last executing test programs:

3.133462669s ago: executing program 4 (id=404):
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000200))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4015)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='afs_file_error\x00', r2}, 0xfffffd7e)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000000400)="aa", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x3f66400, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
shutdown(r3, 0x1)
syz_open_dev$tty20(0xc, 0x4, 0x1)

3.131557258s ago: executing program 3 (id=407):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x6002, &(0x7f0000000000)=0x3, 0xf, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='kfree\x00', r1, 0x0, 0x2}, 0x61)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r2 = socket$kcm(0xa, 0x5, 0x0)
r3 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x2, 0x2, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000000080)='_', 0x1}], 0x11}, 0x64)
setsockopt$sock_attach_bpf(r3, 0x84, 0x1e, &(0x7f0000000240), 0x4)
r4 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r4})
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8936, &(0x7f0000000000)={r4})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r5 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0x71, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x200000000000000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r6, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0xf0, 0x0, 0x100, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x5a}, @void, @void}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x50d789ab}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xca2}, @NL80211_ATTR_VENDOR_DATA={0xc1, 0xc5, "86a82d98304681a6524408030029f3d2516177c1e4a5acd57bbe461004b91229002e1fbee9215e73f4d4f268fa3cc992cd802e998a22288bfc99acf7249d7f4dbc1dae3e1acd15dbf2c236e7e7a31b1f83947fec33ba148c9221b33ac135e12ae1ced1c7c1d8bccf6028d4ccc5b84a53e934240ef63f5d2fc8c0e94c3a893e213246ae451f96176a5b4b3a06c4d729ead754c390082de0c71d1639c25c1da0ba0d0ff4e83e9a45e31999b30f613b4ce462d7cd8d13f1ac00f8efa8a7b2"}]}, 0xf0}, 0x1, 0x0, 0x0, 0x200000c0}, 0x24008045)
r7 = socket$key(0xf, 0x3, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x531, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5") (fail_nth: 22)
sendmsg$key(r7, &(0x7f0000000400)={0x10000000, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYBLOB="020e0080150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff000000000600330000000000000000000000eafffd8000000000000000000000000000aa000000000000000000000000000000000400"], 0xa8}}, 0x2)

2.821392565s ago: executing program 4 (id=411):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xff}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001440)={0xfc, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xff7f}, @NL80211_ATTR_FRAME_MATCH={0xcd, 0x5b, "4b21ab03a538795b31de52bfc8289eae70398aa657bcce857086aa0abbbc195517083271331b489f246ba859f2a8576cce11a28bd75f00644bae85b4b41abadb754d3392fd42589a277406eee371aa8bcf1097fa50d369dddbad650163e0b53ce994b36adbfe51b625aa9e4ef444b6ce396d9b2f9f933f56a95e50589456a98dad1258549e8a022b0adc9d32c8314e5b1c50860553c10ff8cdfe969dd4716c6d965b32c7bf6fa35040ddae329f19ea5f4d396e83d21c05aa18660f4834dbe4f983c60a702461ad4635"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20044055}, 0x4000080)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1c00000000000)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001300)={0x6, 0x1d, &(0x7f0000000840)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x9d}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x95}}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xd}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x4}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='syzkaller\x00', 0x5, 0x11, &(0x7f00000006c0)=""/17, 0x1f00, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000a00)={0x3, 0xd, 0x4, 0x5}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000001240), &(0x7f0000001280)=[{0x3, 0x2, 0x9, 0xc}, {0x1, 0x2, 0x6, 0xa}, {0x2, 0x2, 0x5, 0xc}, {0x2, 0x1, 0xd, 0x3}, {0x4, 0x3, 0x2, 0x9}, {0x1, 0x3, 0x2, 0x2}, {0x5, 0x4, 0x2, 0x9}], 0x10, 0xffffffff}, 0x94)
r1 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r3 = dup3(r1, r2, 0x0)
ioctl$MON_IOCG_STATS(r3, 0xc0109207, &(0x7f00000001c0))

2.780637725s ago: executing program 4 (id=413):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0)

2.471070742s ago: executing program 0 (id=419):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$inet(0x2, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r2, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="dfbf00000000000000006700000008000300", @ANYRES32=r0, @ANYBLOB="0800c300741300000800c4"], 0x30}, 0x1, 0x0, 0x0, 0x240408c3}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1c, 0x8, &(0x7f00000009c0)=ANY=[@ANYRES8=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='\x00\x00\x00\x00\x00')
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r6, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r6, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x21, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x8, 0x4}, 0x2012, 0x0, 0x2, 0x2, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

2.145784688s ago: executing program 3 (id=423):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xff}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001440)={0xfc, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xff7f}, @NL80211_ATTR_FRAME_MATCH={0xcd, 0x5b, "4b21ab03a538795b31de52bfc8289eae70398aa657bcce857086aa0abbbc195517083271331b489f246ba859f2a8576cce11a28bd75f00644bae85b4b41abadb754d3392fd42589a277406eee371aa8bcf1097fa50d369dddbad650163e0b53ce994b36adbfe51b625aa9e4ef444b6ce396d9b2f9f933f56a95e50589456a98dad1258549e8a022b0adc9d32c8314e5b1c50860553c10ff8cdfe969dd4716c6d965b32c7bf6fa35040ddae329f19ea5f4d396e83d21c05aa18660f4834dbe4f983c60a702461ad4635"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20044055}, 0x4000080)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1c00000000000)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001300)={0x6, 0x1d, &(0x7f0000000840)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x9d}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x95}}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xd}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x4}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='syzkaller\x00', 0x5, 0x11, &(0x7f00000006c0)=""/17, 0x1f00, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000a00)={0x3, 0xd, 0x4, 0x5}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000001240), &(0x7f0000001280)=[{0x3, 0x2, 0x9, 0xc}, {0x1, 0x2, 0x6, 0xa}, {0x2, 0x2, 0x5, 0xc}, {0x2, 0x1, 0xd, 0x3}, {0x4, 0x3, 0x2, 0x9}, {0x1, 0x3, 0x2, 0x2}, {0x5, 0x4, 0x2, 0x9}], 0x10, 0xffffffff}, 0x94)
r1 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r3 = dup3(r1, r2, 0x0)
ioctl$MON_IOCG_STATS(r3, 0xc0109207, &(0x7f00000001c0))

2.02836557s ago: executing program 0 (id=426):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x9, 0x6}, 0x8d14, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r1=>0x0})
sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x1d, r1}, 0x10, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=r0, @ANYRES64=r1, @ANYBLOB="0000000001000000"], 0x48}}, 0x0)

1.640039908s ago: executing program 4 (id=428):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TCSETSW2(0xffffffffffffffff, 0x80047456, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x80, 0x461}, 0x108108, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe2$9p(0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcLli4hWCwigqx0CIpRGJIY0RcsbAWLLQQLCwkEq39+AcUv0BsxD6lGEEUYiUpxXpBsUmVZdfZxmplUdnleZrhPefMHF5+E/hPi8Lv7XY7EUJoJ9//9m+nhbFS98TI5FQIiTAbQij8+stfnUQ88fdXz+NzOT6XktnG/vXo82nHTc9dPX0Yxf1aFMJaCGHh4Sj1b+/G/99Z/jK1vrFU3FzJz98XVx8H5/oKXVuFxZ2hg1xlujM3E/9Ytehz9qcbw8e37fLT7vf+b/VGK3sVz2USH7Ofr/U2/72f1Wa1Nd57sjyQ+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBn+cvU+sZScXMlP39fXH0cnOsrdG0VFneGDnKV6c7cTPQ6V4s+Z3+6MXx82y4/7X7v/1ZvtLJX8Vwm8TH7+Vpv89/7WW1WW+O9J8sDmR/Ni8p2nPuL/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6gwVuqeGJmcCiERZkMIo1HH0Z/1dvK1n4jnzuNnOa6XktnG/vXo82nHTc9dPX04EddrUQhrIYSFh6PUp1+Gd/sjAAD///tch0s=") (fail_nth: 5)

1.639079808s ago: executing program 0 (id=429):
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200080, &(0x7f0000000080)={[{@errors_remount}, {@delalloc}, {@bsdgroups}]}, 0x3, 0x56d, &(0x7f0000000c00)="$eJzs3c+PG1cdAPDvzP6w86PdBHqAqpAAhYCieLNOG1W9NLmAUFUJUXFAHNJl11ktseMQe0t3icT2bwAJBCf4EzggcUDqiQM3jkgcEFI5IAWIQFkESEYznt04WVtxYq/d7H4+0mR+vHnzfU/O+D0/e+cFcGSdjYjtiJiPiHciYqE4nhRLXOku2Xn3791Z2bl3ZyWJTuftvyd5enYsevJkThTXLEfE178S8e1kf9zW5taN5Xq9drvYX2w3bi22NrcurDeW12prtZvV6uWlyxdfu/RqdWx1PdP45d0vr7/5jd/8+lMf/n77S9/PinWySOutxzh1qz63FyczGxFvHkSwKZgp1vP7Ul7qn+HKwZaHJ5NGxMci4rP5/b8QM/n/TgDgMOt0fhqdhd59AOCwyz7/nywnaSUi0rToBFS6Y3gvxPG03my1z19vbtxc7Y6VnYq59Pp6vXbxdOmP381Pnkuy/aU8LU/P96uP7F+KiNMR8aPSsXy/stKsr06nywMAR96J/Duwov2PiH+V0rRSGSprn2/1AIBnRnkKOQGA6eptxUtTLAcAMDk+xQPA0TNE+1982b994GUBACbD538AOHq0/wBw9Dxp++83ggDwTPvaW29lS2eneP716rubG3PNdy+s1lo3Ko2NlcpK8/atylqzuZY/s6fxUOZjPdtFn6DebN5aeiU23lts11rtxdbm1rVGc+Nm+1r+XO9rtbmJ1g4A6Of0mQ/+kETE9uvH8iV65nLQVsPhlk67AMDUzDzYrJ140sw6CPBMe7rZvv4z9nIAkzdUE553En534GUBpqPvw7zLfTcf9pMnCOJ3xvCRcu6Tw4//75/jGXiWGf+Ho2vmqXK9MfZyAJP3dOP/wGHQ6SSPzvk/v5cEABxKI/yEr/ODcXVCgKl63GTeY/n+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6ZkxHxnUjSSj4XeJr9m1YqEc9FxKmYS66v12sXI+L5OBMRc6Vsf2nahQYARpT+NSnm/zq38PLJR1Pnk3+X8nVEfO9nb//4veV2+/ZSdvwfe8dLu9OHVR/kG2FeQQBgOJ3SkCfm7Xe1WPd8kL9/787K7nJQhezn7tX4XzEV8crOvTv50k2ZjexgRDnvSxz/ZxKzRZ5yRLwYETNjiL/9fkR8ol/9k3xs5FQx82lv/ChiPzfR+OlD8dM8rbvOOl8fH0NZ4Kj54GpEXOl3/6VxNl/3v//L+TvU6O5e7V5s971vpyf+bBFppk/87J4/O2yMV3771X0HOwvdtPcjXpztFz/Zi58MiP/ykPH/9NKnf/jGgLTOzyPORf/4vbEW241bi63NrQvrjeW12lo5qtXLS5cvvnbp1epiPka9uDtSvd/fXj///KCyZfU/PiB+uW/95/fyfn7I+v/iv+986zMPdkuPxv/i5/q//i/0jd+VtYlfeDhMZ1D85eO/Gjh9dxZ/dUD9H/f6nx+m8hHx4V+2Voc8FQCYgNbm1o3ler12e6SNNHY647jOvo2siMOdvNtdHC3on+MgavGUG3MjV2daG7N7fcXxXvmb2RUnXJ107LUYaeP+pGJN7z0JmIwHN/20SwIAAAAAAAAAAAAAAAwyiT9dmnYdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOLz+HwAA//+WydIx")
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x3c, 0x0, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x1}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x100}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000050}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
write$P9_RCREATE(r0, 0x0, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x80)
open_by_handle_at(r3, &(0x7f0000000240)=@reiserfs_2={0x4b, 0x2, {0xb}}, 0x36f0516f)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000000090000000009000a00000000005f5f2e002e00616100000000"], 0x0, 0x2e, 0x0, 0x1, 0xf}, 0x28)

1.584851199s ago: executing program 3 (id=431):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
r3 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)='/', 0x1}], 0x1}}], 0x2, 0x0)
close(r3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r6 = bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r3}, 0x8)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x14430, 0x1, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @value=r6}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000100000000000000000000180100000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r8, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r5}, 0x18)
r9 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r9, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x190da)

1.369414923s ago: executing program 3 (id=433):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x200}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r4)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
io_setup(0x4, &(0x7f0000000600)=<r6=>0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
r7 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r6, 0xe7, &(0x7f0000000080)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x1, 0x0, r7, &(0x7f0000000000)="ff07000000000000", 0x400000}])

1.225917946s ago: executing program 1 (id=435):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$inet(0x2, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={0xffffffffffffffff, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e8, &(0x7f0000001200)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJp4zdzOlP6Y2x+X207T+XySS2fOmeGc4fLtOXPuOXMDqKzB9I9axMGImE4i+pP5xbzOyDIHF4579OdH59NXEvX6a78nkWRp+fFJ9rMvO7knIn78IYkDHavLnZm7cXl8amryerY/PHtlenhm7sbRS1fGL05enLw6+sLoqZMnTp4aOdbSdd0sSDt7+933+z8Ze/Obr/5KRr79ZSyJ0/FyduDS62iXwRhs/Jskq7P6TrW7sJJ0ZP9Plr7FSWeJFWJT8vevKyL+F/3REY/fvP74+JVSKwdsqXoSUQcqKhH/UFF5PyC/t195H1wrpVcCbIeHZxYGAFbHf+fC2GD0NMYG9j5KYumwThIRrY3MLbcvIu7fG7t94d7Y7diicTig2PytiPh/UfwnjfgfiJ4YaMR/bVn8p/2Cc9nPNP3VFstfOVQs/mH7LMR/z5rxH03i/60l8f92i+UPPt58p3dZ/Pe2ekkAAAAAAABQWXfPRMTzRZ//1xbn/0TB/J++iDjdhvIHV+yv/vy/9qANxQAFHp6JeKlw/m8tn/070JFt/asxH6AruXBpavJYRPw7Io5E1550f2SNMo5+euDLZnmD2fy//JWWfz+bC5jV40HnnuXnTIzPjj/pdQMRD29FPFU4/zdZbP+TgvY//X0wvcEyDjx751yzvPXjH9gq9a8jDhe2/4+fWpGs/XyO4UZ/YDjvFaz29Ieffdes/Fbj3yMm4Mml7f/eteN/IFn6vJ6ZzZdxfK6z3iyv1f5/d/J645Ez3VnaB+Ozs9dHIrqTsx1p6rL00c3XGXajPB7yeEnj/8gza4//FfX/eyNifsXfnfyxfE1x7r9/9/3arD76/1CeNP4nNtX+b35j9M7A983K31j7f6LR1h/JUoz/wYIv8jDtXp5eEI6dRVnbXV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A1qEbEvktrQ4natNjQU0RcR/4m9talrM7PPXbj23tWJNK/x/f+1/Jt++xf2k/z7/weW7I+u2D8eEfsj4vOO3sb+0PlrUxNlXzwAAAAAAAAAAAAAAAAAAADsEH1N1v+nfusou3bAlussuwJAaQri/6cy6gFsP+0/VJf4h+oS/1Bd4h+qq8X472p3PYDtp/2H6hL/UF3iHwAAAAAAdpX9h+7+nETE/Iu9jVeqO8szvwd2t1rZFQBK4xE/UF2m/kB1uccHknXye5qetN6Za5k+/wQnAwAAAAAAAAAAAEDlHD5o/T9UlfX/UF3W/0N15ev/D5VcD2D7uccHYp2V/IXr/9c9CwAAAAAAAAAAAABop5m5G5fHp6Ymr9t4Y2dUox0b6Tu7kYPr9frNxrEtlbVnB1zpjtrIp8LvlPqs2MjX+m3srNJ+JQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACv8EwAA//8IGSKz")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
mount$cgroup2(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x2000000, &(0x7f0000000400)={[{@memory_hugetlb_accounting}, {@subsystem='pids'}, {@memory_localevents}, {@memory_recursiveprot}, {@memory_hugetlb_accounting}], [{@obj_user={'obj_user', 0x3d, '.[+#)'}}, {@pcr={'pcr', 0x3d, 0x38}}]})
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")

1.141444698s ago: executing program 4 (id=436):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0)
fsopen(0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCDARP(r2, 0x8955, &(0x7f00000004c0)={{0x2, 0x0, @broadcast}, {0x0, @random="9f444415c302"}, 0xffffff6f, {0x2, 0x0, @broadcast}, 'veth0\x00'})
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080)="290000001e00190f00003fffffffda060200000000e80001dd0008040d000900ea11c21d0005000000", 0x29}], 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
memfd_secret(0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r4, &(0x7f0000000080)='D', 0x1, 0x4014, 0x0, 0x0)
shutdown(r4, 0x1)
splice(r4, 0x0, r3, 0x0, 0x2, 0x0)

975.382341ms ago: executing program 1 (id=438):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000b80)={0x1d, r4, 0x2, {0x0, 0xff, 0x1}, 0xfe}, 0x18)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000003c0)=@o_path={&(0x7f0000000380)='./file0\x00', r0}, 0x18)
syz_emit_ethernet(0x19e, &(0x7f00000000c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x168, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xd, [{0x3, 0x9, "bd3e6d4706598080a8030037ff0b00ffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34116d34ca0a5c15b37adac15084dbaf736b41e5af1902"}, {0x0, 0x1, "000000050000000026000400"}, {0x3, 0x20, "77f9290b6e87290b6e87f278e94724e20c43c95f9b49204a64d614d4cc9d0d46d954fda9a75d076993e3b87aa99b2454a86662e37b42678a74974ddd50b21e499efae61e3a816a367d019bc7f892d8975f1fc8a3e27139041cd21d2d12f30ee6f029d8d73f80f9b19d138598345b9c0feda226b333c55c668fb17b5b39603ee66b8534f1fbf97e139d35762307516482a1787d8f3bb76940602a0104ac045b59510dfd944672de5f77c0e6136c06847bbe70dd65236ef4d112e88fabc57d02a2a380eb697adf4e1d9090705f85ddf041bc076775f5d27555d3f60c44192fa92eee16828c1c4aa17f4a743e212cd2c084e5acc9aae96852cd54afd2d60786"}]}}}}}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18) (async)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00'}) (async)
bind$can_j1939(r3, &(0x7f0000000b80)={0x1d, r4, 0x2, {0x0, 0xff, 0x1}, 0xfe}, 0x18) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) (async)
close_range(r5, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000003c0)=@o_path={&(0x7f0000000380)='./file0\x00', r0}, 0x18) (async)
syz_emit_ethernet(0x19e, &(0x7f00000000c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x168, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xd, [{0x3, 0x9, "bd3e6d4706598080a8030037ff0b00ffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34116d34ca0a5c15b37adac15084dbaf736b41e5af1902"}, {0x0, 0x1, "000000050000000026000400"}, {0x3, 0x20, "77f9290b6e87290b6e87f278e94724e20c43c95f9b49204a64d614d4cc9d0d46d954fda9a75d076993e3b87aa99b2454a86662e37b42678a74974ddd50b21e499efae61e3a816a367d019bc7f892d8975f1fc8a3e27139041cd21d2d12f30ee6f029d8d73f80f9b19d138598345b9c0feda226b333c55c668fb17b5b39603ee66b8534f1fbf97e139d35762307516482a1787d8f3bb76940602a0104ac045b59510dfd944672de5f77c0e6136c06847bbe70dd65236ef4d112e88fabc57d02a2a380eb697adf4e1d9090705f85ddf041bc076775f5d27555d3f60c44192fa92eee16828c1c4aa17f4a743e212cd2c084e5acc9aae96852cd54afd2d60786"}]}}}}}}, 0x0) (async)

957.842441ms ago: executing program 3 (id=439):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, 0x0, 0x18}, 0x0)
recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0)

894.469523ms ago: executing program 1 (id=440):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r1=>0x0})
sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x1d, r1}, 0x10, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=r0, @ANYRES64=r1, @ANYBLOB="0000000001000000"], 0x48}}, 0x0)

893.698542ms ago: executing program 1 (id=441):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xff}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001440)={0xfc, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xff7f}, @NL80211_ATTR_FRAME_MATCH={0xcd, 0x5b, "4b21ab03a538795b31de52bfc8289eae70398aa657bcce857086aa0abbbc195517083271331b489f246ba859f2a8576cce11a28bd75f00644bae85b4b41abadb754d3392fd42589a277406eee371aa8bcf1097fa50d369dddbad650163e0b53ce994b36adbfe51b625aa9e4ef444b6ce396d9b2f9f933f56a95e50589456a98dad1258549e8a022b0adc9d32c8314e5b1c50860553c10ff8cdfe969dd4716c6d965b32c7bf6fa35040ddae329f19ea5f4d396e83d21c05aa18660f4834dbe4f983c60a702461ad4635"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20044055}, 0x4000080)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1c00000000000)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001300)={0x6, 0x1d, &(0x7f0000000840)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x9d}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x95}}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xd}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x4}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='syzkaller\x00', 0x5, 0x11, &(0x7f00000006c0)=""/17, 0x1f00, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000a00)={0x3, 0xd, 0x4, 0x5}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000001240), &(0x7f0000001280)=[{0x3, 0x2, 0x9, 0xc}, {0x1, 0x2, 0x6, 0xa}, {0x2, 0x2, 0x5, 0xc}, {0x2, 0x1, 0xd, 0x3}, {0x4, 0x3, 0x2, 0x9}, {0x1, 0x3, 0x2, 0x2}, {0x5, 0x4, 0x2, 0x9}], 0x10, 0xffffffff}, 0x94)
r1 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r3 = dup3(r1, r2, 0x0)
ioctl$MON_IOCG_STATS(r3, 0xc0109207, &(0x7f00000001c0))

779.807135ms ago: executing program 1 (id=442):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
read$eventfd(0xffffffffffffffff, &(0x7f0000000240), 0x8)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000001100)="02965d1f5ec3de3d", 0x8}], 0x1)
gettid()
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, 0x0, 0x42850)
r1 = syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r4 = syz_pidfd_open(r1, 0x0)
r5 = dup(r4)
fsetxattr$trusted_overlay_upper(r5, &(0x7f0000000000), 0x0, 0x0, 0x2)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44084}, 0xc0080)
r7 = socket$unix(0x1, 0x2, 0x0)
r8 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000340)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000380)={0x101040, 0x10, 0x10}, 0x18)
getdents64(r8, &(0x7f0000000500)=""/213, 0xd5)
bind$unix(r7, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
socket$nl_route(0x10, 0x3, 0x0)
write$cgroup_type(r3, &(0x7f0000000040), 0x9)
r9 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, r5, 0x9a5e, '\x00', 0x0, r5, 0x3, 0x5}, 0x50)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x2d, 0x20040040)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
memfd_secret(0x0)

779.138605ms ago: executing program 4 (id=443):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newtfilter={0x64, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_flow={{0xfffffffffffffea3}, {0x34, 0x2, [@TCA_FLOW_EMATCHES={0x30, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_LIST={0x24, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x20, 0x1, 0x0, 0x0, {{0x8, 0x9, 0x40}, [@TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_REVISION={0x0, 0x3, 0x6}]}}]}]}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x20048084}, 0x2008c014)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
unshare(0x2c020400)
openat$procfs(0xffffffffffffff9c, 0x0, 0x41, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x0, 0x0, 0x1}}}}}}}, 0x0)
syz_usb_disconnect(r1)
syz_usb_connect(0x4, 0x24, &(0x7f0000000400)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r1, 0xc0085504, &(0x7f0000000080)=0x3)
syz_usb_connect$cdc_ecm(0x4, 0x5a, &(0x7f0000000200)={{0x12, 0x1, 0x453, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48, 0x1, 0x1, 0x4, 0xd0, 0x50, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x2, 0x6, 0x0, 0x6, {{0x9, 0x24, 0x6, 0x0, 0x0, "e98fc542"}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x7, 0xf1bd, 0xa637, 0x4}}, {[{{0x9, 0x5, 0x81, 0x3, 0x200, 0x8, 0xff, 0x9}}], {{0x9, 0x5, 0x82, 0x2, 0x40, 0x3, 0x4, 0x7a}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x9, 0x2}}}}}]}}]}}, &(0x7f0000000280)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x201, 0xe, 0x3, 0xb, 0x8, 0x2}, 0x112, &(0x7f0000000340)={0x5, 0xf, 0x112, 0x5, [@ptm_cap={0x3}, @ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0xc, 0x1d, 0x7, 0x4, 0x6, 0x9a}, @generic={0xf2, 0x10, 0xa, "e8bff939df1202b5150de5734e5c66e4cadbe046003fdbe9b635fc8b4a28449259d8268cbb2bbc46d7196ece66f5443c7eebf5289cfc3f69b10a72eb225fbe837cbd0df7d9b5159efd91d6d2093069d008986d8176e763f4164ea2ac6f78b161a59755d01b13aa8b88b88db35cfe2ace998b6bf9542bd9def31b5772e67884f420925df419c58fe2409eaa8267db925f0498a0ac63f596c9319ae44f8fa9d7db47818e73be59f838cbf8cb28367fd7b5cf043e71ff9a82427d6c0ab5c9aee2b1712eede0e733c4886173e5782254fd9431a4a3181203c95117b88d1dac5d988c154a83a212b29fda7acf26259ff5c6"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x10, 0x5, 0x1000}]}, 0x3, [{0xaf, &(0x7f0000000480)=@string={0xaf, 0x3, "11019592b0d4b7f9e6eff8b4973f2409a10a7f93d36f3c20818503b1ceb1858c88844dc4a027062de27a9befe3eb4301d4faabda120b728cd09b8d7a8e84b05425eeb2f7a6d3720aa58fb695c79d4d98dc3ab90bacfa730b64d5bafe928dd85675699b26f21888f9cc4060b350c8a789493f8fb185c18ab11f2d483e5dc4e8e816c7ce506a7694cd5a6f1cbb13ef13635b6c03a45b2d96f2bad94f72037a19aa6ce1e3eff721d2ee26aed50324"}}, {0x94, &(0x7f00000005c0)=@string={0x94, 0x3, "3e56a5f0718dd96eadc494fe47c7d4ad9a297d6db9d2f48c1259f2e262a7150c3cbaabe8f3b450d00ad6120b842a3cf3626acbd09d37f0a326038fbdebee00affed57e04d4a50833666af428415be5e2dcce4f7dcc149aa11de94436df1b768dfd0aa2ca0ba8d196344fa543ffae329c94dbbd4653dc7086869c76ccaf3f10dd1f069c842aae71387776fa939f44d910e553"}}, {0x3a, &(0x7f0000000100)=@string={0x3a, 0x3, "e1f7e6374d6662280eadab3085e674bfbb9d9b0815fab47da7169952ac394ef51b0ab689ddb51de9ce42c2b3ad43453fa45acf82b6bdebc6"}}]})
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001b1401002abdd444d446df25080001000000000009"], 0x24}, 0x1, 0x0, 0x0, 0x4000801}, 0x40810)

717.314046ms ago: executing program 0 (id=444):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) (async)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]}) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f00000012c0)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290) (async)
close_range(r0, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x0, 0x0) (async)
r3 = getpid() (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001140)=ANY=[@ANYBLOB="bf16000000000000b70700000100e0ff5070000028000000770000000000000095000200000000007ae9413df8ff0af5aa35339f4b382c4cad9db67dc983134d04ef2fd6fa7a9b857b72abaca100af1ba23d69883c073ec10500000000000000000000000000ac0e064c27bdfbd301150500000000000000bfdc995279d64072aacbb0595b950600009ad3bf16a461e48e955a772d4062093f4cb1c3d9532abad2085401f098eb039ae4f4103699b9e079229c1a72cb6d47cef1595e84d21951010f0274b1445a2ad6a7ad73827cccc21842599e0ae7b91f0b858b7b67aa0b28d69a74ffdea61be892f0f9ff9468e42aea53ee0cb83ff180aa18b625d1667459c7cba77cff9dc8c2772fe552fecfcd1778b08381000000c0b8e14631d521207e7423d86508416780983c2f380bc01cefe9773a9a5cd5b24aa24a561e72393c0ce2bf44825b05c1779fe74f884c2472ab45c2af60289cb199963312dd1929096c6f49d116f1612a7b97f77169fa5e8a66a372ef8e3ee7167f7d2a26fc6c3cfa4dc5860277223d6eb3460e3b10a0dc9400010000ca11d7beb5e700498b43bdadc916c01264d22d7969530633f94b257fbc5da7a96820e31044c0b0f62619c9e351996185e4015510875b774666ba5c0ba9845ad25b578d7d714ff3a85586b9b452301f5470d0e0ae5d7f82f178f0c7c9c8f44c390c8a2c5be9e24a125420912ec9a3149f87b35ef1169f05e49164a4944e7b4da2097f57020dd4f1f4f15edd7a0b1e24c6f79e1ea72a29c773f40f5bd9a6d7926c5c741f5aa85405273c7967d2c1a14efe0d5322cdcf2bc058ff9acb481926312f04008b1044e8c1c17d8c562edf69f4db96e059c49ec69a6086b5a3d24f4c7810ab5f6a9f9eb5c881883e5671bbca4614df48103ca6e408910000000000f784583b63fcd46293e1ea56bd87915783a144d41669cd2c52dbb03e2b7384f100000000000000000090bd4fa6a2d30dafd3a04d373eaf151dfbbb744f0f1ce962217b32ad159f41671f002c3a25b4efbc3b193e0954f71c7f240a7cdc5bf9be12ca0e82d2a408c8f882760331612a7c3d74386b3268e0c2a95396f6d16b8309cc192295fea2d0ce983baef6deecca6b6268b6cc965f2623bac861e31026a6aba7ebf78a614092257e3a4e52b7b1628dc33a425dce56fc939b96fbb66e131ba7651b542c86650336735d315c26bae977ff5a619b2534a5d1479e9090447aa860b81b905ded2f52ab9c741fc3a05030476b159690a811416d59f9d92c84fcbf0146be0330e1127cc4bb4e4c94d603f449279874e44113e9de94fbc14891af08e20a4701f0f8788b357815cf4ca3da2066ee6604ac6ab6ec54a111bd5b1887e74eb854010cc2dc95b06ceddfbc1b914be267fc29e6cf2301291ca8de0eed796d9e5e356861349b0fc217592e962360e714bb93a2e936f70873e773b9b6c056f28a36185bb8ecdcd3332528ab2d05be93bc69a373ac9d20fa087015481cfba74612d93104db153f89d03d6ce620f1f25be68b9cb2d225711c1b288ec6464111db1b40dbce06fd1bd887d7254476c9c70fe79be0fb7810e054b6e2205c2b4b27f13751639c581dac83889ed6eea54c798f2287c9d5345b0c49f78b9aa27a9c96ce5e43b6ca11bb6375ed390773315d19b596a60500330115bb100d0ea1511e29720d5f712eedd8e165af0c1d591fdbbd84e654b0e60c338c530a9e8ae1316a889134204f9db96e870bc1c5ffc1bdb2394d77e6c751f9d87ef42f6d53293f31ff4b60912fa0777c59db1ff74ba90026eed627e0f8ab250c8c6d51d86030e6be4a8982684c12c1c435d586ce106d0b4cd0f5fabcc5fbe30db5e715646867122ef50f767e215f92d407ad1c6575eccfe25f76aaf388008ec2217c9ba0f807edebe686b420287b6e0c6f14a48c82ec45f1aa7ac2508932d0e3a5834a1a4e20bc9bb2a802304900d6bef57bd9c081b45520e7bd491a0ef1bfec4721cc70962f4d55f01bae699cb3fe31c179f00dc79140333fa4e85ec393dd01bdc5bf79677453a30c63d1561a35c5e94e3cad80136e753052b08901965293bcf5f9de9c8019a1fdebddb255427326deea4506d2cc2949df6a5c13fbcc36cbcd0f0d35602668c3bc7c7264457f161a51"], &(0x7f0000000140)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r4, 0x0, 0xe40, 0x0, &(0x7f00000006c0)="ffffffff106c3ed990f77e9eb3cf", 0x0, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r5=>0xffffffffffffffff})
ptrace$ARCH_GET_FS(0x1e, r3, &(0x7f00000000c0), 0x1003) (async)
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='mlxsw_sp_acl_tcam_vregion_rehash_rollback_failed\x00', r6}, 0x18) (async)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x52b, &(0x7f0000000f80)="$eJzs3c9rJFkdAPBvdbpjMpPZZNWDLriu7kJm0OlONu5u8LCOIHpaUNf7GJNOCOmkQ7qzOwmLm8E/QBBRwZNevAj+AYIsePG4CAt6VlQU0VkFPejUUt3VmZlMd6cz0/kxyecDlXqvXlV93+tQ1fW6HlUBXFjPRcSNiLibpum1iJjMlxfyKfbaU7be+3feWsymJNL09X8kkeTLOvtK8vnlfLOxiPj6VyK+lTwct7Gzu7ZQq1W38nylub5ZaezsXl9dX1iprlQ35uZmX55/Zf6l+ZmhtPNKRLz6pb/84Ls/+/Krv/rsm3+8+ber386qNZGX39+OIyr2K2w3vXTj4AZbjxjsLMraU+pkxrutMfLQktvHXCcAALrLrvE/HBGfjohrMRkj/S9nAQAAgCdQ+oWJ+F8SkXY32mM5AAAA8AQptMbAFqOcjwWYiEKhXG6P4f1oXCrU6o3mZ5br2xtL7bGyU1EqLK/WqjP5WOGpKCVZfraVvpd/8UB+LiKejojvT4638uXFem3ptH/8AAAAgAvicqvPnxQ6/f9/T7b7/wAAAMA5M3WEdf9zjPUAAAAAjs9R+v8AAADAk0n/HwAAAM61r772WjalnfdfL72xs71Wf+P6UrWxVl7fXiwv1rc2yyv1+krrmX3rh+2vVq9vfi42tm9VmtVGs9LY2b25Xt/eaN5cbb0OHAAAADgFT3/ynd8nEbH3+fHWlBkdbNMBVwPOquJ+KsnnXQ7rPzzVnv/5hCoFnIiRvqWlE6sHcPKKp10B4NT4hgeSQ8p7Dt55N59/arj1AQAAhm/6473v/xf6brnXvxg48xzEcHH1v/8PnGet+/+DjuR1sQDnSskVAFx4g9//P3AR8O6gEdL0yJUCAACGaqI1JYVyfmU/EYVCuRxxpfVagFKyvFqrzkTEUxHxu8nSh7L8bGvL5NA+AwAAAAAAAAAAAAAAAAAAAAAAAADQlqZJpAAAAMC5FlH4a/Lr9rP8pydfmDj4+8Bo8t/JyF8R+uaPX//hrYVmc2s2W/7P/eXNH+XLXzyNXzAAAADgQjjSC/w7/fROPx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhun9O28tdqaTjPv3L0bE1IH4SVZSjLGI0YixKEXEpX8lUbxvu0JEjAwh/nj252Pd2p9k1doPeTB+0tn2Me3d7hs/prJPoUf8y0OIDxfZO9n550a3468Qz7Xm3Y+/YsQD+UfV9fyXG8v/jvQ4/q8MGOOZ935R6Rn/dsQzxe7nn078pEf85weM/81v7O72Kkt/EjHd9fsneSBWpbm+WWns7F5fXV9Yqa5UN+bmZl+ef2X+pfmZyvJqrZr/7Rrje5/45d1+7b/UI/7UIe1/YcD2//+9W3c+0k6WusW/+nyX+L/5ab7Gw/Hz77707TydlU930nvt9P2e/flvn+3X/qUe7T/s/391wPZf+9p3/jTgqgDACWjs7K4t1GrVrWEnCse25yMmsl76GajGWftYJKpbjbeHusM0TdPsmHqM/SRxFj6WVuK0z0wAAMCw3bvoP+2aAAAAAAAAAAAAAAAAAAAAwMV1Eo8TOxhzbz+VDOMR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ/FBAAAA///ROdsN") (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))

626.831178ms ago: executing program 0 (id=446):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r2, 0x0, 0x22)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYRESOCT=0x0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf252c000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x20048881}, 0x2000c800)

561.568259ms ago: executing program 0 (id=447):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r1)

496.5999ms ago: executing program 2 (id=448):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$inet(0x2, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x1, 0x0, 0x1, 0xa, 0x21005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={0xffffffffffffffff, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e8, &(0x7f0000001200)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJp4zdzOlP6Y2x+X207T+XySS2fOmeGc4fLtOXPuOXMDqKzB9I9axMGImE4i+pP5xbzOyDIHF4579OdH59NXEvX6a78nkWRp+fFJ9rMvO7knIn78IYkDHavLnZm7cXl8amryerY/PHtlenhm7sbRS1fGL05enLw6+sLoqZMnTp4aOdbSdd0sSDt7+933+z8Ze/Obr/5KRr79ZSyJ0/FyduDS62iXwRhs/Jskq7P6TrW7sJJ0ZP9Plr7FSWeJFWJT8vevKyL+F/3REY/fvP74+JVSKwdsqXoSUQcqKhH/UFF5PyC/t195H1wrpVcCbIeHZxYGAFbHf+fC2GD0NMYG9j5KYumwThIRrY3MLbcvIu7fG7t94d7Y7diicTig2PytiPh/UfwnjfgfiJ4YaMR/bVn8p/2Cc9nPNP3VFstfOVQs/mH7LMR/z5rxH03i/60l8f92i+UPPt58p3dZ/Pe2ekkAAAAAAABQWXfPRMTzRZ//1xbn/0TB/J++iDjdhvIHV+yv/vy/9qANxQAFHp6JeKlw/m8tn/070JFt/asxH6AruXBpavJYRPw7Io5E1550f2SNMo5+euDLZnmD2fy//JWWfz+bC5jV40HnnuXnTIzPjj/pdQMRD29FPFU4/zdZbP+TgvY//X0wvcEyDjx751yzvPXjH9gq9a8jDhe2/4+fWpGs/XyO4UZ/YDjvFaz29Ieffdes/Fbj3yMm4Mml7f/eteN/IFn6vJ6ZzZdxfK6z3iyv1f5/d/J645Ez3VnaB+Ozs9dHIrqTsx1p6rL00c3XGXajPB7yeEnj/8gza4//FfX/eyNifsXfnfyxfE1x7r9/9/3arD76/1CeNP4nNtX+b35j9M7A983K31j7f6LR1h/JUoz/wYIv8jDtXp5eEI6dRVnbXV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A1qEbEvktrQ4natNjQU0RcR/4m9talrM7PPXbj23tWJNK/x/f+1/Jt++xf2k/z7/weW7I+u2D8eEfsj4vOO3sb+0PlrUxNlXzwAAAAAAAAAAAAAAAAAAADsEH1N1v+nfusou3bAlussuwJAaQri/6cy6gFsP+0/VJf4h+oS/1Bd4h+qq8X472p3PYDtp/2H6hL/UF3iHwAAAAAAdpX9h+7+nETE/Iu9jVeqO8szvwd2t1rZFQBK4xE/UF2m/kB1uccHknXye5qetN6Za5k+/wQnAwAAAAAAAAAAAEDlHD5o/T9UlfX/UF3W/0N15ev/D5VcD2D7uccHYp2V/IXr/9c9CwAAAAAAAAAAAABop5m5G5fHp6Ymr9t4Y2dUox0b6Tu7kYPr9frNxrEtlbVnB1zpjtrIp8LvlPqs2MjX+m3srNJ+JQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACv8EwAA//8IGSKz")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
mount$cgroup2(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x2000000, &(0x7f0000000400)={[{@memory_hugetlb_accounting}, {@subsystem='pids'}, {@memory_localevents}, {@memory_recursiveprot}, {@memory_hugetlb_accounting}], [{@obj_user={'obj_user', 0x3d, '.[+#)'}}, {@pcr={'pcr', 0x3d, 0x38}}]})
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")

492.988321ms ago: executing program 1 (id=449):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRESHEX=r0], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
close(0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000980), 0x0, 0x2f, 0xe8034000, 0x0, 0x0, 0x0, 0x0, 0x5dc}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000800)='fib6_table_lookup\x00', r5}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x10000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f1, &(0x7f0000000080))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="01000000000000000002000123f96386b5c484000000"], 0x1c}}, 0x8000)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r9}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
pause()

387.136033ms ago: executing program 2 (id=450):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, 0x0, 0x9)
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cpuacct.usage_all\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x5, &(0x7f0000000000)={0x0, 0x1, 0x7fffffffffffffff, 0x80000000})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000940)=ANY=[@ANYRESDEC=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xa, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_ttl={{0x14, 0x0, 0x2, 0x6}}], 0x18}}], 0x1, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="04000000040000000400000005", @ANYRES32=r3, @ANYBLOB, @ANYRESHEX=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="000000000000000eaf233f933dfedf21623931d0a700b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000004000000bf380b8ad70000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000400)='kfree\x00', r6}, 0x18)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r4, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r7 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r7, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r7, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57)
setsockopt$inet_mreqsrc(r3, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r8 = socket(0x1a, 0x3, 0xffffffff)
connect$netlink(r8, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@empty, @in6}}, {{@in=@broadcast}, 0x0, @in=@initdev}}, &(0x7f0000000280)=0xe8)

322.683174ms ago: executing program 2 (id=451):
syz_emit_ethernet(0x3e, 0x0, 0x0)
setreuid(0xee01, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000800018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
socket$inet6(0xa, 0x80002, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x20c02)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x80000020000005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000080)=0x9fe, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffb}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
rt_sigprocmask(0x0, &(0x7f0000000300)={[0xffffffff]}, 0xfffffffffffffffc, 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r5, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r6 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r6, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1}, 0x3e8)
r7 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r7, &(0x7f0000001040)={&(0x7f0000000080)={0x2, 0xffff, @remote}, 0x10, &(0x7f0000000000), 0x0, &(0x7f0000000100)=ANY=[@ANYRESOCT=r0], 0x40}, 0x20000024)
r8 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
gettid()
writev(r8, &(0x7f0000000400)=[{&(0x7f0000000000)="aa1d980edd2658f6da4a09052868", 0xe}], 0x1)

194.324036ms ago: executing program 2 (id=452):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xff}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001440)={0xfc, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xff7f}, @NL80211_ATTR_FRAME_MATCH={0xcd, 0x5b, "4b21ab03a538795b31de52bfc8289eae70398aa657bcce857086aa0abbbc195517083271331b489f246ba859f2a8576cce11a28bd75f00644bae85b4b41abadb754d3392fd42589a277406eee371aa8bcf1097fa50d369dddbad650163e0b53ce994b36adbfe51b625aa9e4ef444b6ce396d9b2f9f933f56a95e50589456a98dad1258549e8a022b0adc9d32c8314e5b1c50860553c10ff8cdfe969dd4716c6d965b32c7bf6fa35040ddae329f19ea5f4d396e83d21c05aa18660f4834dbe4f983c60a702461ad4635"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x3}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20044055}, 0x4000080)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1c00000000000)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001300)={0x6, 0x1d, &(0x7f0000000840)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x9d}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x95}}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xd}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x4}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='syzkaller\x00', 0x5, 0x11, &(0x7f00000006c0)=""/17, 0x1f00, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000a00)={0x3, 0xd, 0x4, 0x5}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000001240)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001280)=[{0x3, 0x2, 0x9, 0xc}, {0x1, 0x2, 0x6, 0xa}, {0x2, 0x2, 0x5, 0xc}, {0x2, 0x1, 0xd, 0x3}, {0x4, 0x3, 0x2, 0x9}, {0x1, 0x3, 0x2, 0x2}, {0x5, 0x4, 0x2, 0x9}], 0x10, 0xffffffff}, 0x94)
r1 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r3 = dup3(r1, r2, 0x0)
ioctl$MON_IOCG_STATS(r3, 0xc0109207, &(0x7f00000001c0))

116.442078ms ago: executing program 2 (id=453):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="50000000270001"], 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x0)

115.922328ms ago: executing program 2 (id=454):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000380), &(0x7f00000005c0)=r1}, 0x20)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYBLOB="680000001000030500f0e66f1500000000000000", @ANYRES32=r1, @ANYRES8=r2, @ANYBLOB="9315683dda91505aff54ab6c52eb06a3dc387304c940aef3794ced81d3ccdc475138175b4ee676c03503e4422827076ed3feff", @ANYRES64=0x0], 0x68}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
read(0xffffffffffffffff, &(0x7f00000002c0)=""/157, 0x9d)
socket$nl_netfilter(0x10, 0x3, 0xc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000001010102000000000000000002000000240002800c000280040001003a00000014000180080001cd4bde2a0192000000000000000c001980080002"], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x0)

0s ago: executing program 3 (id=455):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000a00)=ANY=[@ANYBLOB="18089a5e1645bb1febac87062d34f351ad86c9b82899d263b91090b42a1fe5c27b616f08dbc29b8dc1e4c95baa855713342d3b", @ANYRES32], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='kvm_dirty_ring_push\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@bloom_filter={0x1e, 0x2, 0xfffffff7, 0x80000000, 0x0, 0xffffffffffffffff, 0xffff06cf, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x5, 0x8}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000b711715788c824d0000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r0, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000600)=[0x0, 0x0], <r6=>0x0, 0x44, &(0x7f0000000640)=[{}], 0x8, 0x10, &(0x7f0000000680), &(0x7f00000006c0), 0x8, 0x47, 0x8, 0x8, &(0x7f0000000700)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r6}, 0x94)
pipe(&(0x7f00000026c0))
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010000000d0000000000010000000000000001410000001c0017"], 0x38}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

ng to 1000
[   41.777965][ T3500] lo speed is unknown, defaulting to 1000
[   41.805347][ T3500] lo speed is unknown, defaulting to 1000
[   41.811604][ T3500] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   41.815076][   T51] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.828453][   T51] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.837555][ T3504] tipc: Started in network mode
[   41.842577][ T3504] tipc: Node identity ac14140f, cluster identity 4711
[   41.849810][ T3500] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   41.861717][ T3504] tipc: New replicast peer: 255.255.255.255
[   41.867926][ T3504] tipc: Enabled bearer <udp:s>, priority 10
[   41.876383][   T51] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.892551][ T3500] lo speed is unknown, defaulting to 1000
[   41.903648][   T51] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.925879][ T3500] lo speed is unknown, defaulting to 1000
[   41.932390][ T3500] lo speed is unknown, defaulting to 1000
[   41.938230][   T51] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.952769][ T3500] lo speed is unknown, defaulting to 1000
[   41.965085][ T3500] lo speed is unknown, defaulting to 1000
[   41.994539][ T3500] syz.2.13 (3500) used greatest stack depth: 10712 bytes left
[   42.120044][ T3517] loop2: detected capacity change from 0 to 2048
[   42.187851][ T3517] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.262763][ T3515] loop3: detected capacity change from 0 to 1024
[   42.269995][ T3515] =======================================================
[   42.269995][ T3515] WARNING: The mand mount option has been deprecated and
[   42.269995][ T3515]          and is ignored by this kernel. Remove the mand
[   42.269995][ T3515]          option from the mount to silence this warning.
[   42.269995][ T3515] =======================================================
[   42.337731][ T3515] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   42.383131][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.404683][ T3515] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.15: Invalid block bitmap block 0 in block_group 0
[   42.422008][ T3526] loop1: detected capacity change from 0 to 128
[   42.441220][ T3528] loop2: detected capacity change from 0 to 128
[   42.464100][ T3515] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.15: Failed to acquire dquot type 0
[   42.492823][ T3526] syz.1.17: attempt to access beyond end of device
[   42.492823][ T3526] loop1: rw=2049, sector=233, nr_sectors = 24 limit=128
[   42.524601][ T3528] syz.2.18: attempt to access beyond end of device
[   42.524601][ T3528] loop2: rw=2049, sector=233, nr_sectors = 24 limit=128
[   42.540844][ T3515] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.15: Freeing blocks not in datazone - block = 0, count = 4096
[   42.556530][ T3526] syz.1.17: attempt to access beyond end of device
[   42.556530][ T3526] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128
[   42.562081][ T3528] syz.2.18: attempt to access beyond end of device
[   42.562081][ T3528] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[   42.574731][ T3515] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.15: Invalid inode bitmap blk 0 in block_group 0
[   42.596760][   T31] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:1: Failed to release dquot type 0
[   42.607528][ T3528] syz.2.18: attempt to access beyond end of device
[   42.607528][ T3528] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[   42.610348][ T3526] syz.1.17: attempt to access beyond end of device
[   42.610348][ T3526] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[   42.637408][ T3528] syz.2.18: attempt to access beyond end of device
[   42.637408][ T3528] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128
[   42.638386][ T3515] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   42.667279][ T3528] syz.2.18: attempt to access beyond end of device
[   42.667279][ T3528] loop2: rw=2049, sector=313, nr_sectors = 8 limit=128
[   42.673915][ T3526] syz.1.17: attempt to access beyond end of device
[   42.673915][ T3526] loop1: rw=2049, sector=297, nr_sectors = 8 limit=128
[   42.694558][ T3515] EXT4-fs (loop3): 1 orphan inode deleted
[   42.695703][ T3526] syz.1.17: attempt to access beyond end of device
[   42.695703][ T3526] loop1: rw=2049, sector=313, nr_sectors = 8 limit=128
[   42.711563][ T3515] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.805049][ T3515] syz.3.15 (3515) used greatest stack depth: 9312 bytes left
[   42.854807][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.871908][ T3402] tipc: Node number set to 2886997007
[   42.908691][ T3533] loop4: detected capacity change from 0 to 1024
[   42.963918][ T3533] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   43.062024][ T3533] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.19: Invalid block bitmap block 0 in block_group 0
[   43.114069][ T3533] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.19: Failed to acquire dquot type 0
[   43.172497][ T3533] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.19: Freeing blocks not in datazone - block = 0, count = 4096
[   43.211150][ T3533] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.19: Invalid inode bitmap blk 0 in block_group 0
[   43.225946][ T3533] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   43.236184][ T3533] EXT4-fs (loop4): 1 orphan inode deleted
[   43.242307][ T3533] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.242825][   T51] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:3: Failed to release dquot type 0
[   43.334677][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.354868][ T3551] netlink: 24 bytes leftover after parsing attributes in process `syz.4.28'.
[   43.376445][ T3549] siw: device registration error -23
[   43.404552][ T3556] capability: warning: `syz.3.29' uses deprecated v2 capabilities in a way that may be insecure
[   43.464833][ T3564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.33'.
[   43.486137][ T3561] loop4: detected capacity change from 0 to 1024
[   43.494459][ T3561] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   43.495349][ T3564] loop3: detected capacity change from 0 to 1024
[   43.509294][ T3561] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.32: Invalid block bitmap block 0 in block_group 0
[   43.525626][ T3561] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.32: Failed to acquire dquot type 0
[   43.536880][ T3561] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.32: Freeing blocks not in datazone - block = 0, count = 4096
[   43.542165][ T3564] EXT4-fs: Ignoring removed orlov option
[   43.550898][ T3561] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.32: Invalid inode bitmap blk 0 in block_group 0
[   43.568483][ T3561] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   43.568491][   T51] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:3: Failed to release dquot type 0
[   43.588824][ T3561] EXT4-fs (loop4): 1 orphan inode deleted
[   43.590722][ T3564] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.595071][ T3561] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.641660][ T3568] netlink: 'syz.1.34': attribute type 4 has an invalid length.
[   43.644498][ T3564] cgroup2: Unknown parameter 'pids'
[   43.654902][ T3568] netlink: 'syz.1.34': attribute type 4 has an invalid length.
[   43.702779][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.712606][ T3570] loop1: detected capacity change from 0 to 2048
[   43.719817][ T3572] netlink: 68 bytes leftover after parsing attributes in process `syz.2.36'.
[   43.756858][ T3570] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.815460][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.887602][ T3580] netlink: 4 bytes leftover after parsing attributes in process `syz.2.40'.
[   43.914930][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.976049][ T3587] loop3: detected capacity change from 0 to 1024
[   43.986888][ T3583] tipc: Started in network mode
[   43.991970][ T3583] tipc: Node identity ac14140f, cluster identity 4711
[   44.014026][ T3587] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   44.033961][ T3583] tipc: New replicast peer: 255.255.255.255
[   44.040072][ T3583] tipc: Enabled bearer <udp:s>, priority 10
[   44.073865][ T3587] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.41: Invalid block bitmap block 0 in block_group 0
[   44.094863][ T3587] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.41: Failed to acquire dquot type 0
[   44.115771][ T3587] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.41: Freeing blocks not in datazone - block = 0, count = 4096
[   44.130315][ T3587] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.41: Invalid inode bitmap blk 0 in block_group 0
[   44.142956][   T51] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:3: Failed to release dquot type 0
[   44.154713][ T3587] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   44.222200][ T3587] EXT4-fs (loop3): 1 orphan inode deleted
[   44.240029][ T3587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.403317][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.707602][ T3611] usb usb1: check_ctrlrecip: process 3611 (syz.3.47) requesting ep 01 but needs 81
[   44.717051][ T3611] usb usb1: usbfs: process 3611 (syz.3.47) did not claim interface 0 before use
[   45.151906][   T36] tipc: Node number set to 2886997007
[   45.324367][ T3619] loop3: detected capacity change from 0 to 2048
[   45.389716][ T3619] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.590614][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.631150][ T3623] FAULT_INJECTION: forcing a failure.
[   45.631150][ T3623] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   45.644480][ T3623] CPU: 1 UID: 0 PID: 3623 Comm: syz.3.51 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.644556][ T3623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   45.644569][ T3623] Call Trace:
[   45.644576][ T3623]  <TASK>
[   45.644584][ T3623]  __dump_stack+0x1d/0x30
[   45.644611][ T3623]  dump_stack_lvl+0xe8/0x140
[   45.644634][ T3623]  dump_stack+0x15/0x1b
[   45.644655][ T3623]  should_fail_ex+0x265/0x280
[   45.644707][ T3623]  should_fail_alloc_page+0xf2/0x100
[   45.644742][ T3623]  __alloc_frozen_pages_noprof+0xff/0x360
[   45.644801][ T3623]  alloc_pages_mpol+0xb3/0x250
[   45.644846][ T3623]  folio_alloc_mpol_noprof+0x39/0x80
[   45.644885][ T3623]  shmem_get_folio_gfp+0x3cf/0xd60
[   45.644994][ T3623]  shmem_write_begin+0xa8/0x190
[   45.645021][ T3623]  generic_perform_write+0x184/0x490
[   45.645057][ T3623]  shmem_file_write_iter+0xc5/0xf0
[   45.645083][ T3623]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   45.645185][ T3623]  vfs_write+0x527/0x960
[   45.645213][ T3623]  ksys_write+0xda/0x1a0
[   45.645236][ T3623]  __x64_sys_write+0x40/0x50
[   45.645294][ T3623]  x64_sys_call+0x27fe/0x2ff0
[   45.645320][ T3623]  do_syscall_64+0xd2/0x200
[   45.645364][ T3623]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   45.645392][ T3623]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   45.645426][ T3623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.645450][ T3623] RIP: 0033:0x7f6d7f6ed97f
[   45.645490][ T3623] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   45.645508][ T3623] RSP: 002b:00007f6d7e14edf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   45.645554][ T3623] RAX: ffffffffffffffda RBX: 000000000005b800 RCX: 00007f6d7f6ed97f
[   45.645571][ T3623] RDX: 000000000005b800 RSI: 00007f6d75d2f000 RDI: 0000000000000004
[   45.645587][ T3623] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000348
[   45.645671][ T3623] R10: 00000000000001ee R11: 0000000000000293 R12: 0000000000000004
[   45.645687][ T3623] R13: 00007f6d7e14eef0 R14: 00007f6d7e14eeb0 R15: 00007f6d75d2f000
[   45.645711][ T3623]  </TASK>
[   46.011926][ T3635] 9pnet_fd: Insufficient options for proto=fd
[   46.081273][   T29] kauditd_printk_skb: 381 callbacks suppressed
[   46.081293][   T29] audit: type=1326 audit(1759058570.310:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3638 comm="syz.4.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   46.106686][ T3639] netlink: 'syz.4.57': attribute type 4 has an invalid length.
[   46.111171][   T29] audit: type=1326 audit(1759058570.310:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3638 comm="syz.4.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   46.122972][ T3639] netlink: 'syz.4.57': attribute type 4 has an invalid length.
[   46.195960][ T3641] loop1: detected capacity change from 0 to 1024
[   46.206944][   T29] audit: type=1326 audit(1759058570.340:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3638 comm="syz.4.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   46.230215][   T29] audit: type=1326 audit(1759058570.340:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3638 comm="syz.4.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   46.253450][   T29] audit: type=1326 audit(1759058570.340:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3638 comm="syz.4.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   46.275911][ T3641] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   46.276880][   T29] audit: type=1326 audit(1759058570.340:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3638 comm="syz.4.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   46.310291][   T29] audit: type=1326 audit(1759058570.340:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3638 comm="syz.4.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   46.333596][   T29] audit: type=1326 audit(1759058570.340:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3638 comm="syz.4.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   46.356821][   T29] audit: type=1326 audit(1759058570.340:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3638 comm="syz.4.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   46.380025][   T29] audit: type=1326 audit(1759058570.340:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3638 comm="syz.4.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   46.509178][ T3641] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.58: Invalid block bitmap block 0 in block_group 0
[   46.525924][ T3641] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.58: Failed to acquire dquot type 0
[   46.537558][ T3641] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.58: Freeing blocks not in datazone - block = 0, count = 4096
[   46.541716][ T3651] 9pnet_fd: Insufficient options for proto=fd
[   46.552701][ T3641] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.58: Invalid inode bitmap blk 0 in block_group 0
[   46.572453][ T1783] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 0
[   46.585375][ T3650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.60'.
[   46.596609][ T3641] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   46.612219][ T3650] loop0: detected capacity change from 0 to 1024
[   46.619542][ T3650] EXT4-fs: Ignoring removed bh option
[   46.630867][ T3650] EXT4-fs: inline encryption not supported
[   46.636897][ T3641] EXT4-fs (loop1): 1 orphan inode deleted
[   46.644183][ T3641] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.666050][ T3650] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   46.682601][ T3650] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   46.693543][ T3650] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm : lblock 2 mapped to illegal pblock 2 (length 1)
[   46.706863][ T3650] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm : lblock 0 mapped to illegal pblock 48 (length 1)
[   46.721370][ T3650] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm : Failed to acquire dquot type 0
[   46.733924][ T3650] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   46.743715][ T3650] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm : mark_inode_dirty error
[   46.757153][ T3650] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   46.768684][ T3650] EXT4-fs (loop0): 1 orphan inode deleted
[   46.768980][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.776208][ T3650] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.797137][ T1783] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[   46.813689][ T1783] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 0
[   46.853846][ T3656] netlink: 4 bytes leftover after parsing attributes in process `syz.3.62'.
[   46.868436][ T3658] netlink: 68 bytes leftover after parsing attributes in process `syz.1.61'.
[   46.877462][ T3656] loop3: detected capacity change from 0 to 1024
[   46.885080][ T3656] EXT4-fs: Ignoring removed orlov option
[   46.899353][ T3656] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.946016][ T3656] cgroup2: Unknown parameter 'pids'
[   46.962549][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.981756][ T3661] loop1: detected capacity change from 0 to 164
[   46.989061][ T3310] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[   47.010117][ T3661] isofs_fill_super: get root inode failed
[   47.018468][ T3310] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   47.047151][ T3310] EXT4-fs error (device loop0): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[   47.082858][ T3663] loop1: detected capacity change from 0 to 128
[   47.126707][ T3665] loop0: detected capacity change from 0 to 732
[   47.162686][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.252419][ T3673] netlink: 'syz.0.69': attribute type 4 has an invalid length.
[   47.278202][ T3673] netlink: 'syz.0.69': attribute type 4 has an invalid length.
[   47.379228][ T3682] loop4: detected capacity change from 0 to 128
[   47.392467][ T3682] FAT-fs (loop4): Directory bread(block 162) failed
[   47.399162][ T3682] FAT-fs (loop4): Directory bread(block 163) failed
[   47.407358][ T3682] FAT-fs (loop4): Directory bread(block 164) failed
[   47.432371][ T3686] netlink: 4 bytes leftover after parsing attributes in process `syz.0.74'.
[   47.449289][ T3686] loop0: detected capacity change from 0 to 1024
[   47.459720][ T3686] EXT4-fs: Ignoring removed bh option
[   47.465354][ T3686] EXT4-fs: inline encryption not supported
[   47.471345][ T3682] FAT-fs (loop4): Directory bread(block 165) failed
[   47.472261][ T3686] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   47.509841][ T3686] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   47.525788][ T3682] FAT-fs (loop4): Directory bread(block 166) failed
[   47.532562][ T3682] FAT-fs (loop4): Directory bread(block 167) failed
[   47.537366][ T3686] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm : lblock 2 mapped to illegal pblock 2 (length 1)
[   47.562220][ T3682] FAT-fs (loop4): Directory bread(block 168) failed
[   47.569055][ T3682] FAT-fs (loop4): Directory bread(block 169) failed
[   47.598921][ T3682] FAT-fs (loop4): Directory bread(block 162) failed
[   47.606032][ T3686] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm : lblock 0 mapped to illegal pblock 48 (length 1)
[   47.621029][ T3682] FAT-fs (loop4): Directory bread(block 163) failed
[   47.641813][ T3686] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm : Failed to acquire dquot type 0
[   47.658093][ T3682] bio_check_eod: 35 callbacks suppressed
[   47.658111][ T3682] GPL: attempt to access beyond end of device
[   47.658111][ T3682] loop4: rw=3, sector=226, nr_sectors = 6 limit=128
[   47.704162][ T3686] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   47.733643][ T3686] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm : mark_inode_dirty error
[   47.784584][ T3682] GPL: attempt to access beyond end of device
[   47.784584][ T3682] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128
[   47.817619][ T3686] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   47.840267][ T3686] EXT4-fs (loop0): 1 orphan inode deleted
[   47.860884][ T1783] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[   47.879147][ T3686] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.912069][ T1783] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 0
[   48.072630][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.108654][ T3310] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[   48.158954][ T3310] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   48.188944][ T3310] EXT4-fs error (device loop0): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[   48.287146][ T3700] loop0: detected capacity change from 0 to 128
[   48.331946][ T3700] syz.0.76: attempt to access beyond end of device
[   48.331946][ T3700] loop0: rw=2049, sector=233, nr_sectors = 24 limit=128
[   48.357497][ T3698] netlink: 'syz.4.78': attribute type 4 has an invalid length.
[   48.365194][ T3700] syz.0.76: attempt to access beyond end of device
[   48.365194][ T3700] loop0: rw=2049, sector=265, nr_sectors = 8 limit=128
[   48.398739][ T3698] netlink: 'syz.4.78': attribute type 4 has an invalid length.
[   48.408746][ T3700] syz.0.76: attempt to access beyond end of device
[   48.408746][ T3700] loop0: rw=2049, sector=281, nr_sectors = 8 limit=128
[   48.441925][ T3700] syz.0.76: attempt to access beyond end of device
[   48.441925][ T3700] loop0: rw=2049, sector=297, nr_sectors = 8 limit=128
[   48.463113][ T3700] syz.0.76: attempt to access beyond end of device
[   48.463113][ T3700] loop0: rw=2049, sector=313, nr_sectors = 8 limit=128
[   48.492078][ T3700] syz.0.76: attempt to access beyond end of device
[   48.492078][ T3700] loop0: rw=2049, sector=329, nr_sectors = 8 limit=128
[   48.513628][ T3700] syz.0.76: attempt to access beyond end of device
[   48.513628][ T3700] loop0: rw=2049, sector=345, nr_sectors = 8 limit=128
[   48.541935][ T3700] syz.0.76: attempt to access beyond end of device
[   48.541935][ T3700] loop0: rw=2049, sector=361, nr_sectors = 8 limit=128
[   48.679496][ T3710] netlink: 60 bytes leftover after parsing attributes in process `syz.0.82'.
[   48.682940][ T3708] loop4: detected capacity change from 0 to 1024
[   48.711371][ T3708] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   48.738774][ T3714] netlink: 'syz.3.85': attribute type 4 has an invalid length.
[   48.770392][ T3708] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.83: Invalid block bitmap block 0 in block_group 0
[   48.790109][ T3714] netlink: 'syz.3.85': attribute type 4 has an invalid length.
[   48.811750][ T3719] netlink: 'syz.2.87': attribute type 4 has an invalid length.
[   48.824422][ T3708] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.83: Failed to acquire dquot type 0
[   48.837567][ T3381] lo speed is unknown, defaulting to 1000
[   48.843395][ T3381] syz2: Port: 1 Link DOWN
[   48.854305][ T3719] netlink: 'syz.2.87': attribute type 4 has an invalid length.
[   48.893674][ T3388] lo speed is unknown, defaulting to 1000
[   48.899476][ T3388] syz2: Port: 1 Link ACTIVE
[   48.916583][ T3723] loop1: detected capacity change from 0 to 1024
[   48.922180][ T3708] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.83: Freeing blocks not in datazone - block = 0, count = 4096
[   48.943453][ T3723] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   48.967749][ T3708] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.83: Invalid inode bitmap blk 0 in block_group 0
[   48.976298][ T3726] loop3: detected capacity change from 0 to 1024
[   48.980700][ T3708] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   49.006296][ T3723] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.88: Invalid block bitmap block 0 in block_group 0
[   49.014624][ T1783] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 0
[   49.019833][ T3726] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   49.043837][ T3708] EXT4-fs (loop4): 1 orphan inode deleted
[   49.049981][ T3708] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.064278][ T3723] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.88: Failed to acquire dquot type 0
[   49.082102][ T3723] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.88: Freeing blocks not in datazone - block = 0, count = 4096
[   49.100322][ T3729] netlink: 4 bytes leftover after parsing attributes in process `syz.2.90'.
[   49.109738][ T3726] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.89: Invalid block bitmap block 0 in block_group 0
[   49.109873][ T3723] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.88: Invalid inode bitmap blk 0 in block_group 0
[   49.135888][   T51] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:3: Failed to release dquot type 0
[   49.138046][ T3723] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   49.157978][ T3726] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.89: Failed to acquire dquot type 0
[   49.169362][ T3729] loop2: detected capacity change from 0 to 1024
[   49.176031][ T3729] EXT4-fs: Ignoring removed orlov option
[   49.185360][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.213619][ T3726] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.89: Freeing blocks not in datazone - block = 0, count = 4096
[   49.227270][ T3723] EXT4-fs (loop1): 1 orphan inode deleted
[   49.233640][ T3723] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.235079][ T3726] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.89: Invalid inode bitmap blk 0 in block_group 0
[   49.260128][  T398] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:5: Failed to release dquot type 0
[   49.261394][ T3726] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   49.284283][ T3729] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.299932][ T3735] usb usb1: usbfs: process 3735 (syz.4.91) did not claim interface 4 before use
[   49.300895][ T3726] EXT4-fs (loop3): 1 orphan inode deleted
[   49.315692][ T3726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.317562][ T3729] cgroup2: Unknown parameter 'pids'
[   49.330481][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.369534][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.404247][ T3739] netlink: 68 bytes leftover after parsing attributes in process `syz.1.93'.
[   49.439767][ T3742] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.454114][ T3742] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.522311][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.617162][ T3755] netlink: 4 bytes leftover after parsing attributes in process `syz.1.99'.
[   49.685465][ T3761] binfmt_misc: register: failed to install interpreter file ./file0
[   49.706692][ T3761] netlink: 12 bytes leftover after parsing attributes in process `syz.2.101'.
[   49.771754][ T3763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.102'.
[   49.955365][ T3770] loop1: detected capacity change from 0 to 1024
[   49.977206][ T3770] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   49.990829][ T3770] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.105: Invalid block bitmap block 0 in block_group 0
[   50.006646][ T3770] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.105: Failed to acquire dquot type 0
[   50.018353][ T3770] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.105: Freeing blocks not in datazone - block = 0, count = 4096
[   50.036792][ T3770] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.105: Invalid inode bitmap blk 0 in block_group 0
[   50.053365][  T398] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:5: Failed to release dquot type 0
[   50.065842][ T3770] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   50.084791][ T3770] EXT4-fs (loop1): 1 orphan inode deleted
[   50.104631][ T3770] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.191468][ T3783] loop0: detected capacity change from 0 to 1024
[   50.215280][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.233478][ T3783] EXT4-fs: Ignoring removed orlov option
[   50.246811][ T3783] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.287884][ T3790] binfmt_misc: register: failed to install interpreter file ./file0
[   50.402294][ T3783] cgroup2: Unknown parameter 'pids'
[   50.573770][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.709997][ T3810] loop4: detected capacity change from 0 to 164
[   50.720243][ T3810] isofs_fill_super: get root inode failed
[   50.939910][ T3823] dummy0: entered promiscuous mode
[   51.021730][ T3827] loop4: detected capacity change from 0 to 128
[   51.278459][ T3836] tipc: Started in network mode
[   51.283608][ T3836] tipc: Node identity ac14140f, cluster identity 4711
[   51.294370][ T3836] tipc: New replicast peer: 255.255.255.255
[   51.300447][ T3836] tipc: Enabled bearer <udp:s>, priority 10
[   51.334892][ T3844] loop1: detected capacity change from 0 to 164
[   51.356674][ T3844] isofs_fill_super: get root inode failed
[   51.437218][   T29] kauditd_printk_skb: 393 callbacks suppressed
[   51.437238][   T29] audit: type=1326 audit(1759058575.660:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3848 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   51.466904][   T29] audit: type=1326 audit(1759058575.660:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3848 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   51.490162][   T29] audit: type=1326 audit(1759058575.660:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3848 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   51.513440][   T29] audit: type=1326 audit(1759058575.660:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3848 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   51.536907][   T29] audit: type=1326 audit(1759058575.660:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3848 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   51.558840][ T3850] loop1: detected capacity change from 0 to 1024
[   51.560797][   T29] audit: type=1326 audit(1759058575.660:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3848 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   51.589816][ T3850] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   51.590334][   T29] audit: type=1326 audit(1759058575.660:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3848 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   51.617338][ T3850] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.137: Invalid block bitmap block 0 in block_group 0
[   51.624090][   T29] audit: type=1326 audit(1759058575.660:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3848 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   51.653287][ T3395] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4
[   51.660894][   T29] audit: type=1326 audit(1759058575.660:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3848 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   51.668544][ T3395] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2
[   51.691715][   T29] audit: type=1326 audit(1759058575.660:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3848 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   51.699394][ T3395] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3
[   51.823983][ T3395] hid-generic 0000:3000000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   51.854619][ T3851] lo speed is unknown, defaulting to 1000
[   51.901071][ T3855] usb usb1: usbfs: process 3855 (syz.0.139) did not claim interface 4 before use
[   51.901994][ T3850] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.137: Failed to acquire dquot type 0
[   51.959574][ T3859] fido_id[3859]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   51.962094][ T3850] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.137: Freeing blocks not in datazone - block = 0, count = 4096
[   52.012996][ T3850] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.137: Invalid inode bitmap blk 0 in block_group 0
[   52.064223][   T51] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:3: Failed to release dquot type 0
[   52.065376][ T3850] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   52.092347][ T3863] FAULT_INJECTION: forcing a failure.
[   52.092347][ T3863] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   52.105667][ T3863] CPU: 0 UID: 0 PID: 3863 Comm: syz.0.141 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.105697][ T3863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   52.105787][ T3863] Call Trace:
[   52.105794][ T3863]  <TASK>
[   52.105854][ T3863]  __dump_stack+0x1d/0x30
[   52.105883][ T3863]  dump_stack_lvl+0xe8/0x140
[   52.105908][ T3863]  dump_stack+0x15/0x1b
[   52.105928][ T3863]  should_fail_ex+0x265/0x280
[   52.105959][ T3863]  should_fail+0xb/0x20
[   52.105986][ T3863]  should_fail_usercopy+0x1a/0x20
[   52.106025][ T3863]  _copy_from_user+0x1c/0xb0
[   52.106096][ T3863]  sock_do_ioctl+0xe6/0x220
[   52.106153][ T3863]  sock_ioctl+0x41b/0x610
[   52.106223][ T3863]  ? __pfx_sock_ioctl+0x10/0x10
[   52.106287][ T3863]  __se_sys_ioctl+0xce/0x140
[   52.106310][ T3863]  __x64_sys_ioctl+0x43/0x50
[   52.106350][ T3863]  x64_sys_call+0x1816/0x2ff0
[   52.106378][ T3863]  do_syscall_64+0xd2/0x200
[   52.106447][ T3863]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.106484][ T3863]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.106520][ T3863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.106548][ T3863] RIP: 0033:0x7fc1f95feec9
[   52.106565][ T3863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.106583][ T3863] RSP: 002b:00007fc1f8067038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   52.106603][ T3863] RAX: ffffffffffffffda RBX: 00007fc1f9855fa0 RCX: 00007fc1f95feec9
[   52.106691][ T3863] RDX: 0000200000000000 RSI: 0000000000008923 RDI: 0000000000000007
[   52.106707][ T3863] RBP: 00007fc1f8067090 R08: 0000000000000000 R09: 0000000000000000
[   52.106723][ T3863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.106812][ T3863] R13: 00007fc1f9856038 R14: 00007fc1f9855fa0 R15: 00007ffc89cacff8
[   52.106832][ T3863]  </TASK>
[   52.143424][ T3850] EXT4-fs (loop1): 1 orphan inode deleted
[   52.304359][ T3850] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.338967][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.416161][ T3871] loop1: detected capacity change from 0 to 1024
[   52.422614][ T3395] tipc: Node number set to 2886997007
[   52.456606][ T3871] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   52.485256][ T3878] loop4: detected capacity change from 0 to 164
[   52.488982][ T3871] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.143: Invalid block bitmap block 0 in block_group 0
[   52.505407][ T3871] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.143: Failed to acquire dquot type 0
[   52.506410][ T3878] isofs_fill_super: get root inode failed
[   52.517221][ T3871] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.143: Freeing blocks not in datazone - block = 0, count = 4096
[   52.536213][ T3871] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.143: Invalid inode bitmap blk 0 in block_group 0
[   52.550410][ T3871] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   52.563475][ T3492] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:7: Failed to release dquot type 0
[   52.595494][ T3880] loop4: detected capacity change from 0 to 2048
[   52.601985][ T3871] EXT4-fs (loop1): 1 orphan inode deleted
[   52.611665][ T3871] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.634463][ T3880] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.652897][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.694961][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.719583][ T3890] binfmt_misc: register: failed to install interpreter file ./file0
[   52.742205][ T3890] __nla_validate_parse: 5 callbacks suppressed
[   52.742219][ T3890] netlink: 12 bytes leftover after parsing attributes in process `syz.1.152'.
[   52.758183][ T3893] loop4: detected capacity change from 0 to 256
[   52.821718][ T3896] netlink: 4 bytes leftover after parsing attributes in process `syz.1.154'.
[   52.839659][ T3896] loop1: detected capacity change from 0 to 1024
[   52.849186][ T3896] EXT4-fs: Ignoring removed orlov option
[   52.861116][ T3896] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.970056][ T3896] cgroup2: Unknown parameter 'pids'
[   53.117404][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.170634][ T3914] dvmrp0: entered allmulticast mode
[   53.192525][ T3914] dvmrp0: left allmulticast mode
[   53.211996][ T3919] netlink: 'syz.2.164': attribute type 4 has an invalid length.
[   53.249225][ T3381] lo speed is unknown, defaulting to 1000
[   53.255112][ T3381] syz2: Port: 1 Link DOWN
[   53.260709][ T3919] netlink: 'syz.2.164': attribute type 4 has an invalid length.
[   53.284723][ T3381] lo speed is unknown, defaulting to 1000
[   53.290481][ T3381] syz2: Port: 1 Link ACTIVE
[   53.329105][ T3927] dvmrp0: entered allmulticast mode
[   53.344201][ T3928] loop4: detected capacity change from 0 to 128
[   53.358294][ T3927] dvmrp0: left allmulticast mode
[   53.379412][ T3930] loop2: detected capacity change from 0 to 128
[   53.386653][ T3927] FAULT_INJECTION: forcing a failure.
[   53.386653][ T3927] name failslab, interval 1, probability 0, space 0, times 1
[   53.399469][ T3927] CPU: 0 UID: 0 PID: 3927 Comm: syz.3.166 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.399505][ T3927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   53.399520][ T3927] Call Trace:
[   53.399527][ T3927]  <TASK>
[   53.399535][ T3927]  __dump_stack+0x1d/0x30
[   53.399558][ T3927]  dump_stack_lvl+0xe8/0x140
[   53.399576][ T3927]  dump_stack+0x15/0x1b
[   53.399596][ T3927]  should_fail_ex+0x265/0x280
[   53.399643][ T3927]  should_failslab+0x8c/0xb0
[   53.399755][ T3927]  kmem_cache_alloc_node_noprof+0x57/0x320
[   53.399791][ T3927]  ? __alloc_skb+0x101/0x320
[   53.399813][ T3927]  ? __local_bh_enable_ip+0x70/0x80
[   53.399887][ T3927]  __alloc_skb+0x101/0x320
[   53.399908][ T3927]  ? netif_set_allmulti+0x1e6/0x250
[   53.400017][ T3927]  inet_netconf_notify_devconf+0x173/0x230
[   53.400114][ T3927]  vif_delete+0x31a/0x430
[   53.400158][ T3927]  mroute_clean_tables+0x125/0x610
[   53.400258][ T3927]  ? _copy_from_user+0x89/0xb0
[   53.400293][ T3927]  ip_mroute_setsockopt+0x80b/0x960
[   53.400327][ T3927]  do_ip_setsockopt+0xcea/0x2240
[   53.400365][ T3927]  ip_setsockopt+0x58/0x110
[   53.400437][ T3927]  raw_setsockopt+0xbd/0x150
[   53.400524][ T3927]  sock_common_setsockopt+0x66/0x80
[   53.400557][ T3927]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   53.400657][ T3927]  __sys_setsockopt+0x184/0x200
[   53.400678][ T3927]  __x64_sys_setsockopt+0x64/0x80
[   53.400701][ T3927]  x64_sys_call+0x20ec/0x2ff0
[   53.400727][ T3927]  do_syscall_64+0xd2/0x200
[   53.400820][ T3927]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.400843][ T3927]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   53.400873][ T3927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.400970][ T3927] RIP: 0033:0x7f6d7f6eeec9
[   53.401028][ T3927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.401049][ T3927] RSP: 002b:00007f6d7e14f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   53.401094][ T3927] RAX: ffffffffffffffda RBX: 00007f6d7f945fa0 RCX: 00007f6d7f6eeec9
[   53.401106][ T3927] RDX: 00000000000000d4 RSI: 0000000000000000 RDI: 0000000000000003
[   53.401116][ T3927] RBP: 00007f6d7e14f090 R08: 0000000000000004 R09: 0000000000000000
[   53.401127][ T3927] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.401138][ T3927] R13: 00007f6d7f946038 R14: 00007f6d7f945fa0 R15: 00007ffcd79f0128
[   53.401155][ T3927]  </TASK>
[   53.436071][ T3928] bio_check_eod: 22 callbacks suppressed
[   53.436090][ T3928] syz.4.167: attempt to access beyond end of device
[   53.436090][ T3928] loop4: rw=2049, sector=233, nr_sectors = 24 limit=128
[   53.438817][ T3930] FAT-fs (loop2): Directory bread(block 162) failed
[   53.452476][ T3928] syz.4.167: attempt to access beyond end of device
[   53.452476][ T3928] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128
[   53.487573][ T3930] FAT-fs (loop2): Directory bread(block 163) failed
[   53.492588][ T3928] syz.4.167: attempt to access beyond end of device
[   53.492588][ T3928] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[   53.511397][ T3930] FAT-fs (loop2): Directory bread(block 164) failed
[   53.514616][ T3928] syz.4.167: attempt to access beyond end of device
[   53.514616][ T3928] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128
[   53.523891][ T3930] FAT-fs (loop2): Directory bread(block 165) failed
[   53.528355][ T3928] syz.4.167: attempt to access beyond end of device
[   53.528355][ T3928] loop4: rw=2049, sector=313, nr_sectors = 8 limit=128
[   53.547978][ T3930] FAT-fs (loop2): Directory bread(block 166) failed
[   53.554788][ T3928] syz.4.167: attempt to access beyond end of device
[   53.554788][ T3928] loop4: rw=2049, sector=329, nr_sectors = 8 limit=128
[   53.566293][ T3930] FAT-fs (loop2): Directory bread(block 167) failed
[   53.569943][ T3928] syz.4.167: attempt to access beyond end of device
[   53.569943][ T3928] loop4: rw=2049, sector=345, nr_sectors = 8 limit=128
[   53.760644][ T3930] FAT-fs (loop2): Directory bread(block 168) failed
[   53.795683][ T3928] syz.4.167: attempt to access beyond end of device
[   53.795683][ T3928] loop4: rw=2049, sector=361, nr_sectors = 8 limit=128
[   53.817117][ T3935] lo speed is unknown, defaulting to 1000
[   53.825697][ T3928] syz.4.167: attempt to access beyond end of device
[   53.825697][ T3928] loop4: rw=2049, sector=377, nr_sectors = 8 limit=128
[   53.849233][ T3930] FAT-fs (loop2): Directory bread(block 169) failed
[   53.858027][ T3928] syz.4.167: attempt to access beyond end of device
[   53.858027][ T3928] loop4: rw=2049, sector=393, nr_sectors = 8 limit=128
[   53.915476][ T3930] FAT-fs (loop2): Directory bread(block 162) failed
[   53.931999][ T3930] FAT-fs (loop2): Directory bread(block 163) failed
[   54.294810][ T3944] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   54.354556][ T3944] netlink: 'syz.3.171': attribute type 9 has an invalid length.
[   54.367229][ T4005] netlink: 256 bytes leftover after parsing attributes in process `syz.2.173'.
[   54.367792][ T4003] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   54.418378][ T3944] loop3: detected capacity change from 0 to 2048
[   54.445108][ T4008] netlink: 60 bytes leftover after parsing attributes in process `syz.4.175'.
[   54.473007][ T4011] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   54.476036][ T4005] netlink: 48 bytes leftover after parsing attributes in process `wg1'.
[   54.530521][ T3944] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.556743][ T3944] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.691044][ T4019] netlink: 'syz.1.178': attribute type 4 has an invalid length.
[   54.747422][ T4019] netlink: 'syz.1.178': attribute type 4 has an invalid length.
[   54.899212][ T4024] netlink: 68 bytes leftover after parsing attributes in process `syz.1.180'.
[   54.984868][ T4026] netlink: 'syz.4.182': attribute type 4 has an invalid length.
[   55.021822][ T4026] netlink: 'syz.4.182': attribute type 4 has an invalid length.
[   55.063580][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.111822][ T4028] binfmt_misc: register: failed to install interpreter file ./file0
[   55.137647][ T4028] netlink: 12 bytes leftover after parsing attributes in process `syz.1.183'.
[   55.174474][ T4030] FAULT_INJECTION: forcing a failure.
[   55.174474][ T4030] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   55.187775][ T4030] CPU: 0 UID: 0 PID: 4030 Comm: syz.3.181 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.187853][ T4030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   55.187866][ T4030] Call Trace:
[   55.187873][ T4030]  <TASK>
[   55.187881][ T4030]  __dump_stack+0x1d/0x30
[   55.187998][ T4030]  dump_stack_lvl+0xe8/0x140
[   55.188017][ T4030]  dump_stack+0x15/0x1b
[   55.188102][ T4030]  should_fail_ex+0x265/0x280
[   55.188132][ T4030]  should_fail_alloc_page+0xf2/0x100
[   55.188218][ T4030]  __alloc_frozen_pages_noprof+0xff/0x360
[   55.188258][ T4030]  alloc_pages_mpol+0xb3/0x250
[   55.188294][ T4030]  vma_alloc_folio_noprof+0x1aa/0x300
[   55.188418][ T4030]  do_wp_page+0x5db/0x24e0
[   55.188445][ T4030]  ? css_rstat_updated+0xb7/0x240
[   55.188485][ T4030]  ? __rcu_read_lock+0x37/0x50
[   55.188516][ T4030]  handle_mm_fault+0x77d/0x2c20
[   55.188610][ T4030]  do_user_addr_fault+0x636/0x1090
[   55.188708][ T4030]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   55.188750][ T4030]  exc_page_fault+0x62/0xa0
[   55.188786][ T4030]  asm_exc_page_fault+0x26/0x30
[   55.188858][ T4030] RIP: 0033:0x7f6d7f5b0cb0
[   55.188878][ T4030] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41
[   55.188919][ T4030] RSP: 002b:00007f6d7e14e4a0 EFLAGS: 00010202
[   55.188938][ T4030] RAX: 000000000000a800 RBX: 00007f6d7e14e540 RCX: 0000000000000004
[   55.188951][ T4030] RDX: 0000000000000ff9 RSI: 0000000000001ffa RDI: 00007f6d7e14e5e0
[   55.188963][ T4030] RBP: 0000000000000005 R08: 00007f6d75d2f000 R09: 0000000000000001
[   55.188975][ T4030] R10: 00002000000005c2 R11: 000000000000034c R12: 0000000000001801
[   55.189064][ T4030] R13: 00007f6d7f78db80 R14: 0000000000000019 R15: 00007f6d7e14e5e0
[   55.189136][ T4030]  </TASK>
[   55.189162][ T4030] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   55.194054][ T4032] loop4: detected capacity change from 0 to 128
[   55.225701][ T4034] netlink: 14 bytes leftover after parsing attributes in process `syz.1.185'.
[   55.289545][ T4030] loop3: detected capacity change from 0 to 732
[   55.304654][ T4032] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   55.342406][ T4036] FAULT_INJECTION: forcing a failure.
[   55.342406][ T4036] name failslab, interval 1, probability 0, space 0, times 0
[   55.423431][ T4036] CPU: 1 UID: 0 PID: 4036 Comm: syz.1.185 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.423489][ T4036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   55.423504][ T4036] Call Trace:
[   55.423512][ T4036]  <TASK>
[   55.423521][ T4036]  __dump_stack+0x1d/0x30
[   55.423546][ T4036]  dump_stack_lvl+0xe8/0x140
[   55.423571][ T4036]  dump_stack+0x15/0x1b
[   55.423592][ T4036]  should_fail_ex+0x265/0x280
[   55.423651][ T4036]  ? cgroup_file_open+0x4e/0x1d0
[   55.423675][ T4036]  should_failslab+0x8c/0xb0
[   55.423707][ T4036]  __kmalloc_cache_noprof+0x4c/0x320
[   55.423752][ T4036]  ? should_failslab+0x8c/0xb0
[   55.423785][ T4036]  cgroup_file_open+0x4e/0x1d0
[   55.423817][ T4036]  kernfs_fop_open+0x61e/0x6d0
[   55.423935][ T4036]  do_dentry_open+0x649/0xa20
[   55.423965][ T4036]  ? __pfx_kernfs_fop_open+0x10/0x10
[   55.424006][ T4036]  vfs_open+0x37/0x1e0
[   55.424063][ T4036]  path_openat+0x1c5e/0x2170
[   55.424132][ T4036]  do_filp_open+0x109/0x230
[   55.424200][ T4036]  do_sys_openat2+0xa6/0x110
[   55.424246][ T4036]  __x64_sys_openat+0xf2/0x120
[   55.424291][ T4036]  x64_sys_call+0x2e9c/0x2ff0
[   55.424354][ T4036]  do_syscall_64+0xd2/0x200
[   55.424386][ T4036]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.424413][ T4036]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   55.424486][ T4036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.424509][ T4036] RIP: 0033:0x7f8a3a89eec9
[   55.424524][ T4036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.424543][ T4036] RSP: 002b:00007f8a392e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   55.424563][ T4036] RAX: ffffffffffffffda RBX: 00007f8a3aaf6090 RCX: 00007f8a3a89eec9
[   55.424576][ T4036] RDX: 000000000000275a RSI: 0000200000000040 RDI: 0000000000000006
[   55.424646][ T4036] RBP: 00007f8a392e6090 R08: 0000000000000000 R09: 0000000000000000
[   55.424659][ T4036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   55.424671][ T4036] R13: 00007f8a3aaf6128 R14: 00007f8a3aaf6090 R15: 00007ffd728c9cb8
[   55.424692][ T4036]  </TASK>
[   55.635290][ T4032] ext4 filesystem being mounted at /39/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   55.681131][ T4037] loop1: detected capacity change from 0 to 1024
[   55.721648][ T4039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.186'.
[   55.744341][ T4037] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   55.755347][ T4037] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   55.774388][ T4041] EXT4-fs error (device loop4): dx_make_map:1296: inode #2: block 63: comm syz.4.184: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[   55.799776][ T4039] loop2: detected capacity change from 0 to 1024
[   55.807187][ T4041] EXT4-fs error (device loop4) in do_split:2029: Corrupt filesystem
[   55.817147][ T4037] JBD2: no valid journal superblock found
[   55.822952][ T4037] EXT4-fs (loop1): Could not load journal inode
[   55.833399][ T4039] EXT4-fs: Ignoring removed orlov option
[   55.845461][ T4040] EXT4-fs error (device loop4): dx_make_map:1296: inode #2: block 63: comm syz.4.184: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[   55.874288][ T4039] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.900802][ T4039] cgroup2: Unknown parameter 'pids'
[   55.914392][ T4040] EXT4-fs error (device loop4) in do_split:2029: Corrupt filesystem
[   55.949668][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.965520][ T4049] mmap: syz.1.190 (4049) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   55.980832][ T3305] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   55.991803][ T4047] netlink: 4 bytes leftover after parsing attributes in process `syz.3.188'.
[   56.017174][ T4047] loop3: detected capacity change from 0 to 1024
[   56.024166][ T4047] EXT4-fs: Ignoring removed orlov option
[   56.030609][ T4049] FAULT_INJECTION: forcing a failure.
[   56.030609][ T4049] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.043729][ T4049] CPU: 0 UID: 0 PID: 4049 Comm: syz.1.190 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   56.043755][ T4049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   56.043768][ T4049] Call Trace:
[   56.043775][ T4049]  <TASK>
[   56.043785][ T4049]  __dump_stack+0x1d/0x30
[   56.043857][ T4049]  dump_stack_lvl+0xe8/0x140
[   56.043883][ T4049]  dump_stack+0x15/0x1b
[   56.043979][ T4049]  should_fail_ex+0x265/0x280
[   56.044010][ T4049]  should_fail+0xb/0x20
[   56.044060][ T4049]  should_fail_usercopy+0x1a/0x20
[   56.044102][ T4049]  _copy_to_user+0x20/0xa0
[   56.044151][ T4049]  simple_read_from_buffer+0xb5/0x130
[   56.044181][ T4049]  proc_fail_nth_read+0x10e/0x150
[   56.044218][ T4049]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   56.044253][ T4049]  vfs_read+0x1a5/0x770
[   56.044300][ T4049]  ? __rcu_read_unlock+0x4f/0x70
[   56.044329][ T4049]  ? __fget_files+0x184/0x1c0
[   56.044357][ T4049]  ? finish_task_switch+0xad/0x2b0
[   56.044384][ T4049]  ksys_read+0xda/0x1a0
[   56.044444][ T4049]  __x64_sys_read+0x40/0x50
[   56.044470][ T4049]  x64_sys_call+0x27bc/0x2ff0
[   56.044541][ T4049]  do_syscall_64+0xd2/0x200
[   56.044584][ T4049]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   56.044612][ T4049]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   56.044650][ T4049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.044677][ T4049] RIP: 0033:0x7f8a3a89d8dc
[   56.044706][ T4049] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   56.044727][ T4049] RSP: 002b:00007f8a39307030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   56.044752][ T4049] RAX: ffffffffffffffda RBX: 00007f8a3aaf5fa0 RCX: 00007f8a3a89d8dc
[   56.044767][ T4049] RDX: 000000000000000f RSI: 00007f8a393070a0 RDI: 0000000000000003
[   56.044781][ T4049] RBP: 00007f8a39307090 R08: 0000000000000000 R09: 0000000000000000
[   56.044839][ T4049] R10: 00000000000000ff R11: 0000000000000246 R12: 0000000000000001
[   56.044853][ T4049] R13: 00007f8a3aaf6038 R14: 00007f8a3aaf5fa0 R15: 00007ffd728c9cb8
[   56.044879][ T4049]  </TASK>
[   56.315509][ T4056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.350717][ T4056] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.408453][ T4062] netlink: 'syz.4.195': attribute type 4 has an invalid length.
[   56.417705][ T4047] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.431911][ T4062] netlink: 'syz.4.195': attribute type 4 has an invalid length.
[   56.437312][ T4065] tipc: Started in network mode
[   56.444593][ T4065] tipc: Node identity ac14140f, cluster identity 4711
[   56.447521][ T4047] cgroup2: Unknown parameter 'pids'
[   56.451650][ T4065] tipc: New replicast peer: 255.255.255.255
[   56.462906][ T4065] tipc: Enabled bearer <udp:s>, priority 10
[   56.471831][   T29] kauditd_printk_skb: 254 callbacks suppressed
[   56.478091][   T29] audit: type=1326 audit(1759058580.700:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4061 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   56.502832][   T29] audit: type=1326 audit(1759058580.740:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4061 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   56.526878][   T29] audit: type=1326 audit(1759058580.740:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4061 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   56.550251][   T29] audit: type=1326 audit(1759058580.740:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4061 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   56.573689][   T29] audit: type=1326 audit(1759058580.740:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4061 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   56.597225][   T29] audit: type=1326 audit(1759058580.740:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4061 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   56.620555][   T29] audit: type=1326 audit(1759058580.740:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4061 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   56.644137][   T29] audit: type=1326 audit(1759058580.740:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4061 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   56.667540][   T29] audit: type=1326 audit(1759058580.740:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4061 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   56.690823][   T29] audit: type=1326 audit(1759058580.740:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4061 comm="syz.4.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783c3eec9 code=0x7ffc0000
[   56.756442][ T4074] loop4: detected capacity change from 0 to 1024
[   56.766520][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.775238][ T4074] EXT4-fs: Ignoring removed orlov option
[   56.801762][ T4074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.828586][ T4072] cgroup2: Unknown parameter 'pids'
[   56.869535][ T4079] loop1: detected capacity change from 0 to 1024
[   56.876477][ T4079] EXT4-fs: Ignoring removed orlov option
[   56.876968][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.890523][ T4081] netlink: 'syz.3.201': attribute type 3 has an invalid length.
[   56.905328][ T4079] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.920804][ T4079] cgroup2: Unknown parameter 'pids'
[   56.966046][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.991387][ T4086] loop1: detected capacity change from 0 to 736
[   57.046885][ T4088] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.055574][ T4088] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.082561][ T4093] loop2: detected capacity change from 0 to 164
[   57.089955][ T4093] isofs_fill_super: get root inode failed
[   57.244509][ T4112] loop2: detected capacity change from 0 to 1024
[   57.267341][ T4112] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   57.294535][ T4112] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.209: Invalid block bitmap block 0 in block_group 0
[   57.309502][ T4112] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.209: Failed to acquire dquot type 0
[   57.321147][ T4115] loop4: detected capacity change from 0 to 1024
[   57.321210][ T4112] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.209: Freeing blocks not in datazone - block = 0, count = 4096
[   57.338444][ T4115] EXT4-fs: Ignoring removed orlov option
[   57.358806][ T4112] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.209: Invalid inode bitmap blk 0 in block_group 0
[   57.380507][ T4112] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   57.382456][ T3961] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:30: Failed to release dquot type 0
[   57.405498][ T4112] EXT4-fs (loop2): 1 orphan inode deleted
[   57.412177][ T4115] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.432817][ T4112] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.474984][ T4115] cgroup2: Unknown parameter 'pids'
[   57.481925][ T3381] tipc: Node number set to 2886997007
[   57.489937][ T4105] netlink: 'syz.3.210': attribute type 9 has an invalid length.
[   57.538477][ T4131] IPv6: NLM_F_CREATE should be specified when creating new route
[   57.568101][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.597483][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.718006][ T4150] loop4: detected capacity change from 0 to 732
[   57.724856][ T4150] iso9660: Unknown parameter ''
[   57.734237][ T4150] netlink: 'syz.4.217': attribute type 39 has an invalid length.
[   57.781091][ T4154] __nla_validate_parse: 10 callbacks suppressed
[   57.781151][ T4154] netlink: 60 bytes leftover after parsing attributes in process `syz.0.225'.
[   57.797365][ T4152] loop3: detected capacity change from 0 to 512
[   57.813691][ T4152] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   57.826811][ T4152] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   57.847230][ T4152] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[   57.950031][ T4166] loop3: detected capacity change from 0 to 512
[   57.965714][ T4164] loop0: detected capacity change from 0 to 1024
[   57.996583][ T4166] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.014147][ T4164] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   58.020839][ T4166] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   58.026930][ T4164] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.226: Invalid block bitmap block 0 in block_group 0
[   58.050342][ T4164] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.226: Failed to acquire dquot type 0
[   58.063535][ T4164] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.226: Freeing blocks not in datazone - block = 0, count = 4096
[   58.077995][ T4164] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.226: Invalid inode bitmap blk 0 in block_group 0
[   58.091137][ T3961] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:30: Failed to release dquot type 0
[   58.103576][ T4164] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[   58.129173][ T4172] netlink: 68 bytes leftover after parsing attributes in process `syz.1.231'.
[   58.131378][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.138313][ T4164] EXT4-fs (loop0): 1 orphan inode deleted
[   58.167216][ T4164] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.176266][ T4177] SELinux:  Context Ü is not valid (left unmapped).
[   58.196611][ T4181] loop4: detected capacity change from 0 to 512
[   58.215385][ T4181] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.241130][ T4181] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   58.242427][ T4187] netlink: 60 bytes leftover after parsing attributes in process `syz.3.236'.
[   58.277654][ T4181] netlink: 8 bytes leftover after parsing attributes in process `syz.4.234'.
[   58.288062][ T4181] Zero length message leads to an empty skb
[   58.440789][ T4204] netlink: 4 bytes leftover after parsing attributes in process `syz.0.242'.
[   58.461811][ T4200] loop0: detected capacity change from 0 to 1024
[   58.506716][ T4200] EXT4-fs: Ignoring removed orlov option
[   58.537195][ T4213] loop4: detected capacity change from 0 to 128
[   58.567938][ T4200] cgroup2: Unknown parameter 'pids'
[   58.592606][ T4220] netlink: 60 bytes leftover after parsing attributes in process `syz.1.246'.
[   58.747844][ T4240] loop1: detected capacity change from 0 to 512
[   58.763795][ T4240] EXT4-fs: Ignoring removed mblk_io_submit option
[   58.780759][ T4240] EXT4-fs: Mount option(s) incompatible with ext2
[   58.863998][ T4240] rdma_op ffff88810b07e180 conn xmit_rdma 0000000000000000
[   58.928288][ T4244] loop4: detected capacity change from 0 to 1024
[   58.936711][ T4240] netlink: 12 bytes leftover after parsing attributes in process `syz.1.250'.
[   58.968389][ T4240] 8021q: adding VLAN 0 to HW filter on device bond1
[   58.992214][ T4244] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   59.019958][ T4244] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.251: Invalid block bitmap block 0 in block_group 0
[   59.034834][ T4244] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.251: Failed to acquire dquot type 0
[   59.046388][ T4244] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.251: Freeing blocks not in datazone - block = 0, count = 4096
[   59.100614][ T4244] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.251: Invalid inode bitmap blk 0 in block_group 0
[   59.113519][ T3961] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:30: Failed to release dquot type 0
[   59.245994][ T4267] loop3: detected capacity change from 0 to 164
[   59.361417][ T4244] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   59.379137][ T4267] isofs_fill_super: get root inode failed
[   59.435374][ T4273] loop1: detected capacity change from 0 to 128
[   59.441902][ T4244] EXT4-fs (loop4): 1 orphan inode deleted
[   59.475556][ T4273] bio_check_eod: 7 callbacks suppressed
[   59.475575][ T4273] syz.1.257: attempt to access beyond end of device
[   59.475575][ T4273] loop1: rw=2049, sector=233, nr_sectors = 24 limit=128
[   59.513579][ T4277] netlink: 4 bytes leftover after parsing attributes in process `syz.4.259'.
[   59.524922][ T4273] syz.1.257: attempt to access beyond end of device
[   59.524922][ T4273] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128
[   59.546009][ T4277] loop4: detected capacity change from 0 to 1024
[   59.552601][ T4273] syz.1.257: attempt to access beyond end of device
[   59.552601][ T4273] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[   59.570952][ T4277] EXT4-fs: Ignoring removed orlov option
[   59.606380][ T4277] cgroup2: Unknown parameter 'pids'
[   59.612060][ T4273] syz.1.257: attempt to access beyond end of device
[   59.612060][ T4273] loop1: rw=2049, sector=297, nr_sectors = 8 limit=128
[   59.626081][ T4273] syz.1.257: attempt to access beyond end of device
[   59.626081][ T4273] loop1: rw=2049, sector=313, nr_sectors = 8 limit=128
[   59.639542][ T4273] syz.1.257: attempt to access beyond end of device
[   59.639542][ T4273] loop1: rw=2049, sector=329, nr_sectors = 8 limit=128
[   59.653002][ T4273] syz.1.257: attempt to access beyond end of device
[   59.653002][ T4273] loop1: rw=2049, sector=345, nr_sectors = 8 limit=128
[   59.666564][ T4273] syz.1.257: attempt to access beyond end of device
[   59.666564][ T4273] loop1: rw=2049, sector=361, nr_sectors = 8 limit=128
[   59.680020][ T4273] syz.1.257: attempt to access beyond end of device
[   59.680020][ T4273] loop1: rw=2049, sector=377, nr_sectors = 8 limit=128
[   59.693593][ T4273] syz.1.257: attempt to access beyond end of device
[   59.693593][ T4273] loop1: rw=2049, sector=393, nr_sectors = 8 limit=128
[   59.815039][ T4282] netlink: 4 bytes leftover after parsing attributes in process `syz.1.261'.
[   59.843152][ T4282] loop1: detected capacity change from 0 to 1024
[   59.862169][ T4282] EXT4-fs: Ignoring removed orlov option
[   59.868332][ T4284] loop4: detected capacity change from 0 to 2048
[   59.887169][ T4282] cgroup2: Unknown parameter 'pids'
[   60.050375][ T4295] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2
[   60.115141][ T4298] netlink: 256 bytes leftover after parsing attributes in process `syz.4.268'.
[   60.134173][   T36] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   60.153383][   T36] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   60.239058][ T4304] validate_nla: 1 callbacks suppressed
[   60.239076][ T4304] netlink: 'syz.3.269': attribute type 4 has an invalid length.
[   60.270542][ T4308] loop0: detected capacity change from 0 to 164
[   60.282351][ T4309] loop2: detected capacity change from 0 to 128
[   60.332089][ T4304] netlink: 'syz.3.269': attribute type 4 has an invalid length.
[   60.350903][ T4308] isofs_fill_super: get root inode failed
[   60.482324][ T4318] loop3: detected capacity change from 0 to 1024
[   60.489625][ T4318] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   60.512951][ T4318] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.275: Invalid block bitmap block 0 in block_group 0
[   60.535204][ T4318] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.275: Failed to acquire dquot type 0
[   60.560580][ T4322] loop0: detected capacity change from 0 to 1024
[   60.567742][ T4318] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.275: Freeing blocks not in datazone - block = 0, count = 4096
[   60.574135][ T4322] EXT4-fs: Ignoring removed orlov option
[   60.593508][ T4318] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.275: Invalid inode bitmap blk 0 in block_group 0
[   60.601483][ T3961] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:30: Failed to release dquot type 0
[   60.610471][ T4318] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   60.628072][ T4318] EXT4-fs (loop3): 1 orphan inode deleted
[   60.659634][ T4322] cgroup2: Unknown parameter 'pids'
[   60.713843][ T4334] FAULT_INJECTION: forcing a failure.
[   60.713843][ T4334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.727010][ T4334] CPU: 1 UID: 0 PID: 4334 Comm: syz.1.281 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.727089][ T4334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   60.727106][ T4334] Call Trace:
[   60.727115][ T4334]  <TASK>
[   60.727125][ T4334]  __dump_stack+0x1d/0x30
[   60.727150][ T4334]  dump_stack_lvl+0xe8/0x140
[   60.727169][ T4334]  dump_stack+0x15/0x1b
[   60.727212][ T4334]  should_fail_ex+0x265/0x280
[   60.727243][ T4334]  should_fail+0xb/0x20
[   60.727270][ T4334]  should_fail_usercopy+0x1a/0x20
[   60.727304][ T4334]  _copy_from_iter+0xd2/0xe80
[   60.727404][ T4334]  ? should_failslab+0x8c/0xb0
[   60.727456][ T4334]  ? __build_skb_around+0x1a0/0x200
[   60.727477][ T4334]  ? __build_skb+0x59/0x70
[   60.727497][ T4334]  ? is_vmalloc_addr+0x37/0x90
[   60.727530][ T4334]  netlink_sendmsg+0x471/0x6b0
[   60.727557][ T4334]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.727686][ T4334]  __sock_sendmsg+0x145/0x180
[   60.727766][ T4334]  ____sys_sendmsg+0x345/0x4e0
[   60.727825][ T4334]  ___sys_sendmsg+0x17b/0x1d0
[   60.727897][ T4334]  __sys_sendmmsg+0x178/0x300
[   60.728014][ T4334]  __x64_sys_sendmmsg+0x57/0x70
[   60.728044][ T4334]  x64_sys_call+0x1c4a/0x2ff0
[   60.728065][ T4334]  do_syscall_64+0xd2/0x200
[   60.728102][ T4334]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.728186][ T4334]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   60.728337][ T4334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.728360][ T4334] RIP: 0033:0x7f8a3a89eec9
[   60.728428][ T4334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.728447][ T4334] RSP: 002b:00007f8a39307038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   60.728472][ T4334] RAX: ffffffffffffffda RBX: 00007f8a3aaf5fa0 RCX: 00007f8a3a89eec9
[   60.728549][ T4334] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[   60.728562][ T4334] RBP: 00007f8a39307090 R08: 0000000000000000 R09: 0000000000000000
[   60.728574][ T4334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.728587][ T4334] R13: 00007f8a3aaf6038 R14: 00007f8a3aaf5fa0 R15: 00007ffd728c9cb8
[   60.728707][ T4334]  </TASK>
[   61.051800][ T4344] netlink: 'syz.1.285': attribute type 4 has an invalid length.
[   61.108384][ T4348] netlink: 'syz.1.285': attribute type 4 has an invalid length.
[   61.121998][ T4350] loop0: detected capacity change from 0 to 128
[   61.248402][ T4357] netlink: 'syz.0.290': attribute type 5 has an invalid length.
[   61.260591][ T4357] process 'syz.0.290' launched './file0' with NULL argv: empty string added
[   61.274291][ T4359] loop1: detected capacity change from 0 to 128
[   61.331920][ T4361] loop0: detected capacity change from 0 to 1024
[   61.347470][ T4361] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   61.368495][ T4361] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.291: Invalid block bitmap block 0 in block_group 0
[   61.389557][ T4363] loop1: detected capacity change from 0 to 2048
[   61.400967][ T4361] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.291: Failed to acquire dquot type 0
[   61.440210][ T4361] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.291: Freeing blocks not in datazone - block = 0, count = 4096
[   61.485132][ T4361] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.291: Invalid inode bitmap blk 0 in block_group 0
[   61.500583][ T3995] __quota_error: 405 callbacks suppressed
[   61.500598][ T3995] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-7
[   61.515600][ T3995] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:62: Failed to release dquot type 0
[   61.538018][ T4368] loop2: detected capacity change from 0 to 1024
[   61.545809][ T4368] EXT4-fs: Ignoring removed orlov option
[   61.576352][ T4368] cgroup2: Unknown parameter 'pids'
[   61.590307][ T4361] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[   61.615877][ T4371] bridge1: entered promiscuous mode
[   61.636797][ T4361] EXT4-fs (loop0): 1 orphan inode deleted
[   61.696468][   T29] audit: type=1326 audit(1759058585.930:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4370 comm="syz.1.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   61.719924][   T29] audit: type=1326 audit(1759058585.930:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4370 comm="syz.1.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   61.743370][   T29] audit: type=1326 audit(1759058585.930:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4370 comm="syz.1.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   61.748736][   T36] IPVS: starting estimator thread 0...
[   61.766938][   T29] audit: type=1326 audit(1759058585.930:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4370 comm="syz.1.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   61.796150][   T29] audit: type=1326 audit(1759058585.930:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4370 comm="syz.1.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   61.819524][   T29] audit: type=1326 audit(1759058585.930:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4370 comm="syz.1.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   61.821190][ T4376] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   61.842876][   T29] audit: type=1326 audit(1759058585.930:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4370 comm="syz.1.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   61.851033][   T29] audit: type=1326 audit(1759058585.930:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4370 comm="syz.1.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   61.896527][   T29] audit: type=1326 audit(1759058585.930:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4370 comm="syz.1.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a3a89eec9 code=0x7ffc0000
[   61.922105][ T4384] netlink: 'syz.0.298': attribute type 4 has an invalid length.
[   61.950233][ T4384] netlink: 'syz.0.298': attribute type 4 has an invalid length.
[   61.952218][ T4379] IPVS: using max 1920 ests per chain, 96000 per kthread
[   61.968939][ T4382] tipc: Enabling of bearer <udp:s> rejected, already enabled
[   61.988114][ T4388] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=4388 comm=syz.0.300
[   62.054543][ T4391] tipc: Started in network mode
[   62.059444][ T4391] tipc: Node identity ac14140f, cluster identity 4711
[   62.066668][ T4394] loop0: detected capacity change from 0 to 1024
[   62.068003][ T4391] tipc: New replicast peer: 255.255.255.255
[   62.079332][ T4391] tipc: Enabled bearer <udp:s>, priority 10
[   62.096657][ T4394] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.152988][ T4402] loop2: detected capacity change from 0 to 2048
[   62.210753][ T4408] loop0: detected capacity change from 0 to 1024
[   62.217884][ T4408] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   62.237107][ T4408] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.306: Invalid block bitmap block 0 in block_group 0
[   62.251194][ T4408] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.306: Failed to acquire dquot type 0
[   62.264247][ T4408] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.306: Freeing blocks not in datazone - block = 0, count = 4096
[   62.278012][ T4408] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.306: Invalid inode bitmap blk 0 in block_group 0
[   62.302211][ T3953] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:23: Failed to release dquot type 0
[   62.326931][ T4408] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[   62.344697][ T4408] EXT4-fs (loop0): 1 orphan inode deleted
[   62.590455][ T4417] netlink: 'syz.0.309': attribute type 9 has an invalid length.
[   62.806361][ T4422] netlink: 'syz.4.311': attribute type 4 has an invalid length.
[   62.827401][ T4422] netlink: 'syz.4.311': attribute type 4 has an invalid length.
[   62.848197][ T4424] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=4424 comm=syz.1.312
[   62.961396][ T4430] loop3: detected capacity change from 0 to 1024
[   62.976632][ T4427] bond2: entered promiscuous mode
[   62.981813][ T4427] bond2: entered allmulticast mode
[   62.996744][ T4430] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   63.028178][ T4427] 8021q: adding VLAN 0 to HW filter on device bond2
[   63.034022][ T4430] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.313: Invalid block bitmap block 0 in block_group 0
[   63.064618][ T4430] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.313: Failed to acquire dquot type 0
[   63.084756][ T4427] bond2 (unregistering): Released all slaves
[   63.100625][ T4444] loop0: detected capacity change from 0 to 2048
[   63.134258][ T4430] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.313: Freeing blocks not in datazone - block = 0, count = 4096
[   63.165095][ T4430] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.313: Invalid inode bitmap blk 0 in block_group 0
[   63.178974][ T4430] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   63.182935][ T4441] vcan0: tx drop: invalid da for name 0x0000000000000003
[   63.194810][ T1035] tipc: Node number set to 2886997007
[   63.198825][ T4438] bond2: entered promiscuous mode
[   63.205576][ T4438] bond2: entered allmulticast mode
[   63.211090][ T3969] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:38: Failed to release dquot type 0
[   63.235420][ T4441] __nla_validate_parse: 8 callbacks suppressed
[   63.235434][ T4441] netlink: 116 bytes leftover after parsing attributes in process `syz.4.316'.
[   63.244709][ T4430] EXT4-fs (loop3): 1 orphan inode deleted
[   63.261434][ T4438] 8021q: adding VLAN 0 to HW filter on device bond2
[   63.289118][ T4453] loop0: detected capacity change from 0 to 164
[   63.298654][ T4438] bond2 (unregistering): Released all slaves
[   63.317561][ T4453] isofs_fill_super: get root inode failed
[   63.343795][ T4446] netlink: 260 bytes leftover after parsing attributes in process `syz.4.316'.
[   63.381436][ T4456] tipc: Enabling of bearer <udp:s> rejected, already enabled
[   63.509392][    C1] hrtimer: interrupt took 28060 ns
[   63.690786][ T4478] loop1: detected capacity change from 0 to 2048
[   63.716454][ T4478] ext4: Bad value for 'init_itable'
[   64.363970][ T1035] lo speed is unknown, defaulting to 1000
[   64.369840][ T1035] syz2: Port: 1 Link DOWN
[   64.370595][ T4505] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   64.385323][ T3388] lo speed is unknown, defaulting to 1000
[   64.391094][ T3388] syz2: Port: 1 Link ACTIVE
[   64.410725][ T4505] tipc: Disabling bearer <eth:syzkaller0>
[   64.441704][ T4511] loop2: detected capacity change from 0 to 1024
[   64.488711][ T4511] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.339: Allocating blocks 385-513 which overlap fs metadata
[   64.515739][ T4519] loop1: detected capacity change from 0 to 512
[   64.529775][ T4519] EXT4-fs: Ignoring removed bh option
[   64.553710][ T4511] EXT4-fs (loop2): pa ffff888106aec2a0: logic 16, phys. 129, len 24
[   64.561784][ T4511] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   64.609036][ T4519] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.663285][ T4525] tipc: Enabling of bearer <udp:s> rejected, already enabled
[   64.673951][ T4529] netlink: 7 bytes leftover after parsing attributes in process `syz.3.344'.
[   64.683096][ T4529] netlink: 60 bytes leftover after parsing attributes in process `syz.3.344'.
[   64.692034][ T4529] netlink: 60 bytes leftover after parsing attributes in process `syz.3.344'.
[   64.701086][ T4527] loop2: detected capacity change from 0 to 128
[   64.724686][ T4529] netlink: 7 bytes leftover after parsing attributes in process `syz.3.344'.
[   64.764532][ T4527] bio_check_eod: 35 callbacks suppressed
[   64.764594][ T4527] syz.2.346: attempt to access beyond end of device
[   64.764594][ T4527] loop2: rw=2049, sector=233, nr_sectors = 24 limit=128
[   64.789284][ T4529] netlink: 60 bytes leftover after parsing attributes in process `syz.3.344'.
[   64.798230][ T4529] netlink: 60 bytes leftover after parsing attributes in process `syz.3.344'.
[   64.808848][ T4527] syz.2.346: attempt to access beyond end of device
[   64.808848][ T4527] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[   64.823817][ T4527] syz.2.346: attempt to access beyond end of device
[   64.823817][ T4527] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[   64.856075][ T4529] netlink: 7 bytes leftover after parsing attributes in process `syz.3.344'.
[   64.866281][ T4527] syz.2.346: attempt to access beyond end of device
[   64.866281][ T4527] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128
[   64.880043][ T4529] netlink: 60 bytes leftover after parsing attributes in process `syz.3.344'.
[   64.890758][ T4527] syz.2.346: attempt to access beyond end of device
[   64.890758][ T4527] loop2: rw=2049, sector=313, nr_sectors = 8 limit=128
[   64.907157][ T4527] syz.2.346: attempt to access beyond end of device
[   64.907157][ T4527] loop2: rw=2049, sector=329, nr_sectors = 8 limit=128
[   64.925284][ T4527] syz.2.346: attempt to access beyond end of device
[   64.925284][ T4527] loop2: rw=2049, sector=345, nr_sectors = 8 limit=128
[   64.958674][ T4527] syz.2.346: attempt to access beyond end of device
[   64.958674][ T4527] loop2: rw=2049, sector=361, nr_sectors = 8 limit=128
[   64.975162][ T4527] syz.2.346: attempt to access beyond end of device
[   64.975162][ T4527] loop2: rw=2049, sector=377, nr_sectors = 8 limit=128
[   64.989155][ T4527] syz.2.346: attempt to access beyond end of device
[   64.989155][ T4527] loop2: rw=2049, sector=393, nr_sectors = 8 limit=128
[   65.036111][ T4545] loop4: detected capacity change from 0 to 512
[   65.042730][ T4543] loop3: detected capacity change from 0 to 164
[   65.062150][ T4545] EXT4-fs: Ignoring removed nobh option
[   65.101355][ T4550] loop3: detected capacity change from 0 to 1024
[   65.117912][ T4550] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   65.129474][ T4545] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm syz.4.351: corrupted inode contents
[   65.156687][ T4550] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.354: Invalid block bitmap block 0 in block_group 0
[   65.172861][ T4545] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #3: comm syz.4.351: mark_inode_dirty error
[   65.195856][ T4550] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.354: Failed to acquire dquot type 0
[   65.218134][ T4545] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm syz.4.351: corrupted inode contents
[   65.226964][ T4559] loop2: detected capacity change from 0 to 1024
[   65.230459][ T4550] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.354: Freeing blocks not in datazone - block = 0, count = 4096
[   65.244144][ T4559] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   65.260078][ T4545] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.351: mark_inode_dirty error
[   65.265615][ T4550] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.354: Invalid inode bitmap blk 0 in block_group 0
[   65.272974][ T4545] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.351: Failed to acquire dquot type 0
[   65.292278][ T4550] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   65.296507][ T4559] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.356: Invalid block bitmap block 0 in block_group 0
[   65.304839][ T4550] EXT4-fs (loop3): 1 orphan inode deleted
[   65.317199][ T3961] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:30: Failed to release dquot type 0
[   65.325029][ T4559] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.356: Failed to acquire dquot type 0
[   65.335293][ T4545] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.351: corrupted inode contents
[   65.358672][ T4559] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.356: Freeing blocks not in datazone - block = 0, count = 4096
[   65.374128][ T4545] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #16: comm syz.4.351: mark_inode_dirty error
[   65.386056][ T4559] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.356: Invalid inode bitmap blk 0 in block_group 0
[   65.402152][ T3974] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:43: Failed to release dquot type 0
[   65.404748][ T4545] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.351: corrupted inode contents
[   65.426175][ T4545] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.351: mark_inode_dirty error
[   65.427836][ T4559] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   65.449093][ T4559] EXT4-fs (loop2): 1 orphan inode deleted
[   65.455580][ T4545] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.351: corrupted inode contents
[   65.469554][ T4545] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[   65.479492][ T4545] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.351: corrupted inode contents
[   65.494671][ T4545] EXT4-fs error (device loop4): ext4_truncate:4666: inode #16: comm syz.4.351: mark_inode_dirty error
[   65.506679][ T4545] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[   65.517265][ T4545] EXT4-fs (loop4): 1 truncate cleaned up
[   65.544184][ T4545] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.596757][ T4564] loop2: detected capacity change from 0 to 512
[   65.615621][ T4572] validate_nla: 8 callbacks suppressed
[   65.615635][ T4572] netlink: 'syz.0.361': attribute type 4 has an invalid length.
[   65.631687][ T4564] EXT4-fs warning (device loop2): ext4_xattr_inode_get:542: inode #11: comm syz.2.358: ea_inode file size=0 entry size=6
[   65.655709][ T4572] netlink: 'syz.0.361': attribute type 4 has an invalid length.
[   65.665552][ T4564] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   65.679139][ T4564] ------------[ cut here ]------------
[   65.684779][ T4564] EA inode 11 i_nlink=2
[   65.685101][ T4564] WARNING: CPU: 1 PID: 4564 at fs/ext4/xattr.c:1053 ext4_xattr_inode_update_ref+0x3d4/0x3f0
[   65.699583][ T4564] Modules linked in:
[   65.703541][ T4564] CPU: 1 UID: 0 PID: 4564 Comm: syz.2.358 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.713273][ T4564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   65.723404][ T4564] RIP: 0010:ext4_xattr_inode_update_ref+0x3d4/0x3f0
[   65.730050][ T4564] Code: 90 49 8d 7e 40 e8 9c f7 b7 ff 4d 8b 6e 40 4c 89 e7 e8 b0 f2 b7 ff 41 8b 56 48 48 c7 c7 6b 9c 54 86 4c 89 ee e8 5d de 66 ff 90 <0f> 0b 90 90 e9 58 fe ff ff e8 8e 5c ad 03 66 66 66 66 66 2e 0f 1f
[   65.749747][ T4564] RSP: 0018:ffffc900023937c8 EFLAGS: 00010246
[   65.755911][ T4564] RAX: 19a6a5f148445700 RBX: ffff888106aba8c0 RCX: ffff88811b4e1080
[   65.764052][ T4564] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[   65.772087][ T4564] RBP: 0000000000000002 R08: 0001c9000239363f R09: 0000000000000000
[   65.780090][ T4564] R10: 00000000ffffffff R11: 0000000000000000 R12: ffff888106aba870
[   65.788134][ T4564] R13: 000000000000000b R14: ffff888106aba828 R15: 0000000000000001
[   65.796269][ T4564] FS:  00007fc23c1e76c0(0000) GS:ffff8882aef43000(0000) knlGS:0000000000000000
[   65.805411][ T4564] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   65.812127][ T4564] CR2: 000055557957b4a8 CR3: 000000011b1b0000 CR4: 00000000003506f0
[   65.820121][ T4564] Call Trace:
[   65.823659][ T4564]  <TASK>
[   65.826616][ T4564]  ext4_xattr_inode_dec_ref_all+0x579/0x830
[   65.832615][ T4564]  ? errseq_check+0x2c/0x50
[   65.837249][ T4564]  ext4_xattr_delete_inode+0x6b7/0x790
[   65.842863][ T4564]  ? ext4_truncate+0x92e/0xae0
[   65.847740][ T4564]  ext4_evict_inode+0xa6a/0xd90
[   65.852780][ T4564]  ? __pfx_ext4_evict_inode+0x10/0x10
[   65.858267][ T4564]  evict+0x2e3/0x550
[   65.862255][ T4564]  ? __dquot_initialize+0x146/0x7c0
[   65.867633][ T4564]  iput+0x447/0x5b0
[   65.871501][ T4564]  ext4_process_orphan+0x1a9/0x1c0
[   65.876696][ T4564]  ext4_orphan_cleanup+0x6a8/0xa00
[   65.881955][ T4564]  ext4_fill_super+0x3260/0x35d0
[   65.887004][ T4564]  ? set_blocksize+0x1a8/0x310
[   65.891908][ T4564]  ? sb_set_blocksize+0xe3/0x100
[   65.896884][ T4564]  ? setup_bdev_super+0x30e/0x370
[   65.901976][ T4564]  ? __pfx_ext4_fill_super+0x10/0x10
[   65.907341][ T4564]  get_tree_bdev_flags+0x28e/0x300
[   65.912545][ T4564]  ? __pfx_ext4_fill_super+0x10/0x10
[   65.917886][ T4564]  get_tree_bdev+0x1f/0x30
[   65.922456][ T4564]  ext4_get_tree+0x1c/0x30
[   65.926952][ T4564]  vfs_get_tree+0x57/0x1d0
[   65.931399][ T4564]  do_new_mount+0x207/0x5e0
[   65.935990][ T4564]  ? security_capable+0x83/0x90
[   65.940898][ T4564]  path_mount+0x4a4/0xb20
[   65.945347][ T4564]  ? user_path_at+0x109/0x130
[   65.950164][ T4564]  __se_sys_mount+0x28f/0x2e0
[   65.954928][ T4564]  ? do_mkdirat+0x3ac/0x3f0
[   65.959465][ T4564]  __x64_sys_mount+0x67/0x80
[   65.964148][ T4564]  x64_sys_call+0x2b4d/0x2ff0
[   65.968917][ T4564]  do_syscall_64+0xd2/0x200
[   65.973503][ T4564]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.979630][ T4564]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   65.985444][ T4564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.991376][ T4564] RIP: 0033:0x7fc23d78066a
[   65.995901][ T4564] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.015636][ T4564] RSP: 002b:00007fc23c1e6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   66.024119][ T4564] RAX: ffffffffffffffda RBX: 00007fc23c1e6ef0 RCX: 00007fc23d78066a
[   66.032163][ T4564] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fc23c1e6eb0
[   66.040173][ T4564] RBP: 0000200000000180 R08: 00007fc23c1e6ef0 R09: 0000000000800700
[   66.048234][ T4564] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   66.056274][ T4564] R13: 00007fc23c1e6eb0 R14: 0000000000000473 R15: 0000200000000680
[   66.064318][ T4564]  </TASK>
[   66.067355][ T4564] ---[ end trace 0000000000000000 ]---
[   66.073459][ T4564] EXT4-fs (loop2): 1 orphan inode deleted
[   66.107357][ T4589] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   66.132379][ T4589] syzkaller0: entered promiscuous mode
[   66.137942][ T4589] syzkaller0: entered allmulticast mode
[   66.255556][ T4588] tipc: Resetting bearer <eth:syzkaller0>
[   66.275067][ T4588] tipc: Disabling bearer <eth:syzkaller0>
[   66.321186][ T4596] netlink: 'syz.0.369': attribute type 1 has an invalid length.
[   66.338658][ T4596] bond1 (unregistering): Released all slaves
[   66.455559][ T4602] loop2: detected capacity change from 0 to 164
[   66.464696][ T4602] isofs_fill_super: get root inode failed
[   66.563514][   T29] kauditd_printk_skb: 647 callbacks suppressed
[   66.563530][   T29] audit: type=1400 audit(1759058590.800:2143): avc:  denied  { create } for  pid=4605 comm="syz.4.373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   66.597048][ T4610] netlink: 'syz.2.375': attribute type 4 has an invalid length.
[   66.604605][ T4606] netdevsim netdevsim4: Direct firmware load for ..€ failed with error -2
[   66.607431][   T10] lo speed is unknown, defaulting to 1000
[   66.619178][   T10] syz2: Port: 1 Link DOWN
[   66.624989][ T4610] netlink: 'syz.2.375': attribute type 4 has an invalid length.
[   66.644005][ T3381] lo speed is unknown, defaulting to 1000
[   66.649893][ T3381] syz2: Port: 1 Link ACTIVE
[   66.673212][   T29] audit: type=1326 audit(1759058590.830:2144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4608 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23d77eec9 code=0x7ffc0000
[   66.696706][   T29] audit: type=1326 audit(1759058590.830:2145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4608 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23d77eec9 code=0x7ffc0000
[   66.706716][ T4607] lo speed is unknown, defaulting to 1000
[   66.720192][   T29] audit: type=1326 audit(1759058590.830:2146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4608 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc23d77eec9 code=0x7ffc0000
[   66.749492][   T29] audit: type=1326 audit(1759058590.830:2147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4608 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23d77eec9 code=0x7ffc0000
[   66.772834][   T29] audit: type=1326 audit(1759058590.830:2148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4608 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23d77eec9 code=0x7ffc0000
[   66.796361][   T29] audit: type=1326 audit(1759058590.830:2149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4608 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc23d77eec9 code=0x7ffc0000
[   66.819656][   T29] audit: type=1326 audit(1759058590.830:2150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4608 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23d77eec9 code=0x7ffc0000
[   66.842798][ T4621] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma?
[   66.843004][   T29] audit: type=1326 audit(1759058590.830:2151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4608 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23d77eec9 code=0x7ffc0000
[   66.860660][ T4621] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma?
[   66.875859][   T29] audit: type=1326 audit(1759058590.830:2152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4608 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7fc23d77eec9 code=0x7ffc0000
[   66.916102][ T4621] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma?
[   66.925499][ T4621] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma?
[   66.937878][ T4622] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   66.953052][ T4622] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   66.968812][ T4621] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma?
[   66.978203][ T4621] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma?
[   66.987550][ T4621] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma?
[   67.008536][ T4621] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma?
[   67.020757][ T4627] loop0: detected capacity change from 0 to 128
[   67.045320][ T4629] loop1: detected capacity change from 0 to 164
[   67.054060][ T4621] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma?
[   67.063966][ T4629] isofs_fill_super: get root inode failed
[   67.081602][ T4621] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma?
[   67.131975][ T4642] FAULT_INJECTION: forcing a failure.
[   67.131975][ T4642] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   67.145284][ T4642] CPU: 0 UID: 0 PID: 4642 Comm: syz.0.385 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   67.145399][ T4642] Tainted: [W]=WARN
[   67.145406][ T4642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   67.145418][ T4642] Call Trace:
[   67.145496][ T4642]  <TASK>
[   67.145581][ T4642]  __dump_stack+0x1d/0x30
[   67.145607][ T4642]  dump_stack_lvl+0xe8/0x140
[   67.145630][ T4642]  dump_stack+0x15/0x1b
[   67.145651][ T4642]  should_fail_ex+0x265/0x280
[   67.145679][ T4642]  should_fail_alloc_page+0xf2/0x100
[   67.145780][ T4642]  __alloc_frozen_pages_noprof+0xff/0x360
[   67.145844][ T4642]  alloc_pages_mpol+0xb3/0x250
[   67.145895][ T4642]  vma_alloc_folio_noprof+0x1aa/0x300
[   67.145971][ T4642]  handle_mm_fault+0xec2/0x2c20
[   67.146014][ T4642]  do_user_addr_fault+0x636/0x1090
[   67.146058][ T4642]  exc_page_fault+0x62/0xa0
[   67.146093][ T4642]  asm_exc_page_fault+0x26/0x30
[   67.146118][ T4642] RIP: 0033:0x7fc1f94c0c03
[   67.146208][ T4642] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   67.146227][ T4642] RSP: 002b:00007fc1f80664a0 EFLAGS: 00010206
[   67.146313][ T4642] RAX: 0000000000002000 RBX: 00007fc1f8066540 RCX: 00007fc1efc47000
[   67.146329][ T4642] RDX: 00007fc1f80666e0 RSI: 0000000000000003 RDI: 00007fc1f80665e0
[   67.146345][ T4642] RBP: 000000000000000f R08: 0000000000000009 R09: 00000000000001a7
[   67.146361][ T4642] R10: 00000000000001b0 R11: 00007fc1f8066540 R12: 0000000000000001
[   67.146377][ T4642] R13: 00007fc1f969db80 R14: 00000000000000ed R15: 00007fc1f80665e0
[   67.146400][ T4642]  </TASK>
[   67.146478][ T4642] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   67.183300][ T4646] loop1: detected capacity change from 0 to 1024
[   67.191293][ T4642] loop0: detected capacity change from 0 to 512
[   67.336757][ T4642] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   67.369992][ T4642] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.385: invalid indirect mapped block 4294967295 (level 1)
[   67.401229][ T4653] loop4: detected capacity change from 0 to 128
[   67.416760][ T4642] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.385: invalid indirect mapped block 4294967295 (level 1)
[   67.435919][ T4656] FAULT_INJECTION: forcing a failure.
[   67.435919][ T4656] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.449156][ T4656] CPU: 1 UID: 0 PID: 4656 Comm: syz.1.388 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   67.449192][ T4656] Tainted: [W]=WARN
[   67.449201][ T4656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   67.449216][ T4656] Call Trace:
[   67.449224][ T4656]  <TASK>
[   67.449233][ T4656]  __dump_stack+0x1d/0x30
[   67.449341][ T4656]  dump_stack_lvl+0xe8/0x140
[   67.449367][ T4656]  dump_stack+0x15/0x1b
[   67.449444][ T4656]  should_fail_ex+0x265/0x280
[   67.449477][ T4656]  should_fail+0xb/0x20
[   67.449503][ T4656]  should_fail_usercopy+0x1a/0x20
[   67.449548][ T4656]  _copy_from_user+0x1c/0xb0
[   67.449589][ T4656]  ___sys_sendmsg+0xc1/0x1d0
[   67.449704][ T4656]  __x64_sys_sendmsg+0xd4/0x160
[   67.449741][ T4656]  x64_sys_call+0x191e/0x2ff0
[   67.449767][ T4656]  do_syscall_64+0xd2/0x200
[   67.449805][ T4656]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   67.449970][ T4656]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   67.450008][ T4656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.450046][ T4656] RIP: 0033:0x7f8a3a89eec9
[   67.450065][ T4656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.450087][ T4656] RSP: 002b:00007f8a39307038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.450112][ T4656] RAX: ffffffffffffffda RBX: 00007f8a3aaf5fa0 RCX: 00007f8a3a89eec9
[   67.450146][ T4656] RDX: 0000000020000024 RSI: 0000200000001040 RDI: 0000000000000007
[   67.450163][ T4656] RBP: 00007f8a39307090 R08: 0000000000000000 R09: 0000000000000000
[   67.450178][ T4656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.450194][ T4656] R13: 00007f8a3aaf6038 R14: 00007f8a3aaf5fa0 R15: 00007ffd728c9cb8
[   67.450292][ T4656]  </TASK>
[   67.460296][ T4642] EXT4-fs (loop0): 2 truncates cleaned up
[   67.659754][ T4659] loop1: detected capacity change from 0 to 1024
[   67.659807][ T4662] loop2: detected capacity change from 0 to 1024
[   67.685659][ T4659] EXT4-fs: Ignoring removed orlov option
[   67.697629][ T4662] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   67.723750][ T4659] cgroup2: Unknown parameter 'pids'
[   67.740458][ T4662] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.392: Invalid block bitmap block 0 in block_group 0
[   67.787756][ T4671] loop4: detected capacity change from 0 to 164
[   67.798021][ T4671] isofs_fill_super: get root inode failed
[   67.804734][ T4662] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.392: Failed to acquire dquot type 0
[   67.826004][ T4662] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.392: Freeing blocks not in datazone - block = 0, count = 4096
[   67.879256][ T4662] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.392: Invalid inode bitmap blk 0 in block_group 0
[   67.892089][ T3969] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:38: Failed to release dquot type 0
[   67.949488][ T4662] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   67.952606][ T4681] loop4: detected capacity change from 0 to 1024
[   67.968317][ T4681] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   67.970341][ T4662] EXT4-fs (loop2): 1 orphan inode deleted
[   67.988813][ T4681] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.400: Invalid block bitmap block 0 in block_group 0
[   68.003316][ T4681] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.400: Failed to acquire dquot type 0
[   68.014834][ T4681] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.400: Freeing blocks not in datazone - block = 0, count = 4096
[   68.046313][ T4681] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.400: Invalid inode bitmap blk 0 in block_group 0
[   68.061996][ T3969] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:38: Failed to release dquot type 0
[   68.074315][ T4666] SELinux:  Context u:object_r:app_data_file:s0:c512,c768 is not valid (left unmapped).
[   68.102197][ T4681] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   68.113270][ T4681] EXT4-fs (loop4): 1 orphan inode deleted
[   68.206663][ T4697] FAULT_INJECTION: forcing a failure.
[   68.206663][ T4697] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   68.220017][ T4697] CPU: 0 UID: 0 PID: 4697 Comm: syz.3.407 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   68.220052][ T4697] Tainted: [W]=WARN
[   68.220060][ T4697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   68.220076][ T4697] Call Trace:
[   68.220084][ T4697]  <TASK>
[   68.220094][ T4697]  __dump_stack+0x1d/0x30
[   68.220180][ T4697]  dump_stack_lvl+0xe8/0x140
[   68.220200][ T4697]  dump_stack+0x15/0x1b
[   68.220216][ T4697]  should_fail_ex+0x265/0x280
[   68.220246][ T4697]  should_fail_alloc_page+0xf2/0x100
[   68.220335][ T4697]  __alloc_frozen_pages_noprof+0xff/0x360
[   68.220375][ T4697]  alloc_pages_mpol+0xb3/0x250
[   68.220417][ T4697]  vma_alloc_folio_noprof+0x1aa/0x300
[   68.220456][ T4697]  handle_mm_fault+0xec2/0x2c20
[   68.220522][ T4697]  do_user_addr_fault+0x636/0x1090
[   68.220588][ T4697]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   68.220681][ T4697]  exc_page_fault+0x62/0xa0
[   68.220715][ T4697]  asm_exc_page_fault+0x26/0x30
[   68.220806][ T4697] RIP: 0033:0x7f6d7f5b0c03
[   68.220821][ T4697] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   68.220889][ T4697] RSP: 002b:00007f6d7e14e4a0 EFLAGS: 00010206
[   68.220909][ T4697] RAX: 0000000000009000 RBX: 00007f6d7e14e540 RCX: 00007f6d75d2f000
[   68.220925][ T4697] RDX: 00007f6d7e14e6e0 RSI: 000000000000001f RDI: 00007f6d7e14e5e0
[   68.220941][ T4697] RBP: 0000000000000011 R08: 000000000000000a R09: 00000000000003b0
[   68.220986][ T4697] R10: 00000000000003c8 R11: 00007f6d7e14e540 R12: 0000000000000001
[   68.221005][ T4697] R13: 00007f6d7f78db80 R14: 0000000000000011 R15: 00007f6d7e14e5e0
[   68.221029][ T4697]  </TASK>
[   68.221040][ T4697] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   68.282079][ T4706] tipc: Enabling of bearer <udp:s> rejected, already enabled
[   68.297500][ T4697] loop3: detected capacity change from 0 to 512
[   68.320544][ T4708] loop0: detected capacity change from 0 to 164
[   68.429826][ T4697] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   68.445819][ T4708] isofs_fill_super: get root inode failed
[   68.454579][ T4715] __nla_validate_parse: 7 callbacks suppressed
[   68.454598][ T4715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.410'.
[   68.478146][ T4715] loop1: detected capacity change from 0 to 1024
[   68.488733][ T4715] EXT4-fs: Ignoring removed orlov option
[   68.499297][ T4697] EXT4-fs (loop3): mount failed
[   68.632480][ T4724] netlink: 60 bytes leftover after parsing attributes in process `syz.0.414'.
[   68.669512][ T4726] loop0: detected capacity change from 0 to 1024
[   68.678357][ T4726] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   68.692168][ T4726] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.415: Invalid block bitmap block 0 in block_group 0
[   68.705710][ T4726] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.415: Failed to acquire dquot type 0
[   68.717398][ T4726] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.415: Freeing blocks not in datazone - block = 0, count = 4096
[   68.731259][ T4726] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.415: Invalid inode bitmap blk 0 in block_group 0
[   68.752107][ T3953] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:23: Failed to release dquot type 0
[   68.760079][ T4726] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[   68.775355][ T4726] EXT4-fs (loop0): 1 orphan inode deleted
[   68.812808][ T4731] FAULT_INJECTION: forcing a failure.
[   68.812808][ T4731] name failslab, interval 1, probability 0, space 0, times 0
[   68.825537][ T4731] CPU: 1 UID: 0 PID: 4731 Comm: syz.1.417 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   68.825630][ T4731] Tainted: [W]=WARN
[   68.825637][ T4731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   68.825651][ T4731] Call Trace:
[   68.825659][ T4731]  <TASK>
[   68.825667][ T4731]  __dump_stack+0x1d/0x30
[   68.825704][ T4731]  dump_stack_lvl+0xe8/0x140
[   68.825727][ T4731]  dump_stack+0x15/0x1b
[   68.825752][ T4731]  should_fail_ex+0x265/0x280
[   68.825780][ T4731]  ? v9fs_mount+0x51/0x5c0
[   68.825811][ T4731]  should_failslab+0x8c/0xb0
[   68.825872][ T4731]  __kmalloc_cache_noprof+0x4c/0x320
[   68.825909][ T4731]  v9fs_mount+0x51/0x5c0
[   68.825939][ T4731]  ? selinux_capable+0x31/0x40
[   68.825995][ T4731]  ? __pfx_v9fs_mount+0x10/0x10
[   68.826030][ T4731]  legacy_get_tree+0x78/0xd0
[   68.826088][ T4731]  vfs_get_tree+0x57/0x1d0
[   68.826118][ T4731]  do_new_mount+0x207/0x5e0
[   68.826180][ T4731]  ? security_capable+0x83/0x90
[   68.826213][ T4731]  path_mount+0x4a4/0xb20
[   68.826240][ T4731]  ? user_path_at+0x109/0x130
[   68.826352][ T4731]  __se_sys_mount+0x28f/0x2e0
[   68.826378][ T4731]  ? fput+0x8f/0xc0
[   68.826416][ T4731]  __x64_sys_mount+0x67/0x80
[   68.826455][ T4731]  x64_sys_call+0x2b4d/0x2ff0
[   68.826558][ T4731]  do_syscall_64+0xd2/0x200
[   68.826630][ T4731]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   68.826683][ T4731]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   68.826770][ T4731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.826795][ T4731] RIP: 0033:0x7f8a3a89eec9
[   68.826812][ T4731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.826840][ T4731] RSP: 002b:00007f8a39307038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   68.826922][ T4731] RAX: ffffffffffffffda RBX: 00007f8a3aaf5fa0 RCX: 00007f8a3a89eec9
[   68.826935][ T4731] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[   68.826948][ T4731] RBP: 00007f8a39307090 R08: 0000200000000400 R09: 0000000000000000
[   68.826960][ T4731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.826973][ T4731] R13: 00007f8a3aaf6038 R14: 00007f8a3aaf5fa0 R15: 00007ffd728c9cb8
[   68.826995][ T4731]  </TASK>
[   69.064893][ T4736] netlink: 4 bytes leftover after parsing attributes in process `syz.0.419'.
[   69.153832][ T4742] loop2: detected capacity change from 0 to 512
[   69.167739][ T4742] EXT4-fs: Ignoring removed bh option
[   69.190401][ T4742] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   69.220641][ T4740] netlink: 'syz.1.421': attribute type 9 has an invalid length.
[   69.266038][ T4750] veth1_macvtap: left promiscuous mode
[   69.282110][ T4750] macsec0: entered promiscuous mode
[   69.308066][ T4753] loop1: detected capacity change from 0 to 128
[   69.328027][ T4753] FAULT_INJECTION: forcing a failure.
[   69.328027][ T4753] name failslab, interval 1, probability 0, space 0, times 0
[   69.340775][ T4753] CPU: 1 UID: 0 PID: 4753 Comm: syz.1.425 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   69.340930][ T4753] Tainted: [W]=WARN
[   69.340940][ T4753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   69.340956][ T4753] Call Trace:
[   69.340964][ T4753]  <TASK>
[   69.340972][ T4753]  __dump_stack+0x1d/0x30
[   69.340993][ T4753]  dump_stack_lvl+0xe8/0x140
[   69.341012][ T4753]  dump_stack+0x15/0x1b
[   69.341034][ T4753]  should_fail_ex+0x265/0x280
[   69.341067][ T4753]  should_failslab+0x8c/0xb0
[   69.341166][ T4753]  kmem_cache_alloc_noprof+0x50/0x310
[   69.341200][ T4753]  ? fat_cache_add+0x1ef/0x4a0
[   69.341291][ T4753]  ? fat32_ent_get+0x52/0x80
[   69.341400][ T4753]  fat_cache_add+0x1ef/0x4a0
[   69.341475][ T4753]  fat_get_cluster+0x5de/0x7b0
[   69.341514][ T4753]  ? fat_mirror_bhs+0x2eb/0x320
[   69.341577][ T4753]  fat_get_mapped_cluster+0xe4/0x240
[   69.341621][ T4753]  fat_bmap+0x254/0x280
[   69.341661][ T4753]  fat_get_block+0x3b1/0x5e0
[   69.341697][ T4753]  __block_write_begin_int+0x3fd/0xf90
[   69.341773][ T4753]  ? __pfx_fat_get_block+0x10/0x10
[   69.341808][ T4753]  cont_write_begin+0x5fc/0x970
[   69.341918][ T4753]  ? generic_write_end+0x133/0x150
[   69.341946][ T4753]  fat_write_begin+0x4f/0xe0
[   69.341972][ T4753]  ? __pfx_fat_get_block+0x10/0x10
[   69.342000][ T4753]  cont_write_begin+0x1ad/0x970
[   69.342084][ T4753]  fat_write_begin+0x4f/0xe0
[   69.342108][ T4753]  ? __pfx_fat_get_block+0x10/0x10
[   69.342138][ T4753]  generic_perform_write+0x184/0x490
[   69.342245][ T4753]  __generic_file_write_iter+0x9e/0x120
[   69.342279][ T4753]  generic_file_write_iter+0x8d/0x2f0
[   69.342309][ T4753]  ? mntput_no_expire+0x6f/0x460
[   69.342355][ T4753]  ? mntput+0x4b/0x80
[   69.342428][ T4753]  ? terminate_walk+0x27f/0x2a0
[   69.342466][ T4753]  ? path_openat+0x1bf8/0x2170
[   69.342492][ T4753]  ? _parse_integer_limit+0x170/0x190
[   69.342582][ T4753]  do_iter_readv_writev+0x499/0x540
[   69.342670][ T4753]  vfs_writev+0x2df/0x8b0
[   69.342729][ T4753]  __se_sys_pwritev2+0xfc/0x1c0
[   69.342824][ T4753]  __x64_sys_pwritev2+0x67/0x80
[   69.342964][ T4753]  x64_sys_call+0x2c55/0x2ff0
[   69.343063][ T4753]  do_syscall_64+0xd2/0x200
[   69.343100][ T4753]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   69.343174][ T4753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.343200][ T4753] RIP: 0033:0x7f8a3a89eec9
[   69.343219][ T4753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.343241][ T4753] RSP: 002b:00007f8a39307038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   69.343351][ T4753] RAX: ffffffffffffffda RBX: 00007f8a3aaf5fa0 RCX: 00007f8a3a89eec9
[   69.343366][ T4753] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000004
[   69.343381][ T4753] RBP: 00007f8a39307090 R08: 0000000000000000 R09: 0000000000000000
[   69.343396][ T4753] R10: 0000000000005412 R11: 0000000000000246 R12: 0000000000000001
[   69.343410][ T4753] R13: 00007f8a3aaf6038 R14: 00007f8a3aaf5fa0 R15: 00007ffd728c9cb8
[   69.343433][ T4753]  </TASK>
[   69.678247][ T4757] netlink: 8 bytes leftover after parsing attributes in process `syz.2.427'.
[   69.702865][ T4760] loop0: detected capacity change from 0 to 512
[   69.742999][ T4764] netlink: 'syz.1.430': attribute type 4 has an invalid length.
[   69.757355][ T4766] FAULT_INJECTION: forcing a failure.
[   69.757355][ T4766] name failslab, interval 1, probability 0, space 0, times 0
[   69.765055][ T4764] netlink: 'syz.1.430': attribute type 4 has an invalid length.
[   69.770045][ T4766] CPU: 0 UID: 0 PID: 4766 Comm: syz.4.428 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   69.770084][ T4766] Tainted: [W]=WARN
[   69.770092][ T4766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   69.770126][ T4766] Call Trace:
[   69.770134][ T4766]  <TASK>
[   69.770143][ T4766]  __dump_stack+0x1d/0x30
[   69.770247][ T4766]  dump_stack_lvl+0xe8/0x140
[   69.770272][ T4766]  dump_stack+0x15/0x1b
[   69.770294][ T4766]  should_fail_ex+0x265/0x280
[   69.770327][ T4766]  should_failslab+0x8c/0xb0
[   69.770360][ T4766]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   69.770512][ T4766]  ? __d_alloc+0x3d/0x340
[   69.770551][ T4766]  __d_alloc+0x3d/0x340
[   69.770587][ T4766]  ? mpol_shared_policy_init+0xbd/0x4c0
[   69.770614][ T4766]  d_alloc_pseudo+0x1e/0x80
[   69.770707][ T4766]  alloc_file_pseudo+0x71/0x160
[   69.770751][ T4766]  __shmem_file_setup+0x1de/0x210
[   69.770816][ T4766]  shmem_file_setup+0x3b/0x50
[   69.770902][ T4766]  __se_sys_memfd_create+0x2c3/0x590
[   69.770935][ T4766]  __x64_sys_memfd_create+0x31/0x40
[   69.771097][ T4766]  x64_sys_call+0x2abe/0x2ff0
[   69.771126][ T4766]  do_syscall_64+0xd2/0x200
[   69.771168][ T4766]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   69.771266][ T4766]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   69.771305][ T4766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.771364][ T4766] RIP: 0033:0x7ff783c3eec9
[   69.771384][ T4766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.771409][ T4766] RSP: 002b:00007ff782685d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   69.771446][ T4766] RAX: ffffffffffffffda RBX: 0000000000000593 RCX: 00007ff783c3eec9
[   69.771473][ T4766] RDX: 00007ff782685dec RSI: 0000000000000000 RDI: 00007ff783cc2960
[   69.771491][ T4766] RBP: 00002000000005c0 R08: 00007ff782685b07 R09: 0000000000000000
[   69.771507][ T4766] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[   69.771523][ T4766] R13: 00007ff782685dec R14: 00007ff782685df0 R15: 00007ffde223ce48
[   69.771550][ T4766]  </TASK>
[   69.808107][ T4765] SELinux: failed to load policy
[   69.864956][ T4771] loop1: detected capacity change from 0 to 164
[   69.884919][ T4760] ext4 filesystem being mounted at /80/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   69.942102][ T4771] isofs_fill_super: get root inode failed
[   69.973304][ T4760] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 18: comm syz.0.429: lblock 23 mapped to illegal pblock 18 (length 1)
[   70.049751][ T4774] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.429: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[   70.080466][ T4776] vlan2: entered allmulticast mode
[   70.097801][ T4760] EXT4-fs (loop0): Remounting filesystem read-only
[   70.134135][ T4773] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   70.141719][ T4773] syzkaller0: entered promiscuous mode
[   70.147266][ T4773] syzkaller0: entered allmulticast mode
[   70.185271][ T4772] tipc: Resetting bearer <eth:syzkaller0>
[   70.196899][ T4783] loop1: detected capacity change from 0 to 1024
[   70.201467][ T4780] Process accounting resumed
[   70.205626][ T4783] EXT4-fs: Ignoring removed orlov option
[   70.219401][ T4772] tipc: Disabling bearer <eth:syzkaller0>
[   70.244962][ T4783] cgroup2: Unknown parameter 'pids'
[   70.400754][ T4782] netlink: 'syz.4.436': attribute type 9 has an invalid length.
[   70.574290][ T4800] lo speed is unknown, defaulting to 1000
[   70.626292][ T4805] loop0: detected capacity change from 0 to 512
[   70.638396][ T4805] EXT4-fs (loop0): orphan cleanup on readonly fs
[   70.646889][ T4805] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.444: bg 0: block 248: padding at end of block bitmap is not set
[   70.664086][ T4805] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.444: Failed to acquire dquot type 1
[   70.677398][ T4805] EXT4-fs (loop0): 1 truncate cleaned up
[   70.777344][ T4812] syz.2.445 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   70.851054][ T4819] netlink: 8 bytes leftover after parsing attributes in process `syz.1.449'.
[   70.860289][ T4821] loop2: detected capacity change from 0 to 1024
[   70.867310][ T4821] EXT4-fs: Ignoring removed orlov option
[   70.889713][ T4821] cgroup2: Unknown parameter 'pids'
[   70.905833][ T4802] netlink: 'syz.4.443': attribute type 3 has an invalid length.
[   70.954361][ T4824] netlink: 'syz.2.450': attribute type 4 has an invalid length.
[   70.964506][ T3388] lo speed is unknown, defaulting to 1000
[   70.966422][ T4824] netlink: 'syz.2.450': attribute type 4 has an invalid length.
[   70.970240][ T3388] syz2: Port: 1 Link DOWN
[   70.984724][   T36] lo speed is unknown, defaulting to 1000
[   70.990466][   T36] syz2: Port: 1 Link ACTIVE
[   71.188194][ T4831] netlink: 60 bytes leftover after parsing attributes in process `syz.2.453'.
[   71.324230][ T2990] ==================================================================
[   71.332454][ T2990] BUG: KCSAN: data-race in dentry_unlink_inode / step_into
[   71.339696][ T2990] 
[   71.342051][ T2990] write to 0xffff88810072c4b0 of 8 bytes by task 3791 on cpu 0:
[   71.349686][ T2990]  dentry_unlink_inode+0x65/0x260
[   71.354749][ T2990]  d_delete+0x164/0x180
[   71.358995][ T2990]  d_delete_notify+0x32/0x100
[   71.363692][ T2990]  vfs_unlink+0x30b/0x420
[   71.368041][ T2990]  do_unlinkat+0x24e/0x480
[   71.372457][ T2990]  __x64_sys_unlink+0x2e/0x40
[   71.377184][ T2990]  x64_sys_call+0x2dc0/0x2ff0
[   71.381885][ T2990]  do_syscall_64+0xd2/0x200
[   71.386396][ T2990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.392305][ T2990] 
[   71.394632][ T2990] read to 0xffff88810072c4b0 of 8 bytes by task 2990 on cpu 1:
[   71.402168][ T2990]  step_into+0x122/0x820
[   71.406421][ T2990]  walk_component+0x162/0x220
[   71.411125][ T2990]  path_lookupat+0xfe/0x2a0
[   71.415659][ T2990]  filename_lookup+0x147/0x340
[   71.420463][ T2990]  do_readlinkat+0x7d/0x320
[   71.424980][ T2990]  __x64_sys_readlink+0x47/0x60
[   71.429849][ T2990]  x64_sys_call+0x28da/0x2ff0
[   71.434530][ T2990]  do_syscall_64+0xd2/0x200
[   71.439046][ T2990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.444946][ T2990] 
[   71.447267][ T2990] value changed: 0xffff88811b55f4d0 -> 0x0000000000000000
[   71.454370][ T2990] 
[   71.456688][ T2990] Reported by Kernel Concurrency Sanitizer on:
[   71.462840][ T2990] CPU: 1 UID: 0 PID: 2990 Comm: udevd Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   71.473691][ T2990] Tainted: [W]=WARN
[   71.477498][ T2990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   71.487554][ T2990] ==================================================================