ1lJzbqbWyNZnPnx/tVKZSp8YX8xq7U6r+cAT0anP541G3pwrY6qVb0UR83BxID6Zd9NuVltI0/Mrq8uTG1qVDGpqETQxaMGB3vFz/J7b33/5vb+tLBcH5LD+Jv0DszoxUa1OTD00/dDDlcrBaqW6eUZli7gSESMRRcRNOWj5DNnbEzh8DCP9/B+NyKMZS3Em0i1foxExGvWYiXa0YqGY98fRbVF96/n//x/4y+93qndj/u9n+cMbFh+LMv+f6D06MSz/b2vFjl+j1xV9TV8vxStxKS7EuViN1ViOF/d2+4f2vMUjH3cLyaZHc5FFM/LoRCvyWIhaOSftz0ljOqZiKirxVMzHbHQijdnIIyKLTpyNTnQjK4+oerQji1p0oxXtSON01OPeSGMipmM6JiONLMbjbLRiKZoxF/dHLRqRxflYKff75JZWHr01fv7sH95/s5i+EjSxU7eKi7ki6K87BG1L9zvm/7W14npha4T8/0W39ydxuEFr6/kfAAAA+NxKylffk/Il/jvLqdm8kX31GtbsHtyH5gEAAAB7oPzL//GiGC2m7oykuP+vDIh8d9/bBgAAAOyNpHyPXRIRY3FXb+p8rMRrsRyDXgQAAAAAPoPKv/+fKIqxiFfLGevDpbj/BwAAgM+J7w4bY/+99TF2O4uHkl+WYwAnlxfP3JNcrBVxtYsHeuv1i69c2WJ39lhypL+Rspg6eOm2JCIO1rPjyfrolx8d6pUflD+PXR1LYNhY/0m7vWMDYucGlI/iB3GyF3PymV75TH9J0qtlbDZvZOP1VuORckjE4rv78nMr344oav9ec+FIEudXVpfHn35+9ZmyLZeLrVy+2B9AcdM4imv/tWNb1vp7IO4c3OPR8o0Y/XrHevVWNvZ/pFz732vlOLND+59srPP1ONWLOTXWK8fWl/TqPFzUOTH+yETUakdGutmZ7strG3rfb8XEbj3f5Vl4Pe7uxdx9+u5eMaAV1U2teG57K6obW9HbFzEScWQvWvHmyVfP/PM3rSSb3K0Vk4NbMXBfrB2I2NoKgE/K+XLUn6tZ6NYyCxVJpVDk/y1599b1NYed5Taca/9xtZbeVcZH/c1GxIZcdzC2Zver27627L4WvTP66V7M6d71xMFjA/JKZcAZ/YWVF37bP6M/+PZPfvq1E7/7WVnvDWW3t+PeXky/iDt+PSTHFn3+4Zas+laxxlsD6y2uwTqNahKXIw588+ILcfSlVy7dv3Lx3LPLzy4/V61OTlUerFQeqsZoeanQL3ZoKQBfXLt/xs7QiFv6m0geHHZX3c94d1z5l4LxeDqej9UorgDu6sXetb3ed4o78Q3/hnDfLnetYxs+4eW+Xe4tr8ZWt8cmMSR2csMe+98fl8WHN+XpAIB9cWqHPLxL/r/yyvx9u9x3b87lW+6OY3guH+RLN3VvAMAXQ9b+IBnrvpG02/niUxPT0xO17nyWtlv1J9N2PjOXpXmzm7Xr87XmXJYutlvdVn39heOZrJN2lhYXW+1uOttqpzHSyc+Un/ye9j/6vZMt1JrdvN5ZbGS1TpbWW81urd5NZ/JOPV1ceryRd+azdrlyZzGr57N5vdbNW82001pq17PxNO1k2YbAfCZrdvPZvJhspovtfKHWvhwRjaWFLJ3JOvV2vtht9Ta4XlfenG21F8rNjm/v/p/3e38DwKfBS69cunBudXX5xRub+NO1BH/SfQQANpOlAQAAAAAAAAAAAADg02/72/WKuR/jHYHXN3EobnoVn82J4lm47rW+3B+SsTenmPq0dGf/J0Z7ff/6o49eGBbz+Kv/N39tGxz8mzLora5vHIm45Z0f9eY8Njz4O/3fv73p8rs3crRcurCW7BCz6TRxy/6elQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgsP8EAAD//2ruZ0o=")
inotify_add_watch(r6, &(0x7f0000000340)='./file2/../file0\x00', 0x61000080)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r9=>r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYRES16=r3, @ANYRESDEC, @ANYRES64=r1, @ANYRESDEC=r4, @ANYRES16=0x0, @ANYRESHEX, @ANYRES32=r0, @ANYRES16=r9], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r10}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xc, 0xe, &(0x7f0000000580)=ANY=[@ANYRES8=r7], 0x0, 0x65b2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xfffffe25}, 0x94)
r11 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r11, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r11, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703022b590200c90000002f1eafbcf706e105000000894f000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada33cc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b3178c965c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe69}], 0x4}, 0x0)
r12 = socket$netlink(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000780)=ANY=[@ANYBLOB="9f120052641bbfff96c4159e70f0a539d470b1266760f5b484b131b0fc30329f9c4dbdf563c6519666b8e25e557e4ce1e4ef3a2ce2f52df248b38101516284dfbaff1ed4389abac5bc1cb5d012b612aef67167082adfb9c101ce1acacfe8f60ff8b112ef8a77ffbaa3045dcc1900"/125, @ANYRES16=r13, @ANYBLOB="010000000000fbdbde25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file1\x00', 0x62)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x142)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000020000000000000000000003000000000300000002000000fdffffff00000000000000010500000010000001000000000000000902"], 0x0, 0x4e}, 0x28)

461.306611ms ago: executing program 4 (id=1380):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f0000003200)='./file2\x00', 0x4204, &(0x7f0000003240)=ANY=[], 0x3, 0x335, &(0x7f0000000a40)="$eJzs3M9rG0cUwPEnWZYlGVs6lJYWiof20l4WW+25VBQbSgU1tlVqFwxre9UKbSWjFS4qpbZPvZbccwrkYHz0zZD4H/Alt+SSS266BHKICSEb9pf107asyJFjfz8QdjQzTzujGYW3i1f1X///s5i3tLxelXBMSUhE5EQkJWEJhPxj2C1HpdmOfD3+4vHni8srP2Wy2dkFpeYyS9+klVKTUw/++ifudzsck+PUav15+tnxx8ef1t8s/VGwVMFSpXJV6Wqt/LSqr5mG2ihYRU2pedPQLUMVSpZR8drLXnveLG9u1pRe2phIbFYMy1J6qaaKRk1Vy6paqSn9d71QUpqmqYmE4ALOgi7omT6j1wc8GlyRSiWjj4hIvKMltzeUAQEAgKFqz//DTkrfV/4vk27+73Ru5P/7XxxVx385mDx0Ylfrh9Fu+f+3T7z3asn/YyLST/5/Vy6R/3dmRLdLbm+h//wf18NUtKMq1PLKyf8T/vfXtfvb/rRbIP8HAAAAAAAAAAAAAAAAAAAAAOBDcGLbSdu2k8Ex+Nd4hMB/jRvprPUfE5GYs/o263+TLS6vSMx9cM9ZY/O/rdxWzjv6HY5ExBRDpiUpr9394HPKwZNHypGSh+a2G//KOY64LZm8FNz4GUlKqj3etud+zM7OKI8ff/qYUqI5Pi1J+ah7fLo13hn/9lYuKl992RSvSVIerUtZTNlw93Uj/t8ZpX74OdsWH/dOAgAAAADADaApFfIvn1Ot17/e9bumKdW93fuVkUzevU10xv0B7/p6uuv1eST5WWTYswcAAAAA4Hawan8XddM0KucU4nJxn/4Lkd46R9tqRs/rPNI0w17HE3VvZIi867zu9fipthSCP6RoaYr5lf2NJ5j/wNZrp7kmLD1ERdoHP+VUqEuefdefyGlNcNsoesbnLPOd7xM+ZyeMDmw/f3Ln/svBfUG+Owh2wMWdd/s9V6x917mF0av+fwcAAADA+9dI+oOa75ubQ0MZFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAt8yV/KRfW2HYcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACui7cBAAD//5Oa+gc=")
r2 = open(&(0x7f00000006c0)='./file2\x00', 0x105142, 0x120)
sendfile(r2, r2, 0x0, 0x800000009)

433.345642ms ago: executing program 0 (id=1381):
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000000c0)={@local, @multicast1, <r0=>0x0}, &(0x7f0000000140)=0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r3)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01030000000000000000320000000c009900000000000000000005001801"], 0x40}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r2, &(0x7f0000000640)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8022040}, 0xc, &(0x7f0000000480)={&(0x7f0000000f80)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00022abd7000fcdbdf253800000008000300c48c169f9467f1c4fb214e80827c23d4cd82ac962ffaf1d4b528fd7fa2f152522d1739b44a8ca487c89a4103fc", @ANYRES32=r5, @ANYBLOB="0c00580076000000000000000c00580012000000000000000c0058000f000000000000000c00580059000000000000000c0058004a000000000000000c00580071000000000000000c00580009000000000000000c0058004100000000000000"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000001)
r6 = socket$inet6(0xa, 0x800000000000002, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x10000})
setrlimit(0x40000000000008, &(0x7f0000000000))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002500)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000001080)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES8, @ANYBLOB="00000800000085000000950000009500000000000000fddd9a28401fa4917e6948d498566467fdbda51f4db05635b3b16d37026b6cbf69bca79dfe427cccb1014eecf6a219510f73291ba4a9133bf4bfd3729238332f93624ca4a9d6c3607ea9815d1bc64f32485b8fac879dd95da896cb57a32629a14797fe82d3ba22ebb11673e1f76a33cfd3e575255ce9b15f16bf6d469308f7e5a28b9545422e657654764430d7fa549524e869c46e9509eebd4d543c367a05e2a4143e0e1671a1eba3727146716cb5b5b5ab854c0c104ab08782a98f4ae25e7be907a9406402207b4b89d43c2dbd170b9f72c090f64e2144"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r7}, 0x10)
setsockopt$sock_linger(r6, 0x1, 0x3c, &(0x7f0000000600)={0x200000000000001, 0x3}, 0x8)
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x12, r8, 0x0)
sendto$inet6(r6, 0x0, 0x0, 0xc884, &(0x7f0000000540)={0xa, 0x4e23, 0x6, @loopback, 0x8}, 0x1c)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmmsg$inet6(r6, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)='\x00', 0x1}], 0x1}}], 0x2, 0x404c484)

432.957712ms ago: executing program 4 (id=1382):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0x10, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7f}, {}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000006c0)='GPL\x00', 0x4, 0x1005, &(0x7f00000014c0)=""/4101, 0x0, 0xc}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x80, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
unshare(0x2040400)
unshare(0x2000400)
setxattr$system_posix_acl(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f00000005c0)=[{0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0502103, &(0x7f0000000180)={0x0, 0xfff, 0x100fe})
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000340)='mm_page_free\x00', r2, 0x0, 0x2}, 0x18)
r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x501001, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000080))
ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0)

310.531444ms ago: executing program 3 (id=1383):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r2, 0x0, 0xfffffffffffffff7}, 0x18)
syz_emit_ethernet(0x66, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000003e000701fcfffffff6dbdf25017c000008"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

292.047245ms ago: executing program 2 (id=1384):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000440)='ns\x00')
getdents(r0, &(0x7f0000000000)=""/39, 0x82)
getdents(r0, 0xffffffffffffffff, 0x5a)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0100"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
getpeername$packet(r0, &(0x7f00000004c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000040)={'ip6gre0\x00', r3, 0x4, 0x1, 0x9, 0x3, 0x0, @private2, @dev={0xfe, 0x80, '\x00', 0x10}, 0xf808, 0x40, 0x8, 0xc}})
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r5 = inotify_init()
inotify_add_watch(r5, &(0x7f0000000340)='.\x00', 0xa50003d1)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
readv(r5, &(0x7f0000000140)=[{&(0x7f0000000280)=""/181, 0x20}], 0x1)

268.631425ms ago: executing program 3 (id=1385):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000105c0)=ANY=[@ANYBLOB="1c000000030601040000000000feff00070000020500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10)

212.073196ms ago: executing program 0 (id=1386):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
preadv2(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x40, 0x80, 0x3)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="020000000100000000000000040d06000000000010120400000000002000030000000000"], 0x24, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f0000000000)={0x0, 0x0, 0x8})
openat$cgroup(r3, &(0x7f0000000180)='syz1\x00', 0x200002, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$PIO_SCRNMAP(r4, 0x4b41, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0ffb}]})
brk(0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r7, 0x29, 0x39, &(0x7f0000000580)=ANY=[@ANYBLOB="880201050000e7ff02000000ef000000000000000000000000000000000000f221f01c676aa753e4108a3c8f1050cdda906daa1b397b65b6ee5052f10001061d9d21aee9aef685c5b33a0137304d43a699602f42226307e9bea31d93755487ccc485acb5bddc0462481fddc6cc5d4e1c2f69cbd61c8feddcd1c4963898e0afdc53db18e7916e7ecf97e6f26e64df5e"], 0x8)
ioperm(0x0, 0x2, 0x7e)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
acct(&(0x7f0000000140)='./file0\x00')

211.811016ms ago: executing program 2 (id=1387):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x7, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "0500"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x304}, "3b444c4a45b2809e", "4db9f6c4a51139c579f71eb12c5d8c9e", "d597a076", "a9f99e0b9f466c49"}, 0x28)

211.036076ms ago: executing program 3 (id=1388):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, r0, 0x0, 0x2}, 0x18)
write$P9_RREAD(r1, &(0x7f0000000580)=ANY=[], 0xa0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x50)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
recvfrom$l2tp(r0, &(0x7f0000000040)=""/5, 0x5, 0x21, &(0x7f0000000240)={0x2, 0x0, @multicast2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r4, 0x0, 0x100000000}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
shmctl$IPC_INFO(0x0, 0x3, &(0x7f00000007c0)=""/89)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000ddff00850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2000, 0x0)
msgrcv(0x0, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)
semget(0x1, 0x1, 0x81)

172.521857ms ago: executing program 2 (id=1389):
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree\x00'}, 0x18)
symlinkat(&(0x7f0000000400)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
removexattr(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000100)=ANY=[@ANYBLOB='o'])

100.336918ms ago: executing program 1 (id=1390):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000041001007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x73, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x0)
close(r4)
socket(0x10, 0x3, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)

99.221468ms ago: executing program 2 (id=1391):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="05000000020c"], 0x80}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x6c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x20, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x8100}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x2}}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x17, &(0x7f0000000340)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4}, @ldst={0x2, 0xb50ee8554d19cd55, 0x3, 0xa, 0x1, 0xffffffffffffffff, 0xfffffffffffffff0}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x101}}, @cb_func={0x18, 0x3, 0x4, 0x0, 0x7}, @generic={0xd9, 0xe, 0x1, 0x401, 0x10000}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xb}}], &(0x7f0000000080)='GPL\x00', 0x0, 0x27, &(0x7f0000000400)=""/39, 0x41000, 0x21, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0x5, 0x6, 0x6}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000680)=[r4, r0, r1, r1, r4, r0], &(0x7f00000006c0)=[{0x0, 0x1, 0x10, 0x8}, {0x0, 0x1, 0x7, 0x2}, {0x4, 0x1, 0x5, 0x9}, {0x1, 0x2, 0xe, 0xc}, {0x2, 0x3, 0x10, 0xc}], 0x10, 0x10}, 0x94)

14.36343ms ago: executing program 2 (id=1392):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@deltaction={0x54, 0x18, 0x1, 0x70bd2a, 0x25dfdc00, {0xa}, [@TCA_ACT_TAB={0x40, 0x1, [{0xc, 0x8f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4000000}}, {0x14, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x37}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x44000}, 0x20040844)

0s ago: executing program 2 (id=1393):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

kernel console output (not intermixed with test programs):

reload_regdb+0xe/0x20
[  117.636585][ T6032]  genl_family_rcv_msg_doit+0x143/0x1b0
[  117.636694][ T6032]  genl_rcv_msg+0x422/0x460
[  117.636735][ T6032]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  117.636781][ T6032]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  117.636814][ T6032]  ? __pfx_nl80211_post_doit+0x10/0x10
[  117.636939][ T6032]  netlink_rcv_skb+0x123/0x220
[  117.636979][ T6032]  ? __pfx_genl_rcv_msg+0x10/0x10
[  117.637034][ T6032]  genl_rcv+0x28/0x40
[  117.637178][ T6032]  netlink_unicast+0x5bd/0x690
[  117.637211][ T6032]  netlink_sendmsg+0x58b/0x6b0
[  117.637249][ T6032]  ? __pfx_netlink_sendmsg+0x10/0x10
[  117.637285][ T6032]  __sock_sendmsg+0x145/0x180
[  117.637390][ T6032]  ____sys_sendmsg+0x31e/0x4e0
[  117.637429][ T6032]  ___sys_sendmsg+0x17b/0x1d0
[  117.637487][ T6032]  __x64_sys_sendmsg+0xd4/0x160
[  117.637572][ T6032]  x64_sys_call+0x191e/0x2ff0
[  117.637599][ T6032]  do_syscall_64+0xd2/0x200
[  117.637643][ T6032]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  117.637678][ T6032]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  117.637775][ T6032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.637807][ T6032] RIP: 0033:0x7fd37a09eec9
[  117.637862][ T6032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.637890][ T6032] RSP: 002b:00007fd378b07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  117.637912][ T6032] RAX: ffffffffffffffda RBX: 00007fd37a2f5fa0 RCX: 00007fd37a09eec9
[  117.637927][ T6032] RDX: 0000000004000054 RSI: 0000200000000480 RDI: 0000000000000005
[  117.637952][ T6032] RBP: 00007fd378b07090 R08: 0000000000000000 R09: 0000000000000000
[  117.637970][ T6032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.637988][ T6032] R13: 00007fd37a2f6038 R14: 00007fd37a2f5fa0 R15: 00007ffcdf11d308
[  117.638018][ T6032]  </TASK>
[  117.672964][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.004208][ T6022] rock: directory entry would overflow storage
[  118.010428][ T6022] rock: sig=0x4f50, size=4, remaining=3
[  118.016055][ T6022] iso9660: Corrupted directory entry in block 6 of inode 1792
[  118.026176][ T6025] Symlink component flag not implemented
[  118.040057][ T6025] Symlink component flag not implemented (129)
[  118.047952][ T6036] rock: directory entry would overflow storage
[  118.054763][ T6036] rock: sig=0x4f50, size=4, remaining=3
[  118.061913][ T6036] iso9660: Corrupted directory entry in block 6 of inode 1792
[  118.107407][ T6045] loop2: detected capacity change from 0 to 128
[  118.134685][ T6052] loop0: detected capacity change from 0 to 512
[  118.149465][ T6052] EXT4-fs: Ignoring removed mblk_io_submit option
[  118.160092][ T6052] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  118.176140][ T6045] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fff0000)
[  118.185146][ T6045] FAT-fs (loop2): Filesystem has been set read-only
[  118.196931][ T6045] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fff0000)
[  118.206134][ T6052] EXT4-fs (loop0): 1 truncate cleaned up
[  118.220531][ T6052] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.269360][ T6059] FAULT_INJECTION: forcing a failure.
[  118.269360][ T6059] name failslab, interval 1, probability 0, space 0, times 0
[  118.282564][ T6059] CPU: 0 UID: 0 PID: 6059 Comm: syz.1.873 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  118.282677][ T6059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  118.282694][ T6059] Call Trace:
[  118.282761][ T6059]  <TASK>
[  118.282772][ T6059]  __dump_stack+0x1d/0x30
[  118.282801][ T6059]  dump_stack_lvl+0xe8/0x140
[  118.282882][ T6059]  dump_stack+0x15/0x1b
[  118.282943][ T6059]  should_fail_ex+0x265/0x280
[  118.283031][ T6059]  should_failslab+0x8c/0xb0
[  118.283060][ T6059]  kmem_cache_alloc_noprof+0x50/0x310
[  118.283099][ T6059]  ? skb_clone+0x151/0x1f0
[  118.283137][ T6059]  skb_clone+0x151/0x1f0
[  118.283177][ T6059]  __netlink_deliver_tap+0x2c9/0x500
[  118.283345][ T6059]  netlink_unicast+0x66b/0x690
[  118.283372][ T6059]  netlink_sendmsg+0x58b/0x6b0
[  118.283478][ T6059]  ? __pfx_netlink_sendmsg+0x10/0x10
[  118.283562][ T6059]  __sock_sendmsg+0x145/0x180
[  118.283614][ T6059]  ____sys_sendmsg+0x31e/0x4e0
[  118.283650][ T6059]  ___sys_sendmsg+0x17b/0x1d0
[  118.283692][ T6059]  __x64_sys_sendmsg+0xd4/0x160
[  118.283726][ T6059]  x64_sys_call+0x191e/0x2ff0
[  118.283763][ T6059]  do_syscall_64+0xd2/0x200
[  118.283801][ T6059]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  118.283827][ T6059]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  118.283879][ T6059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.283902][ T6059] RIP: 0033:0x7f7e674eeec9
[  118.283928][ T6059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.283953][ T6059] RSP: 002b:00007f7e65f57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  118.284027][ T6059] RAX: ffffffffffffffda RBX: 00007f7e67745fa0 RCX: 00007f7e674eeec9
[  118.284043][ T6059] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003
[  118.284060][ T6059] RBP: 00007f7e65f57090 R08: 0000000000000000 R09: 0000000000000000
[  118.284077][ T6059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.284091][ T6059] R13: 00007f7e67746038 R14: 00007f7e67745fa0 R15: 00007ffdb33dfe18
[  118.284110][ T6059]  </TASK>
[  118.524278][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.544474][ T6066] loop0: detected capacity change from 0 to 512
[  118.558637][ T6064] netlink: 'syz.1.874': attribute type 6 has an invalid length.
[  118.574353][ T6066] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.580794][ T6064] loop1: detected capacity change from 0 to 764
[  118.588089][ T6066] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.619898][ T6068] loop2: detected capacity change from 0 to 1024
[  118.630519][ T6064] rock: directory entry would overflow storage
[  118.636869][ T6064] rock: sig=0x4f50, size=4, remaining=3
[  118.642486][ T6064] iso9660: Corrupted directory entry in block 6 of inode 1792
[  118.655251][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.668151][ T6068] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.680916][ T6064] Symlink component flag not implemented
[  118.687027][ T6064] Symlink component flag not implemented (129)
[  118.694116][ T6064] rock: directory entry would overflow storage
[  118.700685][ T6064] rock: sig=0x4f50, size=4, remaining=3
[  118.706988][ T6064] iso9660: Corrupted directory entry in block 6 of inode 1792
[  118.736240][ T6077] __nla_validate_parse: 4 callbacks suppressed
[  118.736256][ T6077] netlink: 36 bytes leftover after parsing attributes in process `syz.4.878'.
[  118.744181][ T6076] netlink: 32 bytes leftover after parsing attributes in process `syz.0.877'.
[  118.818017][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.846926][ T6085] netlink: 'syz.2.881': attribute type 6 has an invalid length.
[  118.854976][ T6083] loop0: detected capacity change from 0 to 1024
[  118.864123][ T6085] loop2: detected capacity change from 0 to 764
[  118.878222][ T6085] rock: directory entry would overflow storage
[  118.884739][ T6085] rock: sig=0x4f50, size=4, remaining=3
[  118.890684][ T6085] iso9660: Corrupted directory entry in block 6 of inode 1792
[  118.894613][ T6088] netlink: 'syz.1.883': attribute type 21 has an invalid length.
[  118.913646][ T6083] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.916811][ T6088] netlink: 156 bytes leftover after parsing attributes in process `syz.1.883'.
[  118.935145][ T6088] netlink: 4 bytes leftover after parsing attributes in process `syz.1.883'.
[  118.977586][ T6092] 9pnet_fd: Insufficient options for proto=fd
[  118.984802][ T6092] deleting an unspecified loop device is not supported.
[  119.002489][ T6085] Symlink component flag not implemented
[  119.008644][ T6094] netlink: 'syz.3.885': attribute type 1 has an invalid length.
[  119.035054][ T6099] Symlink component flag not implemented (129)
[  119.042243][ T6085] rock: directory entry would overflow storage
[  119.048807][ T6085] rock: sig=0x4f50, size=4, remaining=3
[  119.054609][ T6085] iso9660: Corrupted directory entry in block 6 of inode 1792
[  119.055724][ T6098] loop1: detected capacity change from 0 to 512
[  119.077805][ T6102] loop4: detected capacity change from 0 to 1024
[  119.079193][ T6094] 8021q: adding VLAN 0 to HW filter on device bond10
[  119.104237][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.109141][ T6094] ip6erspan0: entered promiscuous mode
[  119.116568][ T6098] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.124103][ T6094] bond10: (slave ip6erspan0): making interface the new active one
[  119.142654][ T6094] bond10: (slave ip6erspan0): Enslaving as an active interface with an up link
[  119.156483][ T6094] siw: device registration error -23
[  119.164015][ T6098] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.177415][ T6102] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.213787][ T6094] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=6094 comm=syz.3.885
[  119.231648][ T6094] macvlan2: entered promiscuous mode
[  119.237718][ T6094] bond10: entered promiscuous mode
[  119.246276][ T6102] FAULT_INJECTION: forcing a failure.
[  119.246276][ T6102] name failslab, interval 1, probability 0, space 0, times 0
[  119.259247][ T6102] CPU: 0 UID: 0 PID: 6102 Comm: syz.4.888 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  119.259282][ T6102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  119.259298][ T6102] Call Trace:
[  119.259307][ T6102]  <TASK>
[  119.259317][ T6102]  __dump_stack+0x1d/0x30
[  119.259342][ T6102]  dump_stack_lvl+0xe8/0x140
[  119.259361][ T6102]  dump_stack+0x15/0x1b
[  119.259377][ T6102]  should_fail_ex+0x265/0x280
[  119.259485][ T6102]  should_failslab+0x8c/0xb0
[  119.259518][ T6102]  __kmalloc_noprof+0xa5/0x3e0
[  119.259558][ T6102]  ? copy_splice_read+0xc2/0x660
[  119.259578][ T6102]  copy_splice_read+0xc2/0x660
[  119.259636][ T6102]  ? __pfx_ext4_file_splice_read+0x10/0x10
[  119.259681][ T6102]  splice_direct_to_actor+0x290/0x680
[  119.259708][ T6102]  ? __pfx_direct_splice_actor+0x10/0x10
[  119.259733][ T6102]  do_splice_direct+0xda/0x150
[  119.259835][ T6102]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  119.259911][ T6102]  do_sendfile+0x380/0x650
[  119.259963][ T6102]  __x64_sys_sendfile64+0x105/0x150
[  119.260054][ T6102]  x64_sys_call+0x2bb0/0x2ff0
[  119.260077][ T6102]  do_syscall_64+0xd2/0x200
[  119.260187][ T6102]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  119.260218][ T6102]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  119.260247][ T6102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.260330][ T6102] RIP: 0033:0x7fd866beeec9
[  119.260362][ T6102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.260386][ T6102] RSP: 002b:00007fd865657038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  119.260411][ T6102] RAX: ffffffffffffffda RBX: 00007fd866e45fa0 RCX: 00007fd866beeec9
[  119.260428][ T6102] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008
[  119.260444][ T6102] RBP: 00007fd865657090 R08: 0000000000000000 R09: 0000000000000000
[  119.260460][ T6102] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[  119.260476][ T6102] R13: 00007fd866e46038 R14: 00007fd866e45fa0 R15: 00007ffea8d07038
[  119.260529][ T6102]  </TASK>
[  119.278270][ T6094] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  119.309024][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.329213][ T6094] bond10: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  119.501107][ T6094] bond10: left promiscuous mode
[  119.502375][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.602870][ T6125] netlink: 64 bytes leftover after parsing attributes in process `syz.0.896'.
[  119.609067][ T6121] netlink: 'syz.1.894': attribute type 6 has an invalid length.
[  119.672908][ T6121] loop1: detected capacity change from 0 to 764
[  119.673004][ T6133] netlink: 'syz.0.900': attribute type 6 has an invalid length.
[  119.713577][ T6133] loop0: detected capacity change from 0 to 764
[  119.730973][ T6136] netlink: 'syz.4.901': attribute type 6 has an invalid length.
[  119.753306][ T6121] rock: directory entry would overflow storage
[  119.759759][ T6121] rock: sig=0x4f50, size=4, remaining=3
[  119.765567][ T6121] iso9660: Corrupted directory entry in block 6 of inode 1792
[  119.773682][ T6133] rock: directory entry would overflow storage
[  119.780219][ T6133] rock: sig=0x4f50, size=4, remaining=3
[  119.786434][ T6133] iso9660: Corrupted directory entry in block 6 of inode 1792
[  119.806190][ T6138] loop3: detected capacity change from 0 to 128
[  119.823430][ T6138] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  119.833654][ T6121] Symlink component flag not implemented
[  119.844314][ T6133] Symlink component flag not implemented
[  119.848707][ T6121] Symlink component flag not implemented (129)
[  119.853989][ T6133] Symlink component flag not implemented (129)
[  119.863030][ T6138] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  119.870931][ T6138] FAT-fs (loop3): Filesystem has been set read-only
[  119.879891][ T6133] rock: directory entry would overflow storage
[  119.886542][ T6133] rock: sig=0x4f50, size=4, remaining=3
[  119.892316][ T6133] iso9660: Corrupted directory entry in block 6 of inode 1792
[  119.893909][ T6138] syz.3.902: attempt to access beyond end of device
[  119.893909][ T6138] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  119.917758][ T6121] rock: directory entry would overflow storage
[  119.924016][ T6121] rock: sig=0x4f50, size=4, remaining=3
[  119.930137][ T6121] iso9660: Corrupted directory entry in block 6 of inode 1792
[  120.039844][ T6151] netlink: 124 bytes leftover after parsing attributes in process `syz.0.907'.
[  120.049108][ T6151] netlink: 40 bytes leftover after parsing attributes in process `syz.0.907'.
[  120.064824][ T6154] FAULT_INJECTION: forcing a failure.
[  120.064824][ T6154] name failslab, interval 1, probability 0, space 0, times 0
[  120.078033][ T6154] CPU: 0 UID: 0 PID: 6154 Comm: syz.3.909 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  120.078137][ T6154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  120.078162][ T6154] Call Trace:
[  120.078170][ T6154]  <TASK>
[  120.078184][ T6154]  __dump_stack+0x1d/0x30
[  120.078254][ T6154]  dump_stack_lvl+0xe8/0x140
[  120.078280][ T6154]  dump_stack+0x15/0x1b
[  120.078300][ T6154]  should_fail_ex+0x265/0x280
[  120.078325][ T6154]  should_failslab+0x8c/0xb0
[  120.078355][ T6154]  __kvmalloc_node_noprof+0x123/0x4e0
[  120.078427][ T6154]  ? io_alloc_cache_init+0x31/0xa0
[  120.078473][ T6154]  io_alloc_cache_init+0x31/0xa0
[  120.078522][ T6154]  io_ring_ctx_alloc+0x299/0x660
[  120.078558][ T6154]  io_uring_create+0x10f/0x610
[  120.078593][ T6154]  __se_sys_io_uring_setup+0x1f7/0x210
[  120.078634][ T6154]  __x64_sys_io_uring_setup+0x31/0x40
[  120.078671][ T6154]  x64_sys_call+0x2b21/0x2ff0
[  120.078693][ T6154]  do_syscall_64+0xd2/0x200
[  120.078749][ T6154]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  120.078781][ T6154]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  120.078825][ T6154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.078899][ T6154] RIP: 0033:0x7fd37a09eec9
[  120.078923][ T6154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.078942][ T6154] RSP: 002b:00007fd378b06fc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  120.078983][ T6154] RAX: ffffffffffffffda RBX: 00007fd37a2f5fa0 RCX: 00007fd37a09eec9
[  120.078995][ T6154] RDX: 0000200000000080 RSI: 0000200000000600 RDI: 0000000000004259
[  120.079010][ T6154] RBP: 0000200000000600 R08: 0000000000000000 R09: 0000200000000080
[  120.079027][ T6154] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  120.079043][ T6154] R13: 00002000000000c0 R14: 0000000000004259 R15: 0000200000000080
[  120.079127][ T6154]  </TASK>
[  120.340966][ T6163] loop3: detected capacity change from 0 to 128
[  120.360600][ T6163] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  120.387804][ T6163] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  120.395759][ T6163] FAT-fs (loop3): Filesystem has been set read-only
[  120.404065][ T6163] syz.3.913: attempt to access beyond end of device
[  120.404065][ T6163] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  120.485966][ T6165] netlink: 24 bytes leftover after parsing attributes in process `syz.0.910'.
[  120.516598][ T6169] netlink: 'syz.1.914': attribute type 6 has an invalid length.
[  120.545625][ T6169] loop1: detected capacity change from 0 to 764
[  120.566117][ T6169] rock: directory entry would overflow storage
[  120.572533][ T6169] rock: sig=0x4f50, size=4, remaining=3
[  120.578399][ T6169] iso9660: Corrupted directory entry in block 6 of inode 1792
[  120.676752][ T6169] Symlink component flag not implemented
[  120.703598][ T6169] Symlink component flag not implemented (129)
[  120.712183][ T6169] rock: directory entry would overflow storage
[  120.718416][ T6169] rock: sig=0x4f50, size=4, remaining=3
[  120.724526][ T6169] iso9660: Corrupted directory entry in block 6 of inode 1792
[  120.848438][ T6183] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8286 sclass=netlink_route_socket pid=6183 comm=syz.1.920
[  120.921532][ T6187] rdma_rxe: rxe_newlink: failed to add lo
[  121.058798][ T6198] netlink: 4 bytes leftover after parsing attributes in process `syz.4.925'.
[  121.129985][ T6184] netlink: 24 bytes leftover after parsing attributes in process `syz.2.919'.
[  121.340159][ T6198] batadv_slave_1: entered promiscuous mode
[  121.364016][ T6198] macsec1: entered promiscuous mode
[  121.369455][ T6198] macsec1: entered allmulticast mode
[  121.375026][ T6198] batadv_slave_1: entered allmulticast mode
[  121.387836][ T6216] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  121.439168][ T6198] batadv_slave_1: left allmulticast mode
[  121.445079][ T6198] batadv_slave_1: left promiscuous mode
[  121.550350][ T6224] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  121.561142][ T6224] 0ªî{X¹¦: entered allmulticast mode
[  121.567236][ T6224] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  122.416835][   T29] kauditd_printk_skb: 516 callbacks suppressed
[  122.416852][   T29] audit: type=1326 audit(1759178960.899:7434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6249 comm="syz.0.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  122.449469][   T29] audit: type=1326 audit(1759178960.909:7435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6249 comm="syz.0.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  122.473290][   T29] audit: type=1326 audit(1759178960.939:7436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6249 comm="syz.0.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  122.497329][   T29] audit: type=1326 audit(1759178960.939:7437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6249 comm="syz.0.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  122.521381][   T29] audit: type=1326 audit(1759178960.939:7438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6249 comm="syz.0.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  122.600208][ T6250] loop0: detected capacity change from 0 to 128
[  122.625731][   T29] audit: type=1326 audit(1759178960.939:7439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6249 comm="syz.0.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  122.649363][   T29] audit: type=1326 audit(1759178960.939:7440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6249 comm="syz.0.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  122.673123][   T29] audit: type=1326 audit(1759178960.939:7441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6249 comm="syz.0.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  122.697186][   T29] audit: type=1326 audit(1759178960.959:7442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6249 comm="syz.0.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  122.721255][   T29] audit: type=1326 audit(1759178960.959:7443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6249 comm="syz.0.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  122.759378][ T6258] loop1: detected capacity change from 0 to 1024
[  122.804708][ T6258] bridge0: entered promiscuous mode
[  122.810505][ T6258] macvtap1: entered allmulticast mode
[  122.816480][ T6258] bridge0: entered allmulticast mode
[  122.828969][ T6258] bridge0: port 3(macvtap1) entered blocking state
[  122.835640][ T6258] bridge0: port 3(macvtap1) entered disabled state
[  122.844350][ T6258] bridge0: left allmulticast mode
[  122.849450][ T6258] bridge0: left promiscuous mode
[  122.879193][ T6262] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  122.898113][ T6266] netlink: 'syz.0.948': attribute type 6 has an invalid length.
[  122.926256][ T6266] loop0: detected capacity change from 0 to 764
[  122.962820][ T6266] rock: directory entry would overflow storage
[  122.969221][ T6266] rock: sig=0x4f50, size=4, remaining=3
[  122.975058][ T6266] iso9660: Corrupted directory entry in block 6 of inode 1792
[  123.029593][ T6266] Symlink component flag not implemented
[  123.039862][ T6266] Symlink component flag not implemented (129)
[  123.051639][ T6275] loop1: detected capacity change from 0 to 128
[  123.062267][ T6266] rock: directory entry would overflow storage
[  123.068515][ T6266] rock: sig=0x4f50, size=4, remaining=3
[  123.074414][ T6266] iso9660: Corrupted directory entry in block 6 of inode 1792
[  123.087670][ T6277] loop2: detected capacity change from 0 to 128
[  123.089555][ T6275] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  123.097474][ T6277] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  123.119787][ T6277] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  123.128079][ T6277] FAT-fs (loop2): Filesystem has been set read-only
[  123.135907][ T6277] syz.2.953: attempt to access beyond end of device
[  123.135907][ T6277] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  123.157473][ T6275] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  123.166245][ T6275] FAT-fs (loop1): Filesystem has been set read-only
[  123.184173][ T6275] syz.1.952: attempt to access beyond end of device
[  123.184173][ T6275] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  123.206707][ T6280] loop2: detected capacity change from 0 to 128
[  123.223275][ T6280] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  123.262947][ T6280] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  123.270973][ T6280] FAT-fs (loop2): Filesystem has been set read-only
[  123.283277][ T6280] syz.2.954: attempt to access beyond end of device
[  123.283277][ T6280] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  123.875909][ T6299] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  123.896220][ T6298] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  123.915047][ T6298] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  123.938322][ T6303] netlink: 'syz.3.963': attribute type 6 has an invalid length.
[  123.939827][ T6298] IPVS: stopping master sync thread 6299 ...
[  123.952413][ T6303] loop3: detected capacity change from 0 to 764
[  123.969992][ T6303] rock: directory entry would overflow storage
[  123.976511][ T6303] rock: sig=0x4f50, size=4, remaining=3
[  123.982230][ T6303] iso9660: Corrupted directory entry in block 6 of inode 1792
[  124.009917][ T6303] Symlink component flag not implemented
[  124.015994][ T6303] Symlink component flag not implemented (129)
[  124.023057][ T6303] rock: directory entry would overflow storage
[  124.029259][ T6303] rock: sig=0x4f50, size=4, remaining=3
[  124.034895][ T6303] iso9660: Corrupted directory entry in block 6 of inode 1792
[  124.164033][ T6310] loop0: detected capacity change from 0 to 512
[  124.311451][ T6310] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.966: bg 0: block 5: invalid block bitmap
[  124.363236][ T6314] __nla_validate_parse: 6 callbacks suppressed
[  124.363253][ T6314] netlink: 24 bytes leftover after parsing attributes in process `syz.2.967'.
[  124.377721][ T6310] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  124.390061][ T6310] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.966: invalid indirect mapped block 3 (level 2)
[  124.425409][ T6319] loop3: detected capacity change from 0 to 1024
[  124.426653][ T6310] EXT4-fs (loop0): 2 truncates cleaned up
[  124.438775][ T6310] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.467541][ T6319] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  124.506380][ T6319] ext4 filesystem being mounted at /210/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.685952][ T6328] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.773585][ T6328] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.803088][ T6325] program syz.0.966 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  124.865209][ T6328] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.910755][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.933878][ T6328] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.001757][ T5889] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.023278][ T5889] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.032470][ T5889] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.040952][ T5889] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.309768][ T5915] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm kworker/u8:46: lblock 0 mapped to illegal pblock 0 (length 1)
[  125.326038][ T5915] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  125.338540][ T5915] EXT4-fs (loop3): This should not happen!! Data will be lost
[  125.338540][ T5915] 
[  125.534329][ T6342] netlink: 'syz.1.976': attribute type 6 has an invalid length.
[  125.589044][ T6342] loop1: detected capacity change from 0 to 764
[  125.636843][ T6342] rock: directory entry would overflow storage
[  125.643180][ T6342] rock: sig=0x4f50, size=4, remaining=3
[  125.648826][ T6342] iso9660: Corrupted directory entry in block 6 of inode 1792
[  125.765540][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  125.822547][ T6342] Symlink component flag not implemented
[  125.831274][ T6342] Symlink component flag not implemented (129)
[  125.845699][ T6342] rock: directory entry would overflow storage
[  125.852109][ T6342] rock: sig=0x4f50, size=4, remaining=3
[  125.857719][ T6342] iso9660: Corrupted directory entry in block 6 of inode 1792
[  126.086580][ T6358] loop1: detected capacity change from 0 to 1764
[  126.209037][ T6362] loop2: detected capacity change from 0 to 128
[  126.238771][ T6362] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  126.271687][ T6362] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  126.279750][ T6362] FAT-fs (loop2): Filesystem has been set read-only
[  126.286485][ T6362] syz.2.981: attempt to access beyond end of device
[  126.286485][ T6362] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  126.529365][ T6381] netlink: 'syz.2.989': attribute type 6 has an invalid length.
[  126.545295][ T6381] loop2: detected capacity change from 0 to 764
[  126.559238][ T6381] rock: directory entry would overflow storage
[  126.565766][ T6381] rock: sig=0x4f50, size=4, remaining=3
[  126.571665][ T6381] iso9660: Corrupted directory entry in block 6 of inode 1792
[  126.617253][ T6381] Symlink component flag not implemented
[  126.623398][ T6381] Symlink component flag not implemented (129)
[  126.630771][ T6381] rock: directory entry would overflow storage
[  126.637327][ T6381] rock: sig=0x4f50, size=4, remaining=3
[  126.643050][ T6381] iso9660: Corrupted directory entry in block 6 of inode 1792
[  127.209348][ T6394] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.323561][ T6394] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.372758][ T6394] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.432848][ T6394] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.608192][ T6405] loop2: detected capacity change from 0 to 128
[  127.640812][ T6405] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  127.656880][ T6402] netlink: 24 bytes leftover after parsing attributes in process `syz.0.995'.
[  127.667350][ T6405] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  127.675639][ T6405] FAT-fs (loop2): Filesystem has been set read-only
[  127.683290][ T6405] syz.2.996: attempt to access beyond end of device
[  127.683290][ T6405] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  127.707832][   T29] kauditd_printk_skb: 893 callbacks suppressed
[  127.707890][   T29] audit: type=1326 audit(1759178966.169:8337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6406 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  127.737819][   T29] audit: type=1326 audit(1759178966.169:8338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6406 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  127.761734][   T29] audit: type=1326 audit(1759178966.169:8339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6406 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  127.785195][   T29] audit: type=1326 audit(1759178966.169:8340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6406 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  127.809869][   T29] audit: type=1326 audit(1759178966.169:8341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6406 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  127.833271][   T29] audit: type=1326 audit(1759178966.169:8342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6406 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  127.856946][   T29] audit: type=1326 audit(1759178966.169:8343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6406 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  127.880629][   T29] audit: type=1326 audit(1759178966.169:8344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6406 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  127.903991][   T29] audit: type=1326 audit(1759178966.169:8345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6406 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  127.928245][   T29] audit: type=1326 audit(1759178966.169:8346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6406 comm="syz.4.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  127.966971][ T6414] FAULT_INJECTION: forcing a failure.
[  127.966971][ T6414] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.980347][ T6414] CPU: 0 UID: 0 PID: 6414 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[  127.980384][ T6414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  127.980401][ T6414] Call Trace:
[  127.980409][ T6414]  <TASK>
[  127.980445][ T6414]  __dump_stack+0x1d/0x30
[  127.980467][ T6414]  dump_stack_lvl+0xe8/0x140
[  127.980492][ T6414]  dump_stack+0x15/0x1b
[  127.980515][ T6414]  should_fail_ex+0x265/0x280
[  127.980596][ T6414]  should_fail+0xb/0x20
[  127.980625][ T6414]  should_fail_usercopy+0x1a/0x20
[  127.980657][ T6414]  copy_folio_from_iter_atomic+0x278/0x11b0
[  127.980740][ T6414]  ? shmem_write_begin+0xa8/0x190
[  127.980763][ T6414]  ? shmem_write_begin+0xe1/0x190
[  127.980788][ T6414]  generic_perform_write+0x2c2/0x490
[  127.980824][ T6414]  shmem_file_write_iter+0xc5/0xf0
[  127.980893][ T6414]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  127.980925][ T6414]  vfs_write+0x527/0x960
[  127.981095][ T6414]  ksys_write+0xda/0x1a0
[  127.981124][ T6414]  __x64_sys_write+0x40/0x50
[  127.981147][ T6414]  x64_sys_call+0x27fe/0x2ff0
[  127.981201][ T6414]  do_syscall_64+0xd2/0x200
[  127.981266][ T6414]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  127.981298][ T6414]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  127.981335][ T6414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.981365][ T6414] RIP: 0033:0x7f316c6fd97f
[  127.981385][ T6414] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  127.981503][ T6414] RSP: 002b:00007f316b166df0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  127.981595][ T6414] RAX: ffffffffffffffda RBX: 0000000000010000 RCX: 00007f316c6fd97f
[  127.981649][ T6414] RDX: 0000000000010000 RSI: 00007f3162d47000 RDI: 0000000000000005
[  127.981666][ T6414] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000020e
[  127.981683][ T6414] R10: 0000200000000842 R11: 0000000000000293 R12: 0000000000000005
[  127.981697][ T6414] R13: 00007f316b166ef0 R14: 00007f316b166eb0 R15: 00007f3162d47000
[  127.981717][ T6414]  </TASK>
[  128.188205][ T6414] loop2: detected capacity change from 0 to 128
[  128.195985][ T6407] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.313058][ T6407] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.373505][ T6426] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.389389][ T6407] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.404683][ T6427] lo speed is unknown, defaulting to 1000
[  128.414069][ T6425] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1003'.
[  128.445197][ T6407] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.463464][ T6426] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.513932][ T6426] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.530119][ T5867] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.545592][ T5867] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.558510][ T5867] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.573293][ T5885] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.587697][ T6426] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.644709][ T6435] netlink: 'syz.4.1007': attribute type 6 has an invalid length.
[  128.662782][ T5919] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.706454][ T5919] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.715020][ T5919] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.723761][ T5919] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.222162][ T6455] loop2: detected capacity change from 0 to 512
[  129.239906][ T6455] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1015: bg 0: block 5: invalid block bitmap
[  129.254737][ T6455] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  129.264625][ T6455] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1015: invalid indirect mapped block 3 (level 2)
[  129.283428][ T6455] EXT4-fs (loop2): 2 truncates cleaned up
[  129.290033][ T6455] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.315187][ T6455] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.353999][ T6466] mmap: syz.4.1019 (6466): VmData 29118464 exceed data ulimit 1587. Update limits or use boot option ignore_rlimit_data.
[  129.371611][ T6455] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.387987][ T6466] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1019'.
[  129.402526][ T6466] siw: device registration error -23
[  129.418935][ T6471] loop0: detected capacity change from 0 to 512
[  129.499276][ T6471] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1021: bg 0: block 5: invalid block bitmap
[  129.504536][ T6474] loop3: detected capacity change from 0 to 512
[  129.520485][ T6455] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.522676][ T6474] EXT4-fs: Ignoring removed mblk_io_submit option
[  129.531265][ T6471] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  129.547551][ T6471] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1021: invalid indirect mapped block 3 (level 2)
[  129.558846][ T6474] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  129.565527][ T6471] EXT4-fs (loop0): 2 truncates cleaned up
[  129.578313][ T6471] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.592554][ T6455] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.604204][ T6474] EXT4-fs (loop3): 1 truncate cleaned up
[  129.610309][ T6474] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.661079][ T6467] program syz.2.1015 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  129.674611][ T6467] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1015'.
[  129.805409][ T6479] program syz.0.1021 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  130.075920][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.346995][ T6496] loop0: detected capacity change from 0 to 164
[  130.439469][ T6498] loop0: detected capacity change from 0 to 512
[  130.455455][ T6498] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.456528][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.469829][ T6498] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.510335][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.552130][ T6504] loop3: detected capacity change from 0 to 128
[  130.585328][ T6508] loop0: detected capacity change from 0 to 2048
[  130.680347][ T6512] loop3: detected capacity change from 0 to 128
[  130.706618][ T6514] netlink: 'syz.0.1037': attribute type 6 has an invalid length.
[  130.723217][ T6514] loop0: detected capacity change from 0 to 764
[  130.769840][ T6514] Symlink component flag not implemented
[  130.786541][ T6514] Symlink component flag not implemented (129)
[  130.793954][ T6514] rock: directory entry would overflow storage
[  130.801071][ T6514] rock: sig=0x4f50, size=4, remaining=3
[  130.807046][ T6514] iso9660: Corrupted directory entry in block 6 of inode 1792
[  130.854094][ T6520] netlink: 'syz.0.1040': attribute type 6 has an invalid length.
[  130.866420][ T6520] loop0: detected capacity change from 0 to 764
[  130.879436][ T6520] rock: directory entry would overflow storage
[  130.886872][ T6520] rock: sig=0x4f50, size=4, remaining=3
[  130.892608][ T6520] iso9660: Corrupted directory entry in block 6 of inode 1792
[  130.914343][ T6520] Symlink component flag not implemented
[  130.920407][ T6520] Symlink component flag not implemented (129)
[  130.927550][ T6520] rock: directory entry would overflow storage
[  130.933797][ T6520] rock: sig=0x4f50, size=4, remaining=3
[  130.939515][ T6520] iso9660: Corrupted directory entry in block 6 of inode 1792
[  130.980307][ T6523] loop3: detected capacity change from 0 to 1024
[  130.999276][ T5919] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  131.010675][ T5919] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  131.017913][ T6527] loop0: detected capacity change from 0 to 512
[  131.025963][ T5919] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  131.051210][ T5915] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  131.071322][ T6523] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  131.088013][ T6523] ext4 filesystem being mounted at /226/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.122495][ T6527] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.135760][ T6527] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.184958][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.195453][ T6537] loop1: detected capacity change from 0 to 2048
[  131.203904][ T5885] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm kworker/u8:21: lblock 0 mapped to illegal pblock 0 (length 1)
[  131.220106][ T5885] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  131.232668][ T5885] EXT4-fs (loop3): This should not happen!! Data will be lost
[  131.232668][ T5885] 
[  131.248326][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  131.273030][ T3648] Alternate GPT is invalid, using primary GPT.
[  131.279667][ T3648]  loop1: p2 p3 p7
[  131.300673][ T6538] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1045'.
[  131.335249][ T6537] Alternate GPT is invalid, using primary GPT.
[  131.342153][ T6537]  loop1: p2 p3 p7
[  131.360114][ T6549] netlink: 'syz.0.1050': attribute type 6 has an invalid length.
[  131.374921][ T6549] loop0: detected capacity change from 0 to 764
[  131.398133][ T6550] loop3: detected capacity change from 0 to 1024
[  131.424506][ T6550] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  131.433034][ T6550] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  131.444050][ T6550] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  131.462560][ T6550] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  131.497299][ T6549] Symlink component flag not implemented
[  131.503320][ T6549] Symlink component flag not implemented (129)
[  131.510446][ T6549] rock: directory entry would overflow storage
[  131.516954][ T6549] rock: sig=0x4f50, size=4, remaining=3
[  131.522692][ T6549] iso9660: Corrupted directory entry in block 6 of inode 1792
[  131.527685][ T6550] EXT4-fs error (device loop3): ext4_get_journal_inode:5800: inode #17: comm syz.3.1049: iget: bad i_size value: 4398046511204
[  131.546230][ T6550] EXT4-fs (loop3): no journal found
[  131.547569][ T3501] udevd[3501]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  131.567784][ T3293] udevd[3293]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory
[  131.589021][ T3648] udevd[3648]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  131.626574][ T6555] loop0: detected capacity change from 0 to 512
[  131.632514][ T6550] netlink: 'syz.3.1049': attribute type 4 has an invalid length.
[  131.645032][ T6557] netlink: 'syz.1.1053': attribute type 6 has an invalid length.
[  131.664357][ T6557] loop1: detected capacity change from 0 to 512
[  131.667218][ T6555] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.683888][ T6555] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.697601][ T6557] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.710329][ T6557] ext4 filesystem being mounted at /206/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  131.735696][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.768314][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.846319][ T6569] loop1: detected capacity change from 0 to 164
[  131.895440][ T6573] FAULT_INJECTION: forcing a failure.
[  131.895440][ T6573] name failslab, interval 1, probability 0, space 0, times 0
[  131.908327][ T6573] CPU: 0 UID: 0 PID: 6573 Comm: syz.1.1059 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  131.908424][ T6573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  131.908437][ T6573] Call Trace:
[  131.908444][ T6573]  <TASK>
[  131.908452][ T6573]  __dump_stack+0x1d/0x30
[  131.908500][ T6573]  dump_stack_lvl+0xe8/0x140
[  131.908526][ T6573]  dump_stack+0x15/0x1b
[  131.908548][ T6573]  should_fail_ex+0x265/0x280
[  131.908654][ T6573]  should_failslab+0x8c/0xb0
[  131.908682][ T6573]  kmem_cache_alloc_noprof+0x50/0x310
[  131.908721][ T6573]  ? alloc_vfsmnt+0x2d/0x300
[  131.908764][ T6573]  alloc_vfsmnt+0x2d/0x300
[  131.908805][ T6573]  clone_mnt+0x46/0x630
[  131.908838][ T6573]  copy_tree+0xb9/0x8c0
[  131.908919][ T6573]  ? proc_alloc_inum+0x4f/0x70
[  131.909042][ T6573]  copy_mnt_ns+0x120/0x5c0
[  131.909070][ T6573]  ? kmem_cache_alloc_noprof+0x220/0x310
[  131.909106][ T6573]  ? create_new_namespaces+0x3c/0x3d0
[  131.909145][ T6573]  create_new_namespaces+0x83/0x3d0
[  131.909185][ T6573]  unshare_nsproxy_namespaces+0xe8/0x120
[  131.909273][ T6573]  ksys_unshare+0x3d0/0x6d0
[  131.909309][ T6573]  ? ksys_write+0x192/0x1a0
[  131.909335][ T6573]  __x64_sys_unshare+0x1f/0x30
[  131.909364][ T6573]  x64_sys_call+0x2911/0x2ff0
[  131.909463][ T6573]  do_syscall_64+0xd2/0x200
[  131.909569][ T6573]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  131.909601][ T6573]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  131.909639][ T6573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.909668][ T6573] RIP: 0033:0x7f7e674eeec9
[  131.909688][ T6573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.909788][ T6573] RSP: 002b:00007f7e65f57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  131.909810][ T6573] RAX: ffffffffffffffda RBX: 00007f7e67745fa0 RCX: 00007f7e674eeec9
[  131.909822][ T6573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c020400
[  131.909902][ T6573] RBP: 00007f7e65f57090 R08: 0000000000000000 R09: 0000000000000000
[  131.909914][ T6573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.909926][ T6573] R13: 00007f7e67746038 R14: 00007f7e67745fa0 R15: 00007ffdb33dfe18
[  131.909945][ T6573]  </TASK>
[  132.456411][ T6594] loop3: detected capacity change from 0 to 164
[  132.805512][ T6601] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1071'.
[  132.865464][   T29] kauditd_printk_skb: 1014 callbacks suppressed
[  132.865502][   T29] audit: type=1400 audit(1759178971.349:9361): avc:  denied  { write } for  pid=6599 comm="syz.3.1071" name="snmp" dev="proc" ino=4026532639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  132.916622][ T6603] loop1: detected capacity change from 0 to 164
[  132.932722][ T6603] iso9660: Unknown parameter '<'
[  132.960704][ T6608] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1069'.
[  132.970570][ T6608] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1069'.
[  133.065123][ T6610] syz.3.1072 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  133.079727][   T29] audit: type=1400 audit(1759178971.539:9362): avc:  denied  { read } for  pid=6609 comm="syz.3.1072" dev="nsfs" ino=4026532609 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  133.101608][   T29] audit: type=1400 audit(1759178971.549:9363): avc:  denied  { open } for  pid=6609 comm="syz.3.1072" path="net:[4026532609]" dev="nsfs" ino=4026532609 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  133.232339][   T29] audit: type=1326 audit(1759178971.719:9364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6616 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37a09eec9 code=0x7ffc0000
[  133.255910][   T29] audit: type=1326 audit(1759178971.719:9365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6616 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37a09eec9 code=0x7ffc0000
[  133.279720][   T29] audit: type=1326 audit(1759178971.719:9366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6616 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd37a09eec9 code=0x7ffc0000
[  133.303314][   T29] audit: type=1326 audit(1759178971.719:9367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6616 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37a09eec9 code=0x7ffc0000
[  133.327206][   T29] audit: type=1326 audit(1759178971.719:9368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6616 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37a09eec9 code=0x7ffc0000
[  133.354940][   T29] audit: type=1326 audit(1759178971.719:9369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6616 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd37a09eec9 code=0x7ffc0000
[  133.378895][   T29] audit: type=1326 audit(1759178971.719:9370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6616 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd37a09eec9 code=0x7ffc0000
[  133.759361][ T6629] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1079'.
[  134.224014][ T6637] netlink: 'syz.3.1083': attribute type 6 has an invalid length.
[  134.245620][ T6637] loop3: detected capacity change from 0 to 512
[  134.270020][ T6637] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.283425][ T6637] ext4 filesystem being mounted at /239/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  134.299834][ T5915] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  134.323961][ T5915] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  134.334163][ T5915] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  134.343460][ T5915] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  134.350010][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.369962][ T6635] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1082'.
[  134.437675][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.586536][ T6655] loop2: detected capacity change from 0 to 512
[  134.626907][ T6655] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.651301][ T6655] ext4 filesystem being mounted at /210/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  134.706963][ T6655] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1088: corrupted inode contents
[  134.751045][ T6655] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.1088: mark_inode_dirty error
[  134.771212][ T5885] failed while handling packet from 1:16384
[  134.771239][ T5885] failed while handling packet from 1:16384
[  134.795793][ T6665] loop3: detected capacity change from 0 to 128
[  134.818612][ T6655] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1088: corrupted inode contents
[  134.818820][ T5885] failed while handling packet from 1:16384
[  134.841263][ T6646] delete_channel: no stack
[  134.859798][ T5885] failed while handling packet from 1:16384
[  134.859822][ T5885] failed while handling packet from 1:16384
[  134.866974][ T5885] failed while handling packet from 1:16384
[  134.881256][ T5885] failed while handling packet from 1:16384
[  134.921848][ T6655] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.1088: mark_inode_dirty error
[  134.940060][ T5885] failed while handling packet from 1:16384
[  134.940096][ T5885] failed while handling packet from 1:16384
[  134.951817][ T5885] failed while handling packet from 1:16384
[  134.957913][ T5885] failed while handling packet from 1:16384
[  134.966640][ T5885] failed while handling packet from 1:16384
[  134.973730][ T5885] failed while handling packet from 1:16384
[  134.980102][ T5885] failed while handling packet from 1:16384
[  135.018524][ T5885] failed while handling packet from 1:16384
[  135.055929][ T5885] failed while handling packet from 1:16384
[  135.073949][ T5885] failed while handling packet from 1:16384
[  135.092760][ T5885] failed while handling packet from 1:16384
[  135.119519][ T5885] failed while handling packet from 1:16384
[  135.148443][ T5885] failed while handling packet from 1:16384
[  135.180233][ T5885] failed while handling packet from 1:16384
[  135.212242][ T5885] failed while handling packet from 1:16384
[  135.235012][ T5885] failed while handling packet from 1:16384
[  135.242606][ T5885] failed while handling packet from 1:16384
[  135.248626][ T5885] failed while handling packet from 1:16384
[  135.263139][ T5885] failed while handling packet from 1:16384
[  135.279106][ T5885] failed while handling packet from 1:16384
[  135.298873][ T5885] failed while handling packet from 1:16384
[  135.335592][ T5885] failed while handling packet from 1:16384
[  135.335933][ T6684] loop1: detected capacity change from 0 to 512
[  135.347807][ T5885] failed while handling packet from 1:16384
[  135.362567][ T5885] failed while handling packet from 1:16384
[  135.379998][ T5885] failed while handling packet from 1:16384
[  135.407975][ T5885] failed while handling packet from 1:16384
[  135.428635][ T5885] failed while handling packet from 1:16384
[  135.439615][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.475327][ T5885] failed while handling packet from 1:16384
[  135.475352][ T5885] failed while handling packet from 1:16384
[  135.485691][ T5885] failed while handling packet from 1:16384
[  135.512359][ T5885] failed while handling packet from 1:16384
[  135.532141][ T5885] failed while handling packet from 1:16384
[  135.538360][ T5885] failed while handling packet from 1:16384
[  135.565914][ T5885] failed while handling packet from 1:16384
[  135.573434][ T5885] failed while handling packet from 1:16384
[  135.580115][ T5885] failed while handling packet from 1:16384
[  135.589202][ T5885] failed while handling packet from 1:16384
[  135.597155][ T5885] failed while handling packet from 1:16384
[  135.603647][ T5885] failed while handling packet from 1:16384
[  135.609733][ T5885] failed while handling packet from 1:16384
[  135.617771][ T5885] failed while handling packet from 1:16384
[  135.624470][ T5885] failed while handling packet from 1:16384
[  135.630582][ T5885] failed while handling packet from 1:16384
[  135.638043][ T5885] failed while handling packet from 1:16384
[  135.644222][ T5885] failed while handling packet from 1:16384
[  135.650349][ T5885] failed while handling packet from 1:16384
[  135.657791][ T5885] failed while handling packet from 1:16384
[  135.664927][ T5885] failed while handling packet from 1:16384
[  135.706882][ T5885] failed while handling packet from 1:16384
[  135.720970][ T5885] failed while handling packet from 1:16384
[  135.768216][ T5885] failed while handling packet from 1:16384
[  135.788313][ T5885] failed while handling packet from 1:16384
[  135.804212][ T5885] failed while handling packet from 1:16384
[  135.814881][ T6692] loop1: detected capacity change from 0 to 128
[  135.828612][ T5885] failed while handling packet from 1:16384
[  135.828645][ T5885] failed while handling packet from 1:16384
[  135.835756][ T5885] failed while handling packet from 1:16384
[  135.872831][ T5885] failed while handling packet from 1:16384
[  135.907423][ T5885] failed while handling packet from 1:16384
[  135.924782][ T5885] failed while handling packet from 1:16384
[  135.939195][ T5885] failed while handling packet from 1:16384
[  135.963236][ T5885] failed while handling packet from 1:16384
[  135.984873][ T5885] failed while handling packet from 1:16384
[  135.999840][ T6694] loop1: detected capacity change from 0 to 128
[  136.015740][ T5885] failed while handling packet from 1:16384
[  136.015777][ T5885] failed while handling packet from 1:16384
[  136.022560][ T5885] failed while handling packet from 1:16384
[  136.028659][ T5885] failed while handling packet from 1:16384
[  136.063043][ T5885] failed while handling packet from 1:16384
[  136.106621][ T5885] failed while handling packet from 1:16384
[  136.135683][ T5885] failed while handling packet from 1:16384
[  136.143030][ T5885] failed while handling packet from 1:16384
[  136.152138][ T5885] failed while handling packet from 1:16384
[  136.159445][ T5885] failed while handling packet from 1:16384
[  136.171255][ T6695] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1099'.
[  136.194466][ T5885] failed while handling packet from 1:16384
[  136.194580][ T5885] failed while handling packet from 1:16384
[  136.200850][ T5885] failed while handling packet from 1:16384
[  136.225289][ T5885] failed while handling packet from 1:16384
[  136.237562][ T5885] failed while handling packet from 1:16384
[  136.243858][ T5885] failed while handling packet from 1:16384
[  136.249874][ T5885] failed while handling packet from 1:16384
[  136.256187][ T5885] failed while handling packet from 1:16384
[  136.262715][ T5885] failed while handling packet from 1:16384
[  136.268775][ T5885] failed while handling packet from 1:16384
[  136.275176][ T5885] failed while handling packet from 1:16384
[  136.281158][ T5885] failed while handling packet from 1:16384
[  136.287163][ T5885] failed while handling packet from 1:16384
[  136.293587][ T5885] failed while handling packet from 1:16384
[  136.293639][ T5885] failed while handling packet from 1:16384
[  136.293661][ T5885] failed while handling packet from 1:16384
[  136.293686][ T5885] failed while handling packet from 1:16384
[  136.320473][ T5885] failed while handling packet from 1:16384
[  136.326766][ T5885] failed while handling packet from 1:16384
[  136.333057][ T5885] failed while handling packet from 1:16384
[  136.341309][ T5885] failed while handling packet from 1:16384
[  136.347555][ T5885] failed while handling packet from 1:16384
[  136.353701][ T5885] failed while handling packet from 1:16384
[  136.359626][ T5885] failed while handling packet from 1:16384
[  136.365834][ T5885] failed while handling packet from 1:16384
[  136.372017][ T5885] failed while handling packet from 1:16384
[  136.377950][ T5885] failed while handling packet from 1:16384
[  136.384511][ T5885] failed while handling packet from 1:16384
[  136.410107][ T5885] failed while handling packet from 1:16384
[  136.424726][ T5885] failed while handling packet from 1:16384
[  136.448865][ T5885] failed while handling packet from 1:16384
[  136.458452][ T5885] failed while handling packet from 1:16384
[  136.460453][ T6713] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1110'.
[  136.475473][ T5885] failed while handling packet from 1:16384
[  136.480627][ T5885] failed while handling packet from 1:16384
[  136.497497][ T5885] failed while handling packet from 1:16384
[  136.503586][ T6713] netlink: zone id is out of range
[  136.539385][ T6715] loop3: detected capacity change from 0 to 512
[  136.545936][ T6713] netlink: zone id is out of range
[  136.545960][ T5885] failed while handling packet from 1:16384
[  136.551323][ T6713] netlink: zone id is out of range
[  136.565013][ T6715] EXT4-fs: Ignoring removed orlov option
[  136.571178][ T5885] failed while handling packet from 1:16384
[  136.571267][ T5885] failed while handling packet from 1:16384
[  136.577917][ T5885] failed while handling packet from 1:16384
[  136.584513][ T6713] netlink: zone id is out of range
[  136.613253][ T5885] failed while handling packet from 1:16384
[  136.613283][ T5885] failed while handling packet from 1:16384
[  136.620526][ T6715] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.643446][ T5885] failed while handling packet from 1:16384
[  136.643474][ T5885] failed while handling packet from 1:16384
[  136.649616][ T5885] failed while handling packet from 1:16384
[  136.656102][ T6715] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.666301][ T5885] failed while handling packet from 1:16384
[  136.681423][ T6713] netlink: zone id is out of range
[  136.693224][ T6713] netlink: zone id is out of range
[  136.697922][ T5885] failed while handling packet from 1:16384
[  136.698348][ T6713] netlink: zone id is out of range
[  136.698360][ T6713] netlink: zone id is out of range
[  136.698367][ T6713] netlink: zone id is out of range
[  136.698376][ T6713] netlink: del zone limit has 8 unknown bytes
[  136.698438][ T6715] FAULT_INJECTION: forcing a failure.
[  136.698438][ T6715] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.731072][ T5885] failed while handling packet from 1:16384
[  136.739980][ T6715] CPU: 0 UID: 0 PID: 6715 Comm: syz.3.1111 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  136.740010][ T6715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  136.740026][ T6715] Call Trace:
[  136.740033][ T6715]  <TASK>
[  136.740041][ T6715]  __dump_stack+0x1d/0x30
[  136.740083][ T6715]  dump_stack_lvl+0xe8/0x140
[  136.740108][ T6715]  dump_stack+0x15/0x1b
[  136.740130][ T6715]  should_fail_ex+0x265/0x280
[  136.740160][ T6715]  should_fail+0xb/0x20
[  136.740228][ T6715]  should_fail_usercopy+0x1a/0x20
[  136.740322][ T6715]  copy_fpstate_to_sigframe+0x628/0x7d0
[  136.740358][ T6715]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[  136.740472][ T6715]  ? x86_task_fpu+0x36/0x60
[  136.740509][ T6715]  get_sigframe+0x34d/0x490
[  136.740532][ T6715]  ? get_signal+0xdc8/0xf70
[  136.740558][ T6715]  x64_setup_rt_frame+0xa8/0x580
[  136.740625][ T6715]  arch_do_signal_or_restart+0x27c/0x480
[  136.740652][ T6715]  exit_to_user_mode_loop+0x7a/0x100
[  136.740674][ T6715]  do_syscall_64+0x1d6/0x200
[  136.740840][ T6715]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  136.740950][ T6715]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  136.740991][ T6715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.741013][ T6715] RIP: 0033:0x7fd37a09eec7
[  136.741030][ T6715] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  136.741128][ T6715] RSP: 002b:00007fd378b07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  136.741148][ T6715] RAX: 0000000000000013 RBX: 00007fd37a2f5fa0 RCX: 00007fd37a09eec9
[  136.741165][ T6715] RDX: 0000000000000001 RSI: 00002000000009c0 RDI: 0000000000000009
[  136.741182][ T6715] RBP: 00007fd378b07090 R08: 0000000000000000 R09: 0000000000000000
[  136.741198][ T6715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.741220][ T6715] R13: 00007fd37a2f6038 R14: 00007fd37a2f5fa0 R15: 00007ffcdf11d308
[  136.741239][ T6715]  </TASK>
[  136.945939][ T5885] failed while handling packet from 1:16384
[  136.945961][ T5885] failed while handling packet from 1:16384
[  136.952793][ T5885] failed while handling packet from 1:16384
[  136.959798][ T5885] failed while handling packet from 1:16384
[  136.983433][ T6725] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1111: bg 0: block 328: padding at end of block bitmap is not set
[  136.986005][ T5885] failed while handling packet from 1:16384
[  137.014166][ T6731] loop0: detected capacity change from 0 to 512
[  137.029341][ T5885] failed while handling packet from 1:16384
[  137.029362][ T5885] failed while handling packet from 1:16384
[  137.088590][ T6731] EXT4-fs: Ignoring removed mblk_io_submit option
[  137.101650][ T5885] failed while handling packet from 1:16384
[  137.101756][ T5885] failed while handling packet from 1:16384
[  137.107724][ T5885] failed while handling packet from 1:16384
[  137.113735][ T5885] failed while handling packet from 1:16384
[  137.119651][ T5885] failed while handling packet from 1:16384
[  137.125697][ T5885] failed while handling packet from 1:16384
[  137.131712][ T5885] failed while handling packet from 1:16384
[  137.145211][ T5885] failed while handling packet from 1:16384
[  137.151567][ T5885] failed while handling packet from 1:16384
[  137.157859][ T5885] failed while handling packet from 1:16384
[  137.164226][ T5885] failed while handling packet from 1:16384
[  137.170852][ T5885] failed while handling packet from 1:16384
[  137.178757][ T6731] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  137.221304][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.232683][ T6731] EXT4-fs (loop0): 1 truncate cleaned up
[  137.238748][ T6731] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.255354][ T5885] failed while handling packet from 1:16384
[  137.255381][ T5885] failed while handling packet from 1:16384
[  137.266471][ T5885] failed while handling packet from 1:16384
[  137.297594][ T5885] failed while handling packet from 1:16384
[  137.332742][ T5885] failed while handling packet from 1:16384
[  137.338843][ T5885] failed while handling packet from 1:16384
[  137.351172][ T5885] failed while handling packet from 1:16384
[  137.364070][ T5885] failed while handling packet from 1:16384
[  137.370077][ T5885] failed while handling packet from 1:16384
[  137.446610][ T5885] failed while handling packet from 1:16384
[  137.461927][ T5885] failed while handling packet from 1:16384
[  137.470544][ T5885] failed while handling packet from 1:16384
[  137.504839][ T5885] failed while handling packet from 1:16384
[  137.510955][ T5885] failed while handling packet from 1:16384
[  137.517052][ T5885] failed while handling packet from 1:16384
[  137.522996][ T5885] failed while handling packet from 1:16384
[  137.529073][ T5885] failed while handling packet from 1:16384
[  137.535208][ T5885] failed while handling packet from 1:16384
[  137.541524][ T5885] failed while handling packet from 1:16384
[  137.547479][ T5885] failed while handling packet from 1:16384
[  137.553488][ T5885] failed while handling packet from 1:16384
[  137.598764][ T6751] loop2: detected capacity change from 0 to 512
[  137.605092][ T5885] failed while handling packet from 1:16384
[  137.611515][ T5885] failed while handling packet from 1:16384
[  137.619776][ T5885] failed while handling packet from 1:16384
[  137.636453][ T5885] failed while handling packet from 1:16384
[  137.642006][ T6752] netlink: 'syz.4.1124': attribute type 6 has an invalid length.
[  137.651120][ T5885] failed while handling packet from 1:16384
[  137.665469][ T6751] EXT4-fs: Ignoring removed mblk_io_submit option
[  137.679873][ T5885] failed while handling packet from 1:16384
[  137.679895][ T5885] failed while handling packet from 1:16384
[  137.690602][ T5885] failed while handling packet from 1:16384
[  137.696938][ T6751] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  137.727536][ T5885] failed while handling packet from 1:16384
[  137.727562][ T5885] failed while handling packet from 1:16384
[  137.735280][ T5885] failed while handling packet from 1:16384
[  137.744024][ T5885] failed while handling packet from 1:16384
[  137.750081][ T5885] failed while handling packet from 1:16384
[  137.756384][ T5885] failed while handling packet from 1:16384
[  137.764323][ T6751] EXT4-fs (loop2): 1 truncate cleaned up
[  137.776839][ T6751] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.800918][ T5885] failed while handling packet from 1:16384
[  137.800947][ T5885] failed while handling packet from 1:16384
[  137.807295][ T6754] loop3: detected capacity change from 0 to 512
[  137.820461][ T5885] failed while handling packet from 1:16384
[  137.820486][ T5885] failed while handling packet from 1:16384
[  137.822763][ T6754] EXT4-fs: Ignoring removed mblk_io_submit option
[  137.845177][ T5885] failed while handling packet from 1:16384
[  137.845207][ T5885] failed while handling packet from 1:16384
[  137.851937][ T5885] failed while handling packet from 1:16384
[  137.858237][ T5885] failed while handling packet from 1:16384
[  137.864489][ T6754] EXT4-fs (loop3): failed to initialize system zone (-117)
[  137.900778][ T6754] EXT4-fs (loop3): mount failed
[  137.920482][ T5885] failed while handling packet from 1:16384
[  137.920510][ T5885] failed while handling packet from 1:16384
[  137.926573][   T29] kauditd_printk_skb: 744 callbacks suppressed
[  137.926591][   T29] audit: type=1400 audit(1759178976.399:10115): avc:  denied  { write } for  pid=6753 comm="syz.3.1125" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  137.933112][ T5885] failed while handling packet from 1:16384
[  137.939248][ T6754] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1125'.
[  137.958563][ T5885] failed while handling packet from 1:16384
[  137.973680][ T5885] failed while handling packet from 1:16384
[  137.979603][ T5885] failed while handling packet from 1:16384
[  137.985777][ T5885] failed while handling packet from 1:16384
[  137.991824][ T5885] failed while handling packet from 1:16384
[  137.997845][ T5885] failed while handling packet from 1:16384
[  138.003799][ T5885] failed while handling packet from 1:16384
[  138.009753][ T5885] failed while handling packet from 1:16384
[  138.016130][ T5885] failed while handling packet from 1:16384
[  138.022952][ T5885] failed while handling packet from 1:16384
[  138.029045][ T5885] failed while handling packet from 1:16384
[  138.035427][ T6754] bond0: Unable to set down delay as MII monitoring is disabled
[  138.035862][ T5885] failed while handling packet from 1:16384
[  138.044486][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.049848][ T5885] failed while handling packet from 1:16384
[  138.065634][ T5885] failed while handling packet from 1:16384
[  138.071709][ T5885] failed while handling packet from 1:16384
[  138.078006][ T5885] failed while handling packet from 1:16384
[  138.084092][ T5885] failed while handling packet from 1:16384
[  138.090256][ T5885] failed while handling packet from 1:16384
[  138.096341][ T5885] failed while handling packet from 1:16384
[  138.111157][ T5885] failed while handling packet from 1:16384
[  138.117717][ T5885] failed while handling packet from 1:16384
[  138.161437][ T5885] failed while handling packet from 1:16384
[  138.167541][ T5885] failed while handling packet from 1:16384
[  138.182958][ T6764] loop0: detected capacity change from 0 to 2048
[  138.191046][ T5885] failed while handling packet from 1:16384
[  138.199731][ T5885] failed while handling packet from 1:16384
[  138.219197][ T5885] failed while handling packet from 1:16384
[  138.251477][ T5885] failed while handling packet from 1:16384
[  138.263209][ T6764] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.273286][   T29] audit: type=1400 audit(1759178976.749:10116): avc:  denied  { unmount } for  pid=3300 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  138.290324][ T5885] failed while handling packet from 1:16384
[  138.312633][   T29] audit: type=1400 audit(1759178976.789:10117): avc:  denied  { unmount } for  pid=3300 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  138.322185][ T6778] netlink: 'syz.3.1131': attribute type 10 has an invalid length.
[  138.346903][ T6778] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1131'.
[  138.366807][ T5885] failed while handling packet from 1:16384
[  138.366864][ T5885] failed while handling packet from 1:16384
[  138.373093][ T6778] vlan0: entered promiscuous mode
[  138.384249][ T6778] vlan0: entered allmulticast mode
[  138.389543][ T6778] veth0_vlan: entered allmulticast mode
[  138.395892][ T6778] bridge0: port 3(vlan0) entered blocking state
[  138.402410][ T6778] bridge0: port 3(vlan0) entered disabled state
[  138.409739][ T6778] bridge0: port 3(vlan0) entered blocking state
[  138.416280][ T6778] bridge0: port 3(vlan0) entered forwarding state
[  138.424618][ T5885] failed while handling packet from 1:16384
[  138.424643][ T5885] failed while handling packet from 1:16384
[  138.430675][ T5885] failed while handling packet from 1:16384
[  138.461682][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.524578][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.546943][ T6792] loop1: detected capacity change from 0 to 512
[  138.580235][ T6796] loop0: detected capacity change from 0 to 512
[  138.618191][ T6792] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1138: bg 0: block 5: invalid block bitmap
[  138.631254][ T6796] EXT4-fs: Ignoring removed mblk_io_submit option
[  138.639670][   T29] audit: type=1400 audit(1759178977.099:10118): avc:  denied  { ioctl } for  pid=6797 comm="syz.2.1139" path="/216/file0" dev="tmpfs" ino=1182 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  138.679047][ T6796] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  138.717025][ T6792] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  138.743901][ T6796] EXT4-fs (loop0): 1 truncate cleaned up
[  138.750196][ T6796] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.761464][ T6792] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1138: invalid indirect mapped block 3 (level 2)
[  138.779439][   T29] audit: type=1326 audit(1759178977.259:10119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6793 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  138.812941][ T6792] EXT4-fs (loop1): 2 truncates cleaned up
[  138.824727][ T6792] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.838078][   T29] audit: type=1326 audit(1759178977.259:10120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6793 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  138.861840][   T29] audit: type=1326 audit(1759178977.259:10121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6793 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  138.886064][   T29] audit: type=1326 audit(1759178977.259:10122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6793 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  138.909850][   T29] audit: type=1326 audit(1759178977.259:10123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6793 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  138.933608][   T29] audit: type=1326 audit(1759178977.259:10124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6793 comm="syz.0.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  139.034282][ T6798] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1139'.
[  139.294300][ T6815] loop2: detected capacity change from 0 to 512
[  139.353769][ T6815] EXT4-fs: Ignoring removed mblk_io_submit option
[  139.434029][ T6815] EXT4-fs (loop2): failed to initialize system zone (-117)
[  139.441881][ T6815] EXT4-fs (loop2): mount failed
[  139.457167][ T6821] loop3: detected capacity change from 0 to 2048
[  139.507484][ T6821] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.592531][ T6792] program syz.1.1138 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  139.611849][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.686690][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.730323][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.753296][ T6831] FAULT_INJECTION: forcing a failure.
[  139.753296][ T6831] name failslab, interval 1, probability 0, space 0, times 0
[  139.766197][ T6831] CPU: 0 UID: 0 PID: 6831 Comm: syz.0.1148 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  139.766230][ T6831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  139.766246][ T6831] Call Trace:
[  139.766255][ T6831]  <TASK>
[  139.766264][ T6831]  __dump_stack+0x1d/0x30
[  139.766290][ T6831]  dump_stack_lvl+0xe8/0x140
[  139.766315][ T6831]  dump_stack+0x15/0x1b
[  139.766344][ T6831]  should_fail_ex+0x265/0x280
[  139.766369][ T6831]  should_failslab+0x8c/0xb0
[  139.766395][ T6831]  kmem_cache_alloc_node_noprof+0x57/0x320
[  139.766430][ T6831]  ? __alloc_skb+0x101/0x320
[  139.766483][ T6831]  __alloc_skb+0x101/0x320
[  139.766506][ T6831]  netlink_alloc_large_skb+0xba/0xf0
[  139.766527][ T6831]  netlink_sendmsg+0x3cf/0x6b0
[  139.766634][ T6831]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.766665][ T6831]  __sock_sendmsg+0x145/0x180
[  139.766707][ T6831]  ____sys_sendmsg+0x31e/0x4e0
[  139.766738][ T6831]  ___sys_sendmsg+0x17b/0x1d0
[  139.766809][ T6831]  __x64_sys_sendmsg+0xd4/0x160
[  139.766839][ T6831]  x64_sys_call+0x191e/0x2ff0
[  139.766866][ T6831]  do_syscall_64+0xd2/0x200
[  139.766911][ T6831]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  139.766984][ T6831]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  139.767049][ T6831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.767075][ T6831] RIP: 0033:0x7ff5ab7feec9
[  139.767091][ T6831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.767109][ T6831] RSP: 002b:00007ff5aa267038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.767128][ T6831] RAX: ffffffffffffffda RBX: 00007ff5aba55fa0 RCX: 00007ff5ab7feec9
[  139.767140][ T6831] RDX: 0000000020000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  139.767168][ T6831] RBP: 00007ff5aa267090 R08: 0000000000000000 R09: 0000000000000000
[  139.767183][ T6831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.767199][ T6831] R13: 00007ff5aba56038 R14: 00007ff5aba55fa0 R15: 00007ffd45b3a1b8
[  139.767222][ T6831]  </TASK>
[  140.062254][ T6835] loop0: detected capacity change from 0 to 128
[  140.090892][ T6835] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  140.108398][ T6835] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  140.116981][ T6835] FAT-fs (loop0): Filesystem has been set read-only
[  140.125030][ T6835] syz.0.1151: attempt to access beyond end of device
[  140.125030][ T6835] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  140.190949][ T6841] netlink: 'syz.1.1153': attribute type 6 has an invalid length.
[  140.217583][ T6841] loop1: detected capacity change from 0 to 764
[  140.253780][ T6841] rock: directory entry would overflow storage
[  140.260799][ T6841] rock: sig=0x4f50, size=4, remaining=3
[  140.267039][ T6841] iso9660: Corrupted directory entry in block 6 of inode 1792
[  140.342255][ T6841] Symlink component flag not implemented
[  140.359156][ T6841] Symlink component flag not implemented (129)
[  140.384683][ T6841] rock: directory entry would overflow storage
[  140.387640][ T6849] loop0: detected capacity change from 0 to 2048
[  140.391762][ T6841] rock: sig=0x4f50, size=4, remaining=3
[  140.403929][ T6841] iso9660: Corrupted directory entry in block 6 of inode 1792
[  140.431922][ T6849] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.479765][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.619445][ T6864] loop1: detected capacity change from 0 to 764
[  140.619952][ T6871] netlink: 'syz.2.1164': attribute type 39 has an invalid length.
[  140.671422][ T6864] rock: directory entry would overflow storage
[  140.677681][ T6864] rock: sig=0x4f50, size=4, remaining=3
[  140.683435][ T6864] iso9660: Corrupted directory entry in block 6 of inode 1792
[  140.725540][ T6864] Symlink component flag not implemented
[  140.731766][ T6864] Symlink component flag not implemented (129)
[  140.747640][ T6864] rock: directory entry would overflow storage
[  140.754004][ T6864] rock: sig=0x4f50, size=4, remaining=3
[  140.759646][ T6864] iso9660: Corrupted directory entry in block 6 of inode 1792
[  140.776402][ T6880] loop2: detected capacity change from 0 to 512
[  140.809702][ T6880] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1168: bg 0: block 5: invalid block bitmap
[  140.847112][ T6880] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  140.868267][ T6889] netlink: 'syz.4.1171': attribute type 6 has an invalid length.
[  140.892508][ T6880] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1168: invalid indirect mapped block 3 (level 2)
[  140.935141][ T6880] EXT4-fs (loop2): 2 truncates cleaned up
[  140.938617][ T6892] loop1: detected capacity change from 0 to 2048
[  140.944331][ T6880] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.976165][ T6892] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.998181][ T6880] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.039457][ T6894] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1173'.
[  141.071988][ T6880] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.166818][ T6880] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.255091][ T6880] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.327483][ T6902] program syz.2.1168 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  141.350315][ T5885] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.367229][ T6902] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1168'.
[  141.376809][ T5885] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.399698][ T5885] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.432280][ T5885] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.434246][ T6917] loop3: detected capacity change from 0 to 764
[  141.453865][ T6917] rock: directory entry would overflow storage
[  141.460525][ T6917] rock: sig=0x4f50, size=4, remaining=3
[  141.466483][ T6917] iso9660: Corrupted directory entry in block 6 of inode 1792
[  141.510505][ T6917] Symlink component flag not implemented
[  141.512172][ T6919] loop0: detected capacity change from 0 to 128
[  141.517510][ T6917] Symlink component flag not implemented (129)
[  141.535843][ T6917] rock: directory entry would overflow storage
[  141.542323][ T6917] rock: sig=0x4f50, size=4, remaining=3
[  141.548026][ T6917] iso9660: Corrupted directory entry in block 6 of inode 1792
[  141.641705][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.645694][ T6922] loop0: detected capacity change from 0 to 512
[  141.664327][ T6922] EXT4-fs: Ignoring removed mblk_io_submit option
[  141.694364][ T6922] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  141.717668][ T6922] EXT4-fs (loop0): 1 truncate cleaned up
[  141.736394][ T6922] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.739547][ T6927] loop2: detected capacity change from 0 to 764
[  141.775093][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.808941][ T6927] rock: directory entry would overflow storage
[  141.815399][ T6927] rock: sig=0x4f50, size=4, remaining=3
[  141.821183][ T6927] iso9660: Corrupted directory entry in block 6 of inode 1792
[  141.890875][ T6927] Symlink component flag not implemented
[  141.905219][ T6927] Symlink component flag not implemented (129)
[  141.935824][ T6927] rock: directory entry would overflow storage
[  141.942152][ T6927] rock: sig=0x4f50, size=4, remaining=3
[  141.947809][ T6927] iso9660: Corrupted directory entry in block 6 of inode 1792
[  142.121995][ T6943] loop2: detected capacity change from 0 to 764
[  142.165543][ T6943] rock: directory entry would overflow storage
[  142.172158][ T6943] rock: sig=0x4f50, size=4, remaining=3
[  142.178104][ T6943] iso9660: Corrupted directory entry in block 6 of inode 1792
[  142.254968][ T6943] Symlink component flag not implemented
[  142.260980][ T6943] Symlink component flag not implemented (129)
[  142.269893][ T6943] rock: directory entry would overflow storage
[  142.276240][ T6943] rock: sig=0x4f50, size=4, remaining=3
[  142.282024][ T6943] iso9660: Corrupted directory entry in block 6 of inode 1792
[  142.348873][ T6948] loop2: detected capacity change from 0 to 128
[  142.570779][ T6957] loop2: detected capacity change from 0 to 1024
[  142.598016][ T6957] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1196: Failed to acquire dquot type 0
[  142.637468][ T6957] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  142.655958][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.665854][ T6957] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #13: comm syz.2.1196: corrupted inode contents
[  142.705577][ T6957] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #13: comm syz.2.1196: mark_inode_dirty error
[  142.718820][ T6957] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #13: comm syz.2.1196: corrupted inode contents
[  142.732692][ T6957] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #13: comm syz.2.1196: mark_inode_dirty error
[  142.765249][ T6969] loop0: detected capacity change from 0 to 764
[  142.766657][ T6957] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #13: comm syz.2.1196: corrupted inode contents
[  142.791448][ T6957] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  142.803191][ T6957] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #13: comm syz.2.1196: corrupted inode contents
[  142.838241][ T6957] EXT4-fs error (device loop2): ext4_truncate:4666: inode #13: comm syz.2.1196: mark_inode_dirty error
[  142.850259][ T6957] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  142.870221][ T6957] EXT4-fs (loop2): 1 truncate cleaned up
[  142.876575][ T6969] rock: directory entry would overflow storage
[  142.880517][ T6957] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.882829][ T6969] rock: sig=0x4f50, size=4, remaining=3
[  142.882847][ T6969] iso9660: Corrupted directory entry in block 6 of inode 1792
[  142.931494][   T29] kauditd_printk_skb: 933 callbacks suppressed
[  142.931514][   T29] audit: type=1326 audit(1759178981.419:11056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6968 comm="syz.0.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  142.962929][ T6969] Symlink component flag not implemented
[  142.964364][   T29] audit: type=1326 audit(1759178981.419:11057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6968 comm="syz.0.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  142.969077][ T6969] Symlink component flag not implemented (129)
[  142.992977][   T29] audit: type=1326 audit(1759178981.449:11058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6968 comm="syz.0.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  143.023487][   T29] audit: type=1400 audit(1759178981.449:11059): avc:  denied  { mount } for  pid=6956 comm="syz.2.1196" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  143.045589][   T29] audit: type=1400 audit(1759178981.449:11060): avc:  denied  { remount } for  pid=6956 comm="syz.2.1196" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  143.067866][ T6957] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  143.081768][ T6969] rock: directory entry would overflow storage
[  143.088361][ T6969] rock: sig=0x4f50, size=4, remaining=3
[  143.094249][ T6969] iso9660: Corrupted directory entry in block 6 of inode 1792
[  143.124525][   T29] audit: type=1326 audit(1759178981.609:11061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6968 comm="syz.0.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  143.148914][   T29] audit: type=1326 audit(1759178981.609:11062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6968 comm="syz.0.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  143.186741][   T29] audit: type=1326 audit(1759178981.669:11063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6968 comm="syz.0.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  143.211887][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.231247][   T29] audit: type=1326 audit(1759178981.669:11064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6968 comm="syz.0.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  143.255206][   T29] audit: type=1326 audit(1759178981.669:11065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6968 comm="syz.0.1199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  143.307814][ T6984] loop2: detected capacity change from 0 to 512
[  143.319157][ T6984] EXT4-fs: Ignoring removed mblk_io_submit option
[  143.404899][ T6990] loop0: detected capacity change from 0 to 512
[  143.465389][ T6990] EXT4-fs: Ignoring removed mblk_io_submit option
[  143.506504][ T6984] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  143.526148][ T6990] EXT4-fs (loop0): failed to initialize system zone (-117)
[  143.549681][ T6990] EXT4-fs (loop0): mount failed
[  143.571634][ T6984] EXT4-fs (loop2): 1 truncate cleaned up
[  143.578508][ T6984] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.687845][ T6998] vhci_hcd: invalid port number 236
[  144.098535][ T7006] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1212'.
[  144.310682][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.447459][ T7026] loop3: detected capacity change from 0 to 128
[  144.474801][ T7026] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  144.523024][ T7026] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  144.531095][ T7026] FAT-fs (loop3): Filesystem has been set read-only
[  144.551117][ T7026] syz.3.1219: attempt to access beyond end of device
[  144.551117][ T7026] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  145.305573][ T7053] loop1: detected capacity change from 0 to 512
[  145.439076][ T7065] loop1: detected capacity change from 0 to 128
[  145.470455][ T7065] capability: warning: `syz.1.1235' uses deprecated v2 capabilities in a way that may be insecure
[  145.485563][ T7070] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  145.509308][ T7069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.529481][ T7069] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.539624][ T7069] IPVS: stopping master sync thread 7070 ...
[  145.602159][ T7072] netlink: 'syz.4.1238': attribute type 6 has an invalid length.
[  145.685766][ T7076] openvswitch: netlink: Message has 6 unknown bytes.
[  145.736011][ T7078] openvswitch: netlink: Message has 6 unknown bytes.
[  145.790850][ T7081] loop3: detected capacity change from 0 to 512
[  145.806588][ T7081] EXT4-fs: Ignoring removed mblk_io_submit option
[  145.814975][ T7081] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  145.830459][ T7081] EXT4-fs (loop3): 1 truncate cleaned up
[  145.837990][ T7081] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.898347][ T7092] loop0: detected capacity change from 0 to 128
[  145.911407][ T7092] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  145.933582][ T7092] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  145.941644][ T7092] FAT-fs (loop0): Filesystem has been set read-only
[  145.959900][ T7092] syz.0.1246: attempt to access beyond end of device
[  145.959900][ T7092] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  146.072446][ T7100] loop1: detected capacity change from 0 to 512
[  146.099777][ T7102] loop2: detected capacity change from 0 to 1024
[  146.131100][ T7099] netlink: 'syz.0.1248': attribute type 6 has an invalid length.
[  146.155153][ T7102] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  146.179209][ T7102] ext4 filesystem being mounted at /236/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.197558][ T7099] loop0: detected capacity change from 0 to 764
[  146.210960][ T7099] rock: directory entry would overflow storage
[  146.217294][ T7099] rock: sig=0x4f50, size=4, remaining=3
[  146.222940][ T7099] iso9660: Corrupted directory entry in block 6 of inode 1792
[  146.262924][ T7099] Symlink component flag not implemented
[  146.268541][ T5867] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: comm kworker/u8:8: lblock 0 mapped to illegal pblock 0 (length 1)
[  146.272551][ T5867] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  146.284344][ T7099] Symlink component flag not implemented (129)
[  146.295386][ T5867] EXT4-fs (loop2): This should not happen!! Data will be lost
[  146.295386][ T5867] 
[  146.312362][ T7099] rock: directory entry would overflow storage
[  146.318587][ T7099] rock: sig=0x4f50, size=4, remaining=3
[  146.322523][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  146.324243][ T7099] iso9660: Corrupted directory entry in block 6 of inode 1792
[  146.427717][ T7118] loop0: detected capacity change from 0 to 512
[  146.474881][ T7118] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.512777][ T7118] ext4 filesystem being mounted at /229/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  146.537334][ T7118] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.1255: corrupted inode contents
[  146.550921][ T7118] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz.0.1255: mark_inode_dirty error
[  146.584431][ T7118] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.1255: corrupted inode contents
[  146.600906][ T7118] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.1255: mark_inode_dirty error
[  146.633548][ T7129] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1257'.
[  146.645635][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.665268][ T7134] loop3: detected capacity change from 0 to 128
[  146.675412][ T7134] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  146.687800][ T7134] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  146.695907][ T7134] FAT-fs (loop3): Filesystem has been set read-only
[  146.706199][ T7134] syz.3.1258: attempt to access beyond end of device
[  146.706199][ T7134] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  147.149139][ T7144] loop3: detected capacity change from 0 to 128
[  147.163621][ T7144] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  147.192715][ T7144] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  147.200754][ T7144] FAT-fs (loop3): Filesystem has been set read-only
[  147.207794][ T7144] syz.3.1262: attempt to access beyond end of device
[  147.207794][ T7144] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  147.221233][ T7146] loop1: detected capacity change from 0 to 512
[  147.274379][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.274499][ T7148] loop3: detected capacity change from 0 to 1024
[  147.327188][ T7148] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  147.343473][ T7154] loop2: detected capacity change from 0 to 128
[  147.351672][ T7148] ext4 filesystem being mounted at /283/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.370960][ T7154] FAULT_INJECTION: forcing a failure.
[  147.370960][ T7154] name failslab, interval 1, probability 0, space 0, times 0
[  147.384029][ T7154] CPU: 0 UID: 0 PID: 7154 Comm: syz.2.1266 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  147.384065][ T7154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  147.384162][ T7154] Call Trace:
[  147.384171][ T7154]  <TASK>
[  147.384180][ T7154]  __dump_stack+0x1d/0x30
[  147.384215][ T7154]  dump_stack_lvl+0xe8/0x140
[  147.384236][ T7154]  dump_stack+0x15/0x1b
[  147.384258][ T7154]  should_fail_ex+0x265/0x280
[  147.384311][ T7154]  should_failslab+0x8c/0xb0
[  147.384339][ T7154]  __kvmalloc_node_noprof+0x123/0x4e0
[  147.384376][ T7154]  ? traverse+0x9d/0x3a0
[  147.384415][ T7154]  ? __rcu_read_unlock+0x4f/0x70
[  147.384503][ T7154]  traverse+0x9d/0x3a0
[  147.384610][ T7154]  seq_lseek+0xb5/0x170
[  147.384685][ T7154]  __x64_sys_lseek+0xe8/0x160
[  147.384714][ T7154]  x64_sys_call+0x2814/0x2ff0
[  147.384741][ T7154]  do_syscall_64+0xd2/0x200
[  147.384782][ T7154]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  147.384891][ T7154]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  147.384930][ T7154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.385025][ T7154] RIP: 0033:0x7f316c6feec9
[  147.385046][ T7154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.385098][ T7154] RSP: 002b:00007f316b167038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008
[  147.385123][ T7154] RAX: ffffffffffffffda RBX: 00007f316c955fa0 RCX: 00007f316c6feec9
[  147.385138][ T7154] RDX: 0000000000000000 RSI: 0000000000010001 RDI: 0000000000000004
[  147.385201][ T7154] RBP: 00007f316b167090 R08: 0000000000000000 R09: 0000000000000000
[  147.385218][ T7154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.385244][ T7154] R13: 00007f316c956038 R14: 00007f316c955fa0 R15: 00007ffdb5ba2d18
[  147.385271][ T7154]  </TASK>
[  147.602961][ T5915] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm kworker/u8:46: lblock 0 mapped to illegal pblock 0 (length 1)
[  147.623147][ T5915] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  147.635724][ T5915] EXT4-fs (loop3): This should not happen!! Data will be lost
[  147.635724][ T5915] 
[  147.648220][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  147.691243][ T7160] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.852876][ T7160] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.888074][ T7175] loop0: detected capacity change from 0 to 512
[  147.933002][ T7175] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.951303][ T7175] ext4 filesystem being mounted at /232/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  147.963942][ T7160] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.006038][ T7175] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.1275: corrupted inode contents
[  148.029760][ T7175] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz.0.1275: mark_inode_dirty error
[  148.070265][ T7175] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.1275: corrupted inode contents
[  148.085189][ T7160] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.114959][ T7173] loop2: detected capacity change from 0 to 32768
[  148.139089][   T29] kauditd_printk_skb: 411 callbacks suppressed
[  148.139110][   T29] audit: type=1326 audit(1759178986.619:11477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.0.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  148.145974][ T7175] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.1275: mark_inode_dirty error
[  148.170668][   T29] audit: type=1326 audit(1759178986.619:11478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.0.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  148.205969][   T29] audit: type=1326 audit(1759178986.619:11479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.0.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  148.230210][   T29] audit: type=1326 audit(1759178986.619:11480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.0.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  148.254104][   T29] audit: type=1326 audit(1759178986.619:11481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.0.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  148.278100][   T29] audit: type=1326 audit(1759178986.619:11482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.0.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  148.302133][   T29] audit: type=1326 audit(1759178986.619:11483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.0.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  148.325798][   T29] audit: type=1326 audit(1759178986.619:11484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.0.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  148.349398][   T29] audit: type=1326 audit(1759178986.619:11485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.0.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  148.372991][   T29] audit: type=1326 audit(1759178986.619:11486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.0.1275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff5ab7feec9 code=0x7ffc0000
[  148.468474][ T5867] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.478155][ T5867] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.492612][ T5867] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.514408][ T5867] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.604849][ T7190] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1277'.
[  148.662356][ T7193] loop2: detected capacity change from 0 to 128
[  148.729830][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.801669][ T7198] netlink: 'syz.0.1280': attribute type 6 has an invalid length.
[  148.822226][ T7198] loop0: detected capacity change from 0 to 764
[  148.837852][ T7200] loop2: detected capacity change from 0 to 1024
[  148.848223][ T7198] rock: directory entry would overflow storage
[  148.854591][ T7198] rock: sig=0x4f50, size=4, remaining=3
[  148.860173][ T7198] iso9660: Corrupted directory entry in block 6 of inode 1792
[  148.916688][ T7200] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  148.931410][ T7200] ext4 filesystem being mounted at /243/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.937620][ T7198] Symlink component flag not implemented
[  148.948938][ T7198] Symlink component flag not implemented (129)
[  148.958740][ T7198] rock: directory entry would overflow storage
[  148.965134][ T7198] rock: sig=0x4f50, size=4, remaining=3
[  148.970928][ T7198] iso9660: Corrupted directory entry in block 6 of inode 1792
[  148.979982][ T7204] netlink: 'syz.4.1282': attribute type 6 has an invalid length.
[  149.026930][ T5915] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: comm kworker/u8:46: lblock 0 mapped to illegal pblock 0 (length 1)
[  149.084343][ T5915] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  149.097193][ T5915] EXT4-fs (loop2): This should not happen!! Data will be lost
[  149.097193][ T5915] 
[  149.113389][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  149.132447][ T7209] netlink: 'syz.4.1285': attribute type 6 has an invalid length.
[  149.199436][ T7215] FAULT_INJECTION: forcing a failure.
[  149.199436][ T7215] name failslab, interval 1, probability 0, space 0, times 0
[  149.212243][ T7215] CPU: 0 UID: 0 PID: 7215 Comm: syz.1.1287 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  149.212283][ T7215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  149.212299][ T7215] Call Trace:
[  149.212307][ T7215]  <TASK>
[  149.212316][ T7215]  __dump_stack+0x1d/0x30
[  149.212344][ T7215]  dump_stack_lvl+0xe8/0x140
[  149.212368][ T7215]  dump_stack+0x15/0x1b
[  149.212385][ T7215]  should_fail_ex+0x265/0x280
[  149.212409][ T7215]  should_failslab+0x8c/0xb0
[  149.212479][ T7215]  kmem_cache_alloc_node_noprof+0x57/0x320
[  149.212591][ T7215]  ? __alloc_skb+0x101/0x320
[  149.212627][ T7215]  __alloc_skb+0x101/0x320
[  149.212650][ T7215]  netlink_alloc_large_skb+0xba/0xf0
[  149.212679][ T7215]  netlink_sendmsg+0x3cf/0x6b0
[  149.212711][ T7215]  ? __pfx_netlink_sendmsg+0x10/0x10
[  149.212766][ T7215]  __sock_sendmsg+0x145/0x180
[  149.212821][ T7215]  ____sys_sendmsg+0x31e/0x4e0
[  149.212858][ T7215]  ___sys_sendmsg+0x17b/0x1d0
[  149.212900][ T7215]  __x64_sys_sendmsg+0xd4/0x160
[  149.212982][ T7215]  x64_sys_call+0x191e/0x2ff0
[  149.213068][ T7215]  do_syscall_64+0xd2/0x200
[  149.213139][ T7215]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  149.213165][ T7215]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  149.213237][ T7215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.213259][ T7215] RIP: 0033:0x7f7e674eeec9
[  149.213275][ T7215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.213299][ T7215] RSP: 002b:00007f7e65f57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.213340][ T7215] RAX: ffffffffffffffda RBX: 00007f7e67745fa0 RCX: 00007f7e674eeec9
[  149.213357][ T7215] RDX: 0000000004000054 RSI: 0000200000000480 RDI: 0000000000000006
[  149.213373][ T7215] RBP: 00007f7e65f57090 R08: 0000000000000000 R09: 0000000000000000
[  149.213390][ T7215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.213453][ T7215] R13: 00007f7e67746038 R14: 00007f7e67745fa0 R15: 00007ffdb33dfe18
[  149.213473][ T7215]  </TASK>
[  149.455702][ T7229] netlink: 'syz.1.1289': attribute type 6 has an invalid length.
[  149.484391][ T7231] loop2: detected capacity change from 0 to 128
[  149.545902][ T7229] loop1: detected capacity change from 0 to 764
[  149.575937][ T7229] rock: directory entry would overflow storage
[  149.582470][ T7229] rock: sig=0x4f50, size=4, remaining=3
[  149.588177][ T7229] iso9660: Corrupted directory entry in block 6 of inode 1792
[  149.604797][ T7241] loop2: detected capacity change from 0 to 1024
[  149.624543][ T7241] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  149.651692][ T7229] Symlink component flag not implemented
[  149.659400][ T7241] ext4 filesystem being mounted at /246/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.673552][ T7229] Symlink component flag not implemented (129)
[  149.687488][ T7229] rock: directory entry would overflow storage
[  149.693859][ T7229] rock: sig=0x4f50, size=4, remaining=3
[  149.699490][ T7229] iso9660: Corrupted directory entry in block 6 of inode 1792
[  149.725245][ T5889] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: comm kworker/u8:25: lblock 0 mapped to illegal pblock 0 (length 1)
[  149.740886][ T5889] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  149.753646][ T5889] EXT4-fs (loop2): This should not happen!! Data will be lost
[  149.753646][ T5889] 
[  149.766907][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  149.831943][ T7253] loop2: detected capacity change from 0 to 512
[  149.857410][ T7253] EXT4-fs: Ignoring removed mblk_io_submit option
[  149.873201][ T7253] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  149.928038][ T7253] EXT4-fs (loop2): 1 truncate cleaned up
[  149.945019][ T7253] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.271750][ T7318] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1301'.
[  150.285570][ T7317] netlink: 'syz.1.1302': attribute type 1 has an invalid length.
[  150.310477][ T7317] 8021q: adding VLAN 0 to HW filter on device bond8
[  150.349600][ T7317] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1302'.
[  150.383105][ T7317] bond8 (unregistering): Released all slaves
[  150.402397][ T7323] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1302'.
[  150.723311][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.940579][ T7346] loop2: detected capacity change from 0 to 512
[  150.986189][ T7346] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.008287][ T7346] ext4 filesystem being mounted at /250/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  151.022492][ T7346] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1311: corrupted inode contents
[  151.047237][ T7346] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.1311: mark_inode_dirty error
[  151.060258][ T7346] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1311: corrupted inode contents
[  151.099886][ T7346] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.1311: mark_inode_dirty error
[  151.134719][ T7360] netlink: 'syz.3.1314': attribute type 6 has an invalid length.
[  151.173631][ T7360] loop3: detected capacity change from 0 to 764
[  151.197666][ T7365] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1316'.
[  151.209354][ T7365] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1316'.
[  151.233850][ T7360] rock: directory entry would overflow storage
[  151.240070][ T7360] rock: sig=0x4f50, size=4, remaining=3
[  151.245692][ T7360] iso9660: Corrupted directory entry in block 6 of inode 1792
[  151.291762][ T7370] IPVS: Error connecting to the multicast addr
[  151.316724][ T7370] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.330200][ T7370] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.338543][ T7372] loop1: detected capacity change from 0 to 512
[  151.349186][ T7372] EXT4-fs: Ignoring removed mblk_io_submit option
[  151.356109][ T7372] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  151.366337][ T7360] Symlink component flag not implemented
[  151.369451][ T7372] EXT4-fs (loop1): 1 truncate cleaned up
[  151.372995][ T7360] Symlink component flag not implemented (129)
[  151.378965][ T7372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.398288][ T7360] rock: directory entry would overflow storage
[  151.404969][ T7360] rock: sig=0x4f50, size=4, remaining=3
[  151.410684][ T7360] iso9660: Corrupted directory entry in block 6 of inode 1792
[  151.636762][ T7391] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1323'.
[  151.780523][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.805297][ T7398] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1328'.
[  151.941808][ T7402] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  151.952653][ T7402] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  151.962424][ T7402] bond0 (unregistering): Released all slaves
[  152.237520][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.463834][ T7419] loop0: detected capacity change from 0 to 512
[  152.491336][ T7419] EXT4-fs: Ignoring removed mblk_io_submit option
[  152.512778][ T7425] loop1: detected capacity change from 0 to 512
[  152.521156][ T7421] loop2: detected capacity change from 0 to 2048
[  152.528353][ T7424] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1339'.
[  152.547716][ T7419] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  152.580085][ T7421] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.591703][ T7425] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.618400][ T7425] ext4 filesystem being mounted at /258/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  152.623572][ T7419] EXT4-fs (loop0): 1 truncate cleaned up
[  152.635744][ T7425] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.1338: corrupted inode contents
[  152.648761][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.649640][ T7419] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.713189][ T7425] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz.1.1338: mark_inode_dirty error
[  152.726423][ T7425] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.1338: corrupted inode contents
[  152.742684][ T7425] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.1338: mark_inode_dirty error
[  152.932547][ T7451] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1345'.
[  153.105183][ T7465] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1350'.
[  153.371781][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.395050][   T29] kauditd_printk_skb: 770 callbacks suppressed
[  153.395070][   T29] audit: type=1326 audit(1759178991.879:12257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  153.425586][   T29] audit: type=1326 audit(1759178991.889:12258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd866bed710 code=0x7ffc0000
[  153.449311][   T29] audit: type=1326 audit(1759178991.889:12259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd866bed710 code=0x7ffc0000
[  153.473749][   T29] audit: type=1326 audit(1759178991.889:12260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  153.497983][   T29] audit: type=1326 audit(1759178991.889:12261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  153.522043][   T29] audit: type=1326 audit(1759178991.889:12262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  153.545991][   T29] audit: type=1326 audit(1759178991.889:12263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  153.570465][   T29] audit: type=1326 audit(1759178991.889:12264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  153.594831][   T29] audit: type=1326 audit(1759178991.889:12265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  153.679661][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.689903][   T29] audit: type=1326 audit(1759178992.039:12266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.4.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd866beeec9 code=0x7ffc0000
[  153.846772][ T7494] loop0: detected capacity change from 0 to 128
[  153.856468][ T7494] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  153.874358][ T7494] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  153.882411][ T7494] FAT-fs (loop0): Filesystem has been set read-only
[  153.889625][ T7494] syz.0.1364: attempt to access beyond end of device
[  153.889625][ T7494] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  153.921755][ T7501] loop1: detected capacity change from 0 to 512
[  153.948175][ T7501] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.005107][ T7501] ext4 filesystem being mounted at /263/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  154.019445][ T7501] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.1366: corrupted inode contents
[  154.052471][ T7501] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz.1.1366: mark_inode_dirty error
[  154.075217][ T7501] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.1366: corrupted inode contents
[  154.123633][ T7501] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.1366: mark_inode_dirty error
[  154.356062][ T7543] ipip0: entered promiscuous mode
[  154.457650][ T7548] loop2: detected capacity change from 0 to 4096
[  154.476916][ T7548] EXT4-fs: Ignoring removed nomblk_io_submit option
[  154.528583][ T7548] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.758623][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.769807][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.939215][ T7618] loop2: detected capacity change from 0 to 128
[  154.981619][ T7618] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  154.988665][ T7624] loop0: detected capacity change from 0 to 128
[  154.998749][ T7621] netlink: 'syz.1.1379': attribute type 6 has an invalid length.
[  155.031384][ T7618] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  155.039426][ T7618] FAT-fs (loop2): Filesystem has been set read-only
[  155.047881][ T7621] loop1: detected capacity change from 0 to 764
[  155.058314][ T7618] syz.2.1377: attempt to access beyond end of device
[  155.058314][ T7618] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  155.075773][ T7621] rock: directory entry would overflow storage
[  155.082320][ T7621] rock: sig=0x4f50, size=4, remaining=3
[  155.088012][ T7621] iso9660: Corrupted directory entry in block 6 of inode 1792
[  155.162777][ T7621] Symlink component flag not implemented
[  155.179128][ T7621] Symlink component flag not implemented (129)
[  155.188463][ T7635] loop0: detected capacity change from 0 to 512
[  155.200489][ T7621] rock: directory entry would overflow storage
[  155.206148][ T7639] loop3: detected capacity change from 0 to 512
[  155.206826][ T7621] rock: sig=0x4f50, size=4, remaining=3
[  155.218703][ T7621] iso9660: Corrupted directory entry in block 6 of inode 1792
[  155.219941][ T7639] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.241594][ T7639] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  155.261312][ T7639] EXT4-fs (loop3): 1 truncate cleaned up
[  155.270084][ T7635] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.271533][ T7639] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.284331][ T7635] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  155.312143][ T7635] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.1386: corrupted inode contents
[  155.339948][ T7635] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz.0.1386: mark_inode_dirty error
[  155.360671][ T7635] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.1386: corrupted inode contents
[  155.373987][ T7650] IPv6: NLM_F_CREATE should be specified when creating new route
[  155.382296][ T7635] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.1386: mark_inode_dirty error
[  155.519675][ T7664] ==================================================================
[  155.527846][ T7664] BUG: KCSAN: data-race in page_cache_sync_ra / page_cache_sync_ra
[  155.535890][ T7664] 
[  155.538329][ T7664] write to 0xffff888137b02d5c of 4 bytes by task 7659 on cpu 0:
[  155.546277][ T7664]  page_cache_sync_ra+0x4e9/0x6c0
[  155.551389][ T7664]  filemap_get_pages+0x2d0/0x1150
[  155.556566][ T7664]  filemap_splice_read+0x3a9/0x740
[  155.561812][ T7664]  ext4_file_splice_read+0x8f/0xb0
[  155.567036][ T7664]  splice_direct_to_actor+0x26c/0x680
[  155.572617][ T7664]  do_splice_direct+0xda/0x150
[  155.577436][ T7664]  do_sendfile+0x380/0x650
[  155.581937][ T7664]  __x64_sys_sendfile64+0x105/0x150
[  155.587189][ T7664]  x64_sys_call+0x2bb0/0x2ff0
[  155.591998][ T7664]  do_syscall_64+0xd2/0x200
[  155.596556][ T7664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.602498][ T7664] 
[  155.604850][ T7664] write to 0xffff888137b02d5c of 4 bytes by task 7664 on cpu 1:
[  155.612792][ T7664]  page_cache_sync_ra+0x4e9/0x6c0
[  155.618049][ T7664]  filemap_get_pages+0x2d0/0x1150
[  155.623172][ T7664]  filemap_splice_read+0x3a9/0x740
[  155.628499][ T7664]  ext4_file_splice_read+0x8f/0xb0
[  155.633924][ T7664]  splice_direct_to_actor+0x26c/0x680
[  155.639378][ T7664]  do_splice_direct+0xda/0x150
[  155.644610][ T7664]  do_sendfile+0x380/0x650
[  155.649096][ T7664]  __x64_sys_sendfile64+0x105/0x150
[  155.654438][ T7664]  x64_sys_call+0x2bb0/0x2ff0
[  155.659197][ T7664]  do_syscall_64+0xd2/0x200
[  155.663795][ T7664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.670004][ T7664] 
[  155.672364][ T7664] value changed: 0x0000000f -> 0x00000010
[  155.678184][ T7664] 
[  155.680543][ T7664] Reported by Kernel Concurrency Sanitizer on:
[  155.686815][ T7664] CPU: 1 UID: 0 PID: 7664 Comm: syz.3.1388 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  155.696743][ T7664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  155.706836][ T7664] ==================================================================
[  156.170065][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.308148][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.