last executing test programs:

2m39.232149864s ago: executing program 0 (id=426):
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x10009, 0xf41b8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x2, 0x900}, 0x4, 0x0, 0x43a1bd78, 0x8, 0x9, 0x6, 0x5, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x3fffffffff, 0xffffffffffffffff, 0xb)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000140)=ANY=[@ANYBLOB="18080000000010c300000000030000008510000006", @ANYRES32, @ANYBLOB="00000000000000116608fffffff80000180000000000000000000000000010009500000000000000360a020000000001180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b50af8ff00000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x7, 0xd9, &(0x7f0000000340)=""/217, 0x0, 0x8}, 0x94)

2m39.154766596s ago: executing program 0 (id=429):
prctl$PR_GET_NAME(0x10, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000020000100000000000000000002000000000000022f86f0a9080006000500004008000400fb17ffff"], 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x14, &(0x7f0000001600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402}, 0x94)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x8, 0x6}, 0x102802, 0x2e, 0x0, 0x6, 0x6, 0x8001, 0x7fff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc)
dup2(0xffffffffffffffff, r1)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0xe0}}, 0x0)
syz_io_uring_setup(0x4b6, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x1, 0x5}, &(0x7f0000ff0000), &(0x7f0000000000), &(0x7f0000000000))
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x6)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x10, &(0x7f0000000000)={[{@resuid}, {@dioread_lock}]}, 0x8, 0x506, &(0x7f00000010c0)="$eJzs3c9vG1kdAPDvTOImm3U2XdgDIGDLslDQqs6P7kYrONC9gNBqJcSKE4duSLxRFLuO4qQ0oYfkyB2JSpzgT+DGAaknDty4wY1LOSBVUIEapB6MZjxNTGLHQU2cJv58pPHMezP19z3b7z3Pa90XwNC6FhE7EXElIj6JiKkiPym2uNXesuuePrm/uPfk/mISrdbH/0jy81ledPyZzKvFc45HxA+/F/GT5Gjc5tb26kKtVl0v0tMb9bXp5tb2jZW0yJmbn52fef/me3OnVtc36799/N2VD3/0+9996dGfdr75s6xY5Z9P5uc663Ga2lUvRbkjbzQiPjyLYOdktPj8cPFkre0zEfFW3v6nYiR/Nw9JoksLju6ZAMBLr9WaitZUZxoAuOyy+/9yJGmlmAsoR5pWKu05vDdiIq01mhvvTDU27yxFPod1NUrppyu16kwxV3g1SkmWns2PD9Jzh9I3I+L1iPjF2Ct5urLYqC2d5xcfABhirx4a//891h7/AYBLbvy8CwAADJzxHwCGj/EfAIbP/zH+d/l1IABwEbn/B4DhY/wHgOHTd/zfHUw5AICB+MFHH2Vba6/4/6+X7m5tfrt898ZStblaqW8uVhYb62uV5UZjuVatLLZa/Z6v1miszb67n2xubd+uNzbvbNxeqS8sV29XS2dcHwCgv9fffPiXJCJ2vvVKvkXHWg7Garjc0hPmAZfPSN8rJgdSDmDw/J4HhtcJ7vFNA8Al128tz57/ROiBxV/horr+efP/MKzM9cPw6j//3813Tr0cwOCZ/4fh1Wol1vwHgCFjjh94ob//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCFVzrckreRrge9kj2mlEjEZEVejlHy6UqvORMRrEfHnsdJYlp4970IDAC8o/XtSrP91fert8uGzV5L/jOX7iPjprz7+5b2FjY312Sz/n/v5Gw+K/Lkr51EBAKDTraNZ7XG62HfcyD99cn/x+TbIIj7+oL24aBZ3r9jaZ0ZjNN+PRykiJv6VFOm27PvKyCnE39mNiM8d1P9eR4RyPgfSXvn0cPws9uQZxD94/Q/HT/8nfpqfy/al/LX47CmUBYbNww/a/WTR9rImVrS/NK7l++7tfzzvoV7c8/5v70j/l+73fyNH4id5m7+2nz6+JI/f/cP3j2S2ptrndiO+MNotfrIfP+nR/759wjr+9YtffqvXudavI65H9/ht9bybnd6or003t7ZvrNQXlqvL1Ttzc/Oz8zPv33xvbjqfo24//vHQ0z8rlrl/redrsxsx0SP+eJ/6f+2E9f/Ns09+/JVj4n/jq93f/zeOiZ+NiV8/YfyFiVs9l+/O4i/1qH+/9/+dE8Z/9LftpRNeCgAMQHNre3WhVquu9znIvmv2u8bBxTyInYiXoBj9DtLiI/uylOeSHxzTaaQD6pyAM3XQ6M+7JAAAAAAAAAAAAAAAQC/Nre3VsTjbnxOddx0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4vP4bAAD//5aY0i4=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r4, 0x6628)

2m37.192076416s ago: executing program 0 (id=435):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_int(r0, 0x11, 0x65, &(0x7f0000000040)=0x5, 0x4)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x48, 0x24, 0xd0f, 0xffffffff, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0xff8b, 0x2, @TCA_CBS_PARMS={0x5, 0x1, {0x7, '\x00', 0x8000, 0x1, 0x0, 0x51}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4940}, 0x24008890)

2m36.423975148s ago: executing program 0 (id=442):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000003"], 0x48)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1900000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="7eba00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000428d8fed9b1a77eb4e2c059ad55680fca5ee89cd931f51227db1cf207e21310493da2bd0da5be9229f3cb550af"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r1, &(0x7f0000000280), &(0x7f0000000000)=""/3, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000100)='./file0\x00', 0x1d3)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
mkdir(&(0x7f0000000140)='./file0/../file0\x00', 0x190)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x2042, 0x0)
r2 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x3, 0x0, 0x0, 0x400, 0x66113, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x80000000, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000e7eba5ea024a2ab2556a412c4b300"/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x5, r4}, 0x38)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158b33d4fec877f1b6d76745b686158bbcfe8875afdef001e000000002c"], 0x66)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10b8}, 0xff00)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e000000000000000700400009"], 0x50)
socket$kcm(0xa, 0x5, 0x0)
r5 = socket$kcm(0xa, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x890b, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'\x00', 0x202})

2m36.391976969s ago: executing program 0 (id=445):
prctl$PR_GET_NAME(0x10, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000020000100000000000000000002000000000000022f86f0a9080006000500004008000400fb17ffff"], 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x14, &(0x7f0000001600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402}, 0x94)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x8, 0x6}, 0x102802, 0x2e, 0x0, 0x6, 0x6, 0x8001, 0x7fff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc)
dup2(0xffffffffffffffff, r1)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0xe0}}, 0x0)
syz_io_uring_setup(0x4b6, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x1, 0x5}, &(0x7f0000ff0000), &(0x7f0000000000), &(0x7f0000000000))
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x6)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x10, &(0x7f0000000000)={[{@resuid}, {@dioread_lock}]}, 0x8, 0x506, &(0x7f00000010c0)="$eJzs3c9vG1kdAPDvTOImm3U2XdgDIGDLslDQqs6P7kYrONC9gNBqJcSKE4duSLxRFLuO4qQ0oYfkyB2JSpzgT+DGAaknDty4wY1LOSBVUIEapB6MZjxNTGLHQU2cJv58pPHMezP19z3b7z3Pa90XwNC6FhE7EXElIj6JiKkiPym2uNXesuuePrm/uPfk/mISrdbH/0jy81ledPyZzKvFc45HxA+/F/GT5Gjc5tb26kKtVl0v0tMb9bXp5tb2jZW0yJmbn52fef/me3OnVtc36799/N2VD3/0+9996dGfdr75s6xY5Z9P5uc663Ga2lUvRbkjbzQiPjyLYOdktPj8cPFkre0zEfFW3v6nYiR/Nw9JoksLju6ZAMBLr9WaitZUZxoAuOyy+/9yJGmlmAsoR5pWKu05vDdiIq01mhvvTDU27yxFPod1NUrppyu16kwxV3g1SkmWns2PD9Jzh9I3I+L1iPjF2Ct5urLYqC2d5xcfABhirx4a//891h7/AYBLbvy8CwAADJzxHwCGj/EfAIbP/zH+d/l1IABwEbn/B4DhY/wHgOHTd/zfHUw5AICB+MFHH2Vba6/4/6+X7m5tfrt898ZStblaqW8uVhYb62uV5UZjuVatLLZa/Z6v1miszb67n2xubd+uNzbvbNxeqS8sV29XS2dcHwCgv9fffPiXJCJ2vvVKvkXHWg7Garjc0hPmAZfPSN8rJgdSDmDw/J4HhtcJ7vFNA8Al128tz57/ROiBxV/horr+efP/MKzM9cPw6j//3813Tr0cwOCZ/4fh1Wol1vwHgCFjjh94ob//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCFVzrckreRrge9kj2mlEjEZEVejlHy6UqvORMRrEfHnsdJYlp4970IDAC8o/XtSrP91fert8uGzV5L/jOX7iPjprz7+5b2FjY312Sz/n/v5Gw+K/Lkr51EBAKDTraNZ7XG62HfcyD99cn/x+TbIIj7+oL24aBZ3r9jaZ0ZjNN+PRykiJv6VFOm27PvKyCnE39mNiM8d1P9eR4RyPgfSXvn0cPws9uQZxD94/Q/HT/8nfpqfy/al/LX47CmUBYbNww/a/WTR9rImVrS/NK7l++7tfzzvoV7c8/5v70j/l+73fyNH4id5m7+2nz6+JI/f/cP3j2S2ptrndiO+MNotfrIfP+nR/759wjr+9YtffqvXudavI65H9/ht9bybnd6or003t7ZvrNQXlqvL1Ttzc/Oz8zPv33xvbjqfo24//vHQ0z8rlrl/redrsxsx0SP+eJ/6f+2E9f/Ns09+/JVj4n/jq93f/zeOiZ+NiV8/YfyFiVs9l+/O4i/1qH+/9/+dE8Z/9LftpRNeCgAMQHNre3WhVquu9znIvmv2u8bBxTyInYiXoBj9DtLiI/uylOeSHxzTaaQD6pyAM3XQ6M+7JAAAAAAAAAAAAAAAQC/Nre3VsTjbnxOddx0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4vP4bAAD//5aY0i4=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r4, 0x6628)

2m36.080082269s ago: executing program 0 (id=447):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="500000001800010000000000000003001d01000008000e00", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="1500010000000000000000007721", @ANYRES64], 0x50}, 0x1, 0x0, 0x0, 0xa8d0}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2m36.070719639s ago: executing program 32 (id=447):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="500000001800010000000000000003001d01000008000e00", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="1500010000000000000000007721", @ANYRES64], 0x50}, 0x1, 0x0, 0x0, 0xa8d0}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

29.065909823s ago: executing program 3 (id=1410):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x7, 0x520, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, @perf_bp={0x0, 0x2}, 0x0, 0x1224, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040)=<r2=>0xffffffffffffffff, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$XFS_IOC_GETVERSION(r2, 0x80087601, &(0x7f0000000880))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="48000000100039042abd70000000000000000000", @ANYRES32=r1, @ANYBLOB="0118020003110000280012800b00010065727370616e"], 0x48}, 0x1, 0x0, 0x0, 0x410c0}, 0x4000020)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9, 0x0, 0x0, 0x4000000}, 0x20004000)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
pivot_root(&(0x7f00000003c0)='./bus\x00', &(0x7f00000000c0)='./file0\x00')

28.355471344s ago: executing program 3 (id=1418):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x4, &(0x7f0000006680))
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
fdatasync(0xffffffffffffffff)
r0 = syz_io_uring_setup(0x5125, &(0x7f0000000540)={0x0, 0xcc19, 0x80, 0x1, 0x30e}, &(0x7f0000000100), &(0x7f0000000200), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x4, &(0x7f0000006680)) (async)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) (async)
fdatasync(0xffffffffffffffff) (async)
syz_io_uring_setup(0x5125, &(0x7f0000000540)={0x0, 0xcc19, 0x80, 0x1, 0x30e}, &(0x7f0000000100), &(0x7f0000000200), &(0x7f0000000000)) (async)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0) (async)

27.787765722s ago: executing program 3 (id=1420):
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x1a1)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0xd38, 0x908, 0xffffffff, 0xffffffff, 0x908, 0xffffffff, 0xc68, 0xffffffff, 0xffffffff, 0xc68, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0x0, 0x680c], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x8e0, 0x908, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{[{0xd8800000, 0x2}, {0xec, 0x2}, {0x6, 0x3}, {0x80}, {0x6, 0x2}, {0x10000, 0x2}, {0xd}, {0x2}, {0x4, 0x3}, {0x1, 0x1}, {0x4}], [{0x9, 0xfffffffb}, {0x7, 0x7}, {0x2, 0x80000000}, {0x9, 0x1}, {0x799, 0x8001}, {0x0, 0x2}, {0xc2, 0x5}, {0x8, 0x1000}, {0x40, 0x9}, {0xff, 0x81}, {0x636, 0x6}], 0x6}, {[{0x8, 0x2}, {0xe000}, {0xb8b4, 0x1}, {0x3c5f9b87, 0x3}, {0x3, 0x1}, {}, {0x29b5, 0x2}, {0x54a2f77, 0x3}, {0x3, 0x3}, {0x1000, 0x2}, {0x1, 0x2}], [{0x6, 0x5}, {0x5, 0x7}, {0x2, 0x3}, {0x80000000, 0x2}, {0xee84, 0x8000}, {0x9, 0x9}, {0x3800000, 0x3}, {0x800, 0x9}, {0xfffffffa, 0x1}, {0x0, 0x2}, {0x7, 0x7}], 0x4, 0x3}, {[{0x286f, 0x1}, {0x554b, 0x3}, {0x0, 0x3}, {0x6, 0x3}, {0x5}, {0x9, 0x1}, {0x6000000, 0x3}, {0x400, 0x3}, {0x9, 0x2}, {0x8001, 0x2}, {0xc5bf}], [{0x6, 0x7f}, {0x5, 0xfffffff9}, {0x7, 0x8}, {0xb, 0x3}, {0x8, 0x9}, {0x2}, {0x7}, {0x7, 0x1000}, {0xfff, 0x2e4}, {0x0, 0x400}, {0x0, 0x8}], 0xb, 0x6}, {[{0x2, 0x2}, {0x2, 0x1}, {0x6, 0x3}, {0xfffffffc, 0x1}, {0x4, 0x3}, {0x10001}, {0xca0, 0x2}, {0x10, 0x1}, {0x8, 0x1}, {0x6796, 0x3}, {0x8, 0x1}], [{0x6, 0x6}, {0x1, 0x7}, {0x5, 0x9}, {0xffff, 0x2}, {0xc, 0x5}, {0x51a3, 0x3}, {0x8, 0x5}, {0xfffffff7, 0x9}, {0xd0, 0x1}, {0xfffffff8, 0x8}, {0x7656, 0x2}], 0x7}, {[{0x2, 0x2}, {0x10001}, {0x4eb}, {0x10000, 0x3}, {0x2, 0x2}, {0x3}, {0x81}, {0x4, 0x1}, {0x10001, 0x2}, {0x9, 0x3}, {0x1, 0x2}], [{0x4}, {0x0, 0x400}, {0xd9a8, 0x7}, {0x1000, 0x8f8}, {0x3, 0x10001}, {0x3, 0x7c67}, {0x6, 0x80}, {0xfffffff9, 0x2}, {0xffff, 0x2}, {0x1000, 0x9}, {0x3, 0x2}], 0x1, 0x4}, {[{0xabb918, 0x1}, {0x3, 0x1}, {0x8, 0x2}, {0x9, 0x1}, {0x2}, {0x9, 0x1}, {0x80000000, 0x3}, {0x1, 0x2}, {0x0, 0xc49aafde8229cbf1}, {0x4, 0x1}, {0x3, 0x2}], [{0x8b, 0x9}, {0x6, 0x553}, {0x1, 0xe0}, {0x3, 0x4ad}, {0x0, 0x10001}, {0x1, 0x2}, {0xd1, 0x100}, {0x6, 0x7641}, {0x3, 0xfffffffc}, {0x2, 0x4}, {0x9, 0x2}], 0x1, 0x1}, {[{0x8015, 0x3}, {0x3, 0x3}, {0x1, 0x2}, {0x0, 0x2}, {0x37b, 0x3}, {0x5}, {0x2, 0x3}, {0x1, 0x2}, {0x7f}, {0x6, 0x2}, {0xfffffff6, 0x2}], [{0x9, 0x7}, {0x8, 0x7}, {0x6, 0x4}, {0x800, 0x80000001}, {0x0, 0x10000}, {0x2, 0x3b58}, {0x4ca7ea08, 0x8001}, {0x0, 0xa9b}, {0x1ff}, {0x5, 0x2}, {0x8, 0x4}], 0xa, 0xb}, {[{0x10001, 0x3}, {0x3}, {0xc, 0x1}, {0x7a, 0x3}, {0x6, 0x1}, {0x80000001, 0x3}, {0x3, 0x2}, {0xa}, {0x401, 0x1}, {0x9}, {0x1, 0x2}], [{0x200, 0x1}, {0x8, 0x1aaa}, {0x706, 0x9}, {0x9, 0x2}, {0x4, 0x7}, {0x5, 0x9}, {0x3}, {0x5, 0xbf789c5e}, {0x8, 0x3}, {0x7, 0x10001}, {0x1}], 0xa, 0x1}, {[{0xc2}, {0x5, 0x1}, {0x200}, {0x8, 0x2}, {0x400}, {0x7ff, 0x3}, {0x10001}, {0xe1a}, {0x9, 0x3}, {0xfffffffc, 0x3}, {0x9}], [{0x10, 0x4}, {0x1, 0x10000}, {0xbf9, 0x6}, {0x4}, {0x101, 0x8}, {0x100, 0x4}, {0x0, 0xb6e}, {0x7f, 0x8}, {0x9, 0x7}, {0xffff, 0x92a}, {0xd, 0x2}], 0x9, 0x2}, {[{0x8, 0x3}, {0x80000001}, {0x9, 0x3}, {0x4, 0x2}, {0x1, 0x3}, {0x4}, {0x4, 0x1}, {0x1, 0x3}, {0xc, 0x3}, {0x101, 0x2}, {0x1}], [{0x4, 0x3}, {0x0, 0x8}, {0xffffe5cb, 0x1}, {0x7f, 0xfffffff4}, {0x40, 0xffffffff}, {0x2, 0x7}, {0x7fff, 0x6}, {0x0, 0x8}, {0xffffff2e, 0x7ff}, {0x40, 0xa}, {0x3, 0x207}], 0x6, 0x2}, {[{0x1ff}, {0x5, 0x2}, {0x10001, 0x1}, {0x2, 0x2}, {0xff, 0x1}, {0x1, 0x1}, {0x800, 0x3}, {0x80000001, 0x2}, {0x1ef6, 0x2}, {0x1, 0x2}, {0xba, 0x3}], [{0x18d, 0x7}, {0x0, 0x2}, {0xdf91, 0x1}, {0xe08, 0x6}, {0x4, 0x7ff}, {0xa64, 0x101}, {0x7, 0x4}, {0x401, 0x2}, {0x7ff}, {0x0, 0xd4}, {0xef}], 0x2, 0x7}]}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x2f8, 0x360, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x6, 0x1000, 0x4, 0x1, 'syz0\x00', 0x6}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0xffffffffffffffff, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x16a, 0x1, 'syz1\x00', 'syz0\x00', {0x80000001}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0xd98)

27.729005773s ago: executing program 3 (id=1422):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x4000, &(0x7f0000000600), 0xfd, 0x571, &(0x7f0000000bc0)="$eJzs3U9sHFcZAPBvdh0ndU1dm1pqysGBRLh/FNvtSk4NB8IBDhT1UiRUqRysZGMHr2Nju6I2F/fGiQoJBKiiasQBCSRiiQNwqChIHJAIEgIhLNRKIA78aQHhHggBjGZ3NtnYs2bBjhcyv5+02TdvnvO9t5vvafe9iSeAwjqR/pFE9EfE1YgYaBze2uBE4+kblY3ZK5WN2SS2t5/6U1Jvd7myMdts2vy5uyNiPSLuj4jvX4g4d2R33OXVtbnpWq26lB2Pr8wvji+vrp2+OD89U52pXqpUHp+anJw6MznxH4wm2fPsRxffGPrF7JMzL4/8/ekz81/5YxJn6+OOHeM4SHk96kkizt6OYF1QTscTEX0dth+uvvDKbe4SHfrc0OZ4+t7dFxGn6vk/EOX6uxnxvpee+ctAvPd6u5+9uvnS7w6zrwDAwdlOHd37NHBnKkX63T8pjUVEo1wqjY01vsPfF32l2sLyyiMXFp69dL6xRnBvHClduFirTmRrBffGkSQ9frRevnn82I7jSkQMRsSny3fVj8fOLdTOH+pMBzT1R7z+zU+c6717R/7/ttzIf+DOleb/z37w7e+m5bfK3e4NcJjS/P/aW/NPhPyHwpH/UFzyH4pjZ4rLfygu+Q/FJf+huOQ/FJf8h+KS/1Bc8h+KqzX/pT8U0+DIq5tJRKy/5676I9Wbncv5tT3AHWR7O/Gf/KGgfPaH4urpdgeArvEdH9j7N2dHHGt3YvHg+wIcjlK3OwB0zehx+39QVNb/obis/0Nx+YwPWP+H4rH+D8XV3+b+X29ruXfXRETcExE/Kh852rzXF/D/qz/i9RevfuuZiNLvk+zz/+jAqf7pN177Xmu73uSv9S2C3oj45ItPfeG56ZWVpUfT+j/fqF/5Ylb/WLdGA3SimafNPAaKa3l1bW66VqsuKSgoFK7QnAcuVzZmm4/DmnteeDjizfc3LkJI417JHo2zPdna5LH6HmXfVnLLtQrJAexdfuZ0xPrzEXF/3viT7H7njZ2Pvq3yrvhvz57Tx/Fs/SRtM9xh/PI9+4v/QEv8kZb47+gw/uZHOmx4mwx+vbvxX/5l9vpP9PTkvf77vTZm6N+cf+Kr+wywT7/5dXfjnxrpbvzPL0S8ms4/E3n5V0rT8sbO5875p7/lOun/1qdGb85/V3bNf6Ub81+5zfx3osM4P3y6+rG8+vKPI958PuKB3PjNeMfqsfq2Srvin2yZfx7cI/4fPvzTubz6s69FbF+OGI38+K2xxlfmF8eXV9dOX5yfnqnOVC9VKo9PTU5OnZmcGK+vUY83V6p3e/L68Afy6k9+uTH+vjbxm+Nv9/pv7zHmVmtf+nj/O3Pqf3K8Ef/Bk/nv/1AWv/H69+yK/67sOf138o/sWt60zbWIOJrVPxQR33ll8OG8fn3oeiP++TbjL90Sf/f4H+lw/J/91T+fzat/7oMd/gUAwIFqvzTQ7Z4BAAAH7TB2Grs9RiBf31ZvtG4DJ+st+wrrN/cV0vpr2f5CeT3ib9keQ1r/ULZLlpZzNxqA/znDa+/+ebf7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFB0y6trc9O1WnVpuds9AQ7bvwIAAP//zFYBIA==")
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(r1, &(0x7f0000000040)='comm\x00')
write$binfmt_script(r2, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
r4 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r4, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
writev(r4, &(0x7f0000001980)=[{&(0x7f0000000240)="f9", 0x1}], 0x1)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
writev(r3, &(0x7f0000001980)=[{&(0x7f0000000240)="f9", 0x1}], 0x1)
clock_gettime(0x1, &(0x7f00000000c0))
r5 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d6163736563000014000280050006000000000005000f00019a000008000500", @ANYRES32=r6], 0x4c}}, 0x0)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x400)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r8, 0xc0145401, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x8001, 0x3, 0x1})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x3, &(0x7f0000000440)=[{0x15, 0x0, 0x1, 0xfffffffc}, {0x4, 0x4}, {0x6, 0xff, 0x0, 0x7fff0000}]})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0), 0x0)

27.51562683s ago: executing program 3 (id=1428):
unshare(0x20200)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2fb, &(0x7f0000000180)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOl0hpYypQVGivD9JGQOc+6h93aG5Nym7dad148LOUvL6RUJxpQERES2RUYkKK6AcwzacVRavZCLg98+/n/r7r0b6UxmckapqfTspZRSanj03ZNncWfY+oBsjjzY+pr6svn35r9bP2cf5S2Vt1SxVFG6mit9ruhzpqEW8lZBU2raNHTLUPmiZZQb+VIjnzNLi4tVpRcXhhKLZcOylF6sqoJRVZWSqpSrKvRQzxeVpmlqKCHoJrsyM6OnD1k87/Nk8JuUy2k9JCLxPZnsSl8mBAAA+qq9/w+K8rP/Xz23URm8vTbs9P/rUa/+//Knxt/a1f/HRMSz/3cf37P/1+v9f1h67f/3dkRny5H6f5wMo9E9pwLNsJ4sp/WE8/9re3l/dcwO6P8BAAAAAAAAAAAAAAAAAAAAAPgTbNdqyVqtlnSP7k89FxOR1t/bhETk6vHPGH7qdP0Hul9/nALND+6Fh0XMV0vZpWzj6AzYEBFTDBmTpPyw7wdHPXY/eaTqRuS9uezULy9lQ3YmnZO8XT8uyYi019dqU9czk+OqYXd9RBKt9SlJyl/e9SnP+qhcON9Sr0lSPsxLSUxZsOfRrH8+rtS1m5m2+rg9DgAAAACA00BTOzz375rWKd+o39lft78+EGrur8c89+dh+S/c37UDAAAAAHBWWNWnBd00jfI+QVy6j2kEkR7GtAfhgww+QOCusNcq970MPk+jt8B98F2pmHPS96clcICnpUMQlMNUjdZXo466Cvdlo05jZHqi51WI+Hkp/3nz9rt/98aVtViXlR4+CO1/A0Sct38BAAAAOEWaTb97ZqK/EwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Aw6ju+36/caAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJPiVwAAAP//FZkC4A==")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCGSTAMPNS(r0, 0x8907, 0x0)

26.664038055s ago: executing program 3 (id=1438):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) (async)
fcntl$lock(r0, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0x9}) (async)
fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x25, 0x5}) (async)
fcntl$lock(r0, 0x7, &(0x7f00000000c0)={0x1, 0x2, 0x8, 0x73e9}) (async)
setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000100)=0x9140, 0x4) (async)
r1 = io_uring_setup(0x7272, &(0x7f0000000440)={0x0, 0xf2ab, 0x40, 0x1, 0x117})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000840)=[{&(0x7f0000000340)=""/141, 0x8d}], 0x113e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[], 0x0}, 0x94) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000200)=[r1], 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fstat(r2, &(0x7f0000000640))
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r3, 0x0, 0x0) (async)
write$tcp_mem(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff02"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) (async)
io_uring_register$IORING_REGISTER_FILES(r1, 0x1e, &(0x7f0000000000)=[r1], 0x1) (async)
syz_emit_ethernet(0x76, &(0x7f0000000480)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x40, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x8, 0x2, 0x0, 0x0, {0x0, 0x6, "000810", 0x0, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @private2, [@dstopts={0x0, 0x0, '\x00', [@padn]}]}}}}}}}, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000010000304000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="0003000002100400140012800b00010062726964676500000400028008000a00", @ANYRES32=0x0, @ANYBLOB="4c5b3f7ea49485ca6359b5f2fd323e7da0557e44402c2e5371fef33aa486"], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8044) (async)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0) (async)
pipe2(&(0x7f0000000000)={0x0, <r5=>0x0}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x80000000000)

26.607667467s ago: executing program 33 (id=1438):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) (async)
fcntl$lock(r0, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0x9}) (async)
fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x25, 0x5}) (async)
fcntl$lock(r0, 0x7, &(0x7f00000000c0)={0x1, 0x2, 0x8, 0x73e9}) (async)
setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000100)=0x9140, 0x4) (async)
r1 = io_uring_setup(0x7272, &(0x7f0000000440)={0x0, 0xf2ab, 0x40, 0x1, 0x117})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000840)=[{&(0x7f0000000340)=""/141, 0x8d}], 0x113e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[], 0x0}, 0x94) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000200)=[r1], 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fstat(r2, &(0x7f0000000640))
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r3, 0x0, 0x0) (async)
write$tcp_mem(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff02"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) (async)
io_uring_register$IORING_REGISTER_FILES(r1, 0x1e, &(0x7f0000000000)=[r1], 0x1) (async)
syz_emit_ethernet(0x76, &(0x7f0000000480)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x40, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x8, 0x2, 0x0, 0x0, {0x0, 0x6, "000810", 0x0, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @private2, [@dstopts={0x0, 0x0, '\x00', [@padn]}]}}}}}}}, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000010000304000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="0003000002100400140012800b00010062726964676500000400028008000a00", @ANYRES32=0x0, @ANYBLOB="4c5b3f7ea49485ca6359b5f2fd323e7da0557e44402c2e5371fef33aa486"], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8044) (async)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0) (async)
pipe2(&(0x7f0000000000)={0x0, <r5=>0x0}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x80000000000)

1.726274278s ago: executing program 1 (id=1684):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x10, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x681, 0x0, 0x0, 0x0, 0x3}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000600)="87fc5d85da21530562070095c108", 0x0, 0x8011, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x40}, 0x50)

1.34355034s ago: executing program 1 (id=1691):
r0 = socket(0xa, 0x3, 0x87)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000140)={@loopback, 0x18, r2})

1.251870542s ago: executing program 1 (id=1693):
prctl$PR_SET_THP_DISABLE(0x29, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000006080)=@newtfilter={0x2c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xf, 0xf}, {}, {0xffff, 0x6}}, [@TCA_CHAIN={0x8, 0xb, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.247814952s ago: executing program 2 (id=1695):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
ioctl$TIOCPKT(r0, 0x5420, 0x0)
ioctl$TCSETS2(r0, 0x402c542b, &(0x7f00000000c0)={0x40, 0x802, 0x28964710, 0xfffffff7, 0x8, "1d4ab803374503053b00", 0x7fffffff, 0x10001})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@RTM_GETMDB={0x18, 0x56, 0x13d, 0x70bd2a, 0x25dfdbfd}, 0x18}}, 0x24048000)

1.192772184s ago: executing program 4 (id=1697):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x80c8d0, &(0x7f0000000140)=ANY=[], 0x9, 0x34f, &(0x7f00000004c0)="$eJzs3M1vG0UYx/FfjO04qZr1AYE4oD4SF7isknDigrBQKyEiUYUa8SIhts0GrCx25LWCjBBpT1w4IP4IDlWPvVWC/gO5cOOAuHDLBYkDPSAWed+8bpzEdes2L9+PVO00M8/ubGazemalmf0Pf/hyazN0N72eSjXTnCQ9kOoqKTOXHktxuaq6hm7qtQt///by+x99/G5jbe3yutmVxrXXV81s6dLPX32zkDa7N6+9+qf7f63+uffC3kv7/137ohVaK7R2p2eeXe/80fOuB75ttMIt1+xq4Huhb6126HeT+mhXCnzbDDrb233z2gsXF7e7fhia1+7blt+3Xsd63b55n3uttrmuaxcXdbz5CdqcZc3b6+teI/3PG889WvCNWfQIjyca80h3uw1vMLYLB2qat59OrwAAwEmS5v95tl8apPTH5P9Fef5fTvL/3yUV8v879fu9Cx/cXUrz/3vVQf4vFfL/z/JT1WQbpTz/r0ka5v+dZH6Q5/8bTyb/P5gRnW7fjw6OoigvVse1H8n/cUYN8v/F9O83duuTO8txgfwfAAAAAAAAAAAAAAAAAAAAAIDT4EEUOVEUOckxWwEeOfPxghwpSusPCX/EJeM4aUbHf/hvwvHHKTfcuKO8JAXf7TR3mskxbXBfUiBfy3L0b/w8pAbl6k0rrqL7JdhN43d3msmrobGpVhy/Ikf1h+Oj6Mo7a5dXzLJdCwrxFS0W41fl6Hlpfkz8qiXy61cGx6pefaUQ78rRrzfUUaCNdGVcFv/titnb763ZaP8X4nYAAAAAAJwFruXq2fy3uIWg6x6sT+bHSX0yvy5r/PeBZH69/PD8PI4vq1R+VncNAAAAAMD5Eva/3vKCwO/OqHBL0lFtyprN1YffMCaNyjbIPaTNnOaefFdrkuJCdvHpzjPo2xRXr4ytqkz0GytN1dVL1ckHpXpoVfbZ6LBwXZ1mLCInHYvHGNMXf/zpn6PbJF/GpElO+Obd2jF3esQjUT6qTfW4O62MvCRKs30HAQAAAHg6hkl/9pO3pMqz7RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOfNrPf/K+4sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJx3/wcAAP//QOD4ig==")
quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x5, 0x8ffff)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x8004587d, 0x0)
unshare(0x22020600)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4442, 0x1ff)
fsync(r1)

1.148083686s ago: executing program 2 (id=1698):
r0 = fsopen(&(0x7f0000001140)='hugetlbfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
pipe(0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xf9, 0x1, 0x0, 0x0, 0x0, 0x800000000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_bp={0x0, 0x2}, 0x902, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x190)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000002c0)='./file1\x00')

1.123314546s ago: executing program 1 (id=1700):
perf_event_open(&(0x7f00000005c0)={0x2, 0x80, 0xf8, 0x1, 0x0, 0x0, 0x0, 0x800000004, 0x14010, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_config_ext={0x7, 0x9}, 0x1112, 0xfff, 0x2, 0x2, 0x102, 0xfffffff8, 0x4d, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = fsopen(&(0x7f00000002c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x80)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup=r1, 0x1e, 0x1, 0x421, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0}, 0x40)

1.067674468s ago: executing program 2 (id=1701):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f00000000c0)='./file2\x00', 0x14a1c, &(0x7f0000003240)=ANY=[], 0x9, 0x37a, &(0x7f0000000a00)="$eJzs3c9rK1UUwPGTNE2TltdkpShIL76Nboa2uhaDvAdCwNI2YisI03aiIWNSZkI1IjZduRX3rgQXpeDCgouC9h/oxp1uROiuG8GFXagj8yuZJpOkpmkj7fcDj9zcc8/Mncx9cCbvTebinS8+rJZtraw3JJlRkhARuRTJS1JCieA16bXTEtWSl+f++PmFtY1Sxu9QTwvrrywrpeYXfvjo02ww7GRGzvLvXfy+fH72zNlzF/+sf1CxVcVWtXpD6Wqr/mtD3zINtVOxq5pSK6ah24aq1GzD8uPfBdsx67u7TaXXdh7N7lqGbSu91lRVo6kaddWwmkp/X6/UlKZp6tGsDDI9MPpQlA5XV/XCiMnbY54MbollOfqUiGR7IqW5mYnMCAAATFJ3/Z90S/pR6v9NmS8Wn6wqd3Cn/j968bQx9/bxfFD/n6Tj6v9Xf/G3daX+dy8nOvV/3b8+KA+v/7+Sa9X/vt6K6GEZuf7P38JkMJqFdE9X4so7yyros8HfX8/Bu0eLXqN0eBcTBAAAAAAAAAAAAAAAAAAAAAAAN3PpODnHcXLha/incwtB8B73UqbP+Z9xY+7Zdzj/99naxqZkvBv33HNsfr5X2iv5r8GAUxExxfjb6eaujfDOI+XKy4/mfpC/v1ea8iKFslTcfFmSnOS99RTJd5ynbxafLClfkN++Ten820i+pPzOdv733hs3f/lqfrD/tLz0OJKvSU5+2pa6mLLjZXb2/9mSUm+8VezKz3rjROS3uz0jAAAAAACMn6baYq/fNa1f3P+VkULZ+5rIkEXJyV/x1/eLsdfnqdzzqUkfPQAAAAAAD4Pd/KSqS9KwvIZpxjWy0jdktzIxoWyfwV2N8Bkc0ZDbFzs43dUzPWjLU5EjHDqNoJEW/wkm1xo8oPF1+Kn+l6zwP1K4E2+HMjGfT6eRkMFbDo/fH5wa9XBMM9ESbwG0oqHkkL17jVT35BfcDhU7+HHf7RwEB9LuCb82Svf5nGWldzvJASthuqfHSYy2AJ798ps/b7p+Oo3XjoMV8PHwwQem4ezLdU5KV8PdRW+Ix+MAAAAA91Cn6A97Xo+Gow8SiT4sh3+5BwAAAAAAAAAAAAAAAAAAAAAAAAAAAABgjMbyQ2VDGpM+RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/4t8AAAD//35E7j8=")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
personality(0xfe47fef9f5ff7379)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)

932.085402ms ago: executing program 1 (id=1704):
perf_event_open(&(0x7f00000005c0)={0x2, 0x80, 0xf9, 0x1, 0x0, 0x0, 0x0, 0x800000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_bp={0x0}, 0x800, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
pselect6(0x0, 0x0, &(0x7f0000000080)={0x9, 0x5, 0x5, 0x4, 0x0, 0x3, 0x0, 0x5}, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x9549, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, @perf_config_ext={0x76, 0x8}, 0x11efa, 0x4, 0x0, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000001080)={0xffffffffffffffff, 0xffffffffffffffff, 0x4, r0}, 0x3c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, 0x0, 0x0)

931.849392ms ago: executing program 2 (id=1705):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r1 = socket(0xa, 0x3, 0x87)
sendto(r1, &(0x7f00000003c0)="e1118ce4769b", 0xfdef, 0x800, &(0x7f0000000600)=@l2tp6={0xa, 0x0, 0x7, @local, 0x5}, 0x80)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

927.845262ms ago: executing program 4 (id=1706):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="640000001000370403000000ffffffff00000000", @ANYRES32=r2, @ANYBLOB="0b1b050000000000440012800b00010069703667726500003400028008000100", @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x48810}, 0x4000010)
sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f0000000000)={0x2, 0x4e24, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0x20}}], 0x1, 0xc0)

909.436793ms ago: executing program 2 (id=1707):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f00000005c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x5c, 0x10, 0x437, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, 0x40c89}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @private1}, @IFLA_GRE_REMOTE={0x14, 0x7, @private0}]}}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004880}, 0x0)

843.684525ms ago: executing program 2 (id=1709):
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000180)={'sit0\x00', 0x0})
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
recvmmsg(r1, &(0x7f0000007440)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000100)=""/108, 0x6c}], 0x1}, 0xd2c7}], 0x40000, 0x2, 0x0)
close(0x3)
ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000000))

780.155306ms ago: executing program 4 (id=1710):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000500)='./file0\x00', 0x4a1e, &(0x7f0000000280)=ANY=[], 0x2, 0x32e, &(0x7f0000000a40)="$eJzs3EFII1cYwPHPGGMSa5JDaWmh+Ggv7WXQtOfSUBRKAxU1pVoojDppQ6aJZIIlpVQ97XXZ+54W9iAevQm73vbkZW+7sOxlb14W9qCHZWfJZMYkY4wxRuIm/x/IvLz3Pue9mRf4ZsjM8W93/85nLS2rlyUQVvKRiMipSEIC4hlxtwGnHJJG2ycy8ebZF4vLKz+n0unZBaXmUkvfJpVSsalH//wXcbsdjMtR4o/j18lXR58cfXb8bumvnKVylioUy0pXq8WXZX3VNNR6zsprSs2bhm4ZKlewjFKtvVhrz5rFjY2K0gvrk9GNkmFZSi9UVN6oqHJRlUsVpf+p5wpK0zQ1GZX2Xjy5pMMQyOwuLOipLoPXejwY3JBSKaWPikjkXEtmty8DAgAAfeXP/wMi21fK/+UbN/+XmJP/VzvX8/+9Lw/LE7/ux9z8/yDUKv//7nntfzXl/2ER6Sb/vy8d5v/SMiMaLtfK/3E7TIXOVY00farm/1H3++vY+X1v2imQ/wMAAAAAAAAAAAAAAAAAAAAA8CE4te24bdtxb+v91R8hcD9jIF10/sdFJFw9+zbnf5AtLq9I2HlwLxgTMe9sZjYzta3b4VBETDFkWuLy1lkPrmrZe/JIVSXksbnlxm9tZkadllRWck78jMQl4Y+37bmf0rMzqsaNP3tMKdoYn5S4fNw6Ptkc7+4/JF9/1RCvSVyerklRTFl31nU9/v8ZpX78Je2Ljzj9AAAAAAAYBJo60/L6XdMuaq+9ZeTs+rrl/YHa9fV0y+vzYPzzYL9nDwAAAADAcLAq/+Z10zRKbQoRubxP94VgZ51Dvpqxdp1HG2bY6XhCzu9dRHxNARG50rwedHhUmwreDymamsJuZXeH15t/z87XdvNh6SAq6B/8VLVCXXc83m2j0AXHWebPRwXarISxnq3nT+89POndF+T7fW8FXN55p9t9hf2rzimMuTvmDh0AAAAwQOpJv1fzQ2PzSF8GBQAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkLmRV/r5Cv2eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBbvA8AAP//KbT7SA==")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, 0x1)
rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

734.379278ms ago: executing program 4 (id=1713):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000cc0)={0xcc, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x10}, [@CTA_EXPECT_NAT={0xb8, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x4c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @rand_addr=0x64010102}}}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x58, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast2}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010100}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x104}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})

631.843531ms ago: executing program 4 (id=1715):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x2}, [@printk={@ld}, @call={0x85, 0x0, 0x0, 0x5}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x7, 0x4, 0x18, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000070000850000001b"], 0x0, 0xfffffffe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000005, 0x80100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x11540, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')

624.619171ms ago: executing program 4 (id=1716):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000000))
perf_event_open(&(0x7f00000005c0)={0x2, 0x80, 0xf9, 0x1, 0x0, 0x0, 0x0, 0x800000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_bp={0x0}, 0x800, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
pipe2(&(0x7f0000001cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
dup3(r2, r0, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x121484b, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

402.449048ms ago: executing program 5 (id=1719):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000001c0), 0x204701, 0x0)
fchdir(r0)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='net/dev\x00')

398.894018ms ago: executing program 6 (id=1720):
r0 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0xdc611c98a50f495a, &(0x7f0000000280)={0xa, 0x4e24, 0xa, @local}, 0x1c)

288.136601ms ago: executing program 5 (id=1721):
r0 = socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x32, &(0x7f0000000180)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0xe, 0x24, 0x65, 0x0, 0x3, 0x11, 0x0, @empty, @empty=0xe0000001}, {0x4e20, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x6, 0x100}}}}}}}, 0x0)
recvfrom(r0, 0x0, 0x0, 0x40, 0x0, 0x0)

287.857172ms ago: executing program 6 (id=1722):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x8001, 0x7fff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000001435010026bd0c333c84", @ANYBLOB], 0x40}, 0x1, 0x0, 0x0, 0x811}, 0x0)
r1 = socket$inet6(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)=@ipv4_newaddr={0x48, 0x14, 0x509, 0x70bd27, 0x25dfdbfd, {0x2, 0x10, 0x90, 0xcb, r4}, [@IFA_BROADCAST={0x8, 0x4, @rand_addr=0x64010102}, @IFA_FLAGS={0x8, 0x8, 0x100}, @IFA_LOCAL={0x8, 0x2, @loopback}, @IFA_RT_PRIORITY={0x8, 0x9, 0x4}, @IFA_ADDRESS={0x8, 0x1, @remote}, @IFA_RT_PRIORITY={0x8, 0x9, 0x103}]}, 0x48}, 0x1, 0x0, 0x0, 0x4040014}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000"], 0x18}}, 0x0)
sendto$inet6(r1, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
fsetxattr$system_posix_acl(r0, 0x0, &(0x7f0000000480)=ANY=[], 0x24, 0x1)

261.000022ms ago: executing program 5 (id=1723):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2c, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf40d9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0}, 0x204, 0x0, 0x43a1bd76, 0x6, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200c}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
clock_getres(0x7, &(0x7f0000000080))

221.375203ms ago: executing program 6 (id=1724):
setresuid(0xee00, 0xee01, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000))
unlinkat(r0, &(0x7f0000000000)='./cgroup\x00', 0x0)

176.462495ms ago: executing program 6 (id=1725):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000280)=""/199, 0xc7}, {&(0x7f0000000380)=""/13, 0xd}], 0x2, &(0x7f0000001500)=""/51, 0x33}, 0x40000100)
sendto(r0, &(0x7f0000006880)="4dbe08", 0x3, 0x1, 0x0, 0x0)

176.033895ms ago: executing program 5 (id=1726):
brk(0xfffffffffffffffa)

104.085947ms ago: executing program 5 (id=1727):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = syz_open_pts(r0, 0x141601)
ftruncate(r1, 0x200004)

101.265807ms ago: executing program 5 (id=1728):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x65, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @multicast1}, {0x0, 0x4e21, 0x8}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x63, 0x0, &(0x7f0000000000)="ff", 0x0, 0x149d, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50)

81.033048ms ago: executing program 1 (id=1729):
prctl$PR_GET_NAME(0x10, &(0x7f00000000c0)=""/169)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f00000006c0)=[@in6={0xa, 0x4e22, 0x28, @mcast2, 0xe}, @in6={0xa, 0x4e25, 0x0, @mcast1, 0x1066}, @in6={0xa, 0x4e23, 0x200, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xd453}, @in6={0xa, 0x4e23, 0x474c, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}, @in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e21, 0x200, @mcast2, 0x7ff}, @in={0x2, 0x4e20, @private=0xa010101}, @in6={0xa, 0x4e26, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xc8ae000}, @in={0x2, 0x4e21, @empty}], 0xd8)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x8, 0x6}, 0x102802, 0x2e, 0x0, 0x6, 0x6, 0x8001, 0x7fff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000280)=0x8)
r2 = memfd_create(&(0x7f0000000800)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\xad\xa9\a\xde\x834\xdf\x9c\xc3\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xb7\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61\xdd\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x9a\xa4\x84\x03\xc2\x9c\xcdw\xd9\xba\x97\xd1\x1cS\xdeN\xcc\xac\xce\x9c\xd3\xbc\xb5\xd2\xf0\xcb>\x84a\xdaQ0\x06\xb8\xb8\x93\xcf\x92\v\xe3n\xea\xf9%\x1dm\xaf\x80\xaa\x02o_\xde[\x9d\xb9CkBK\x8a}K\x82?x|H\x99M\x85\xae\xe5\x7fgE\xd4\x80!l\x94\x98\x1e\x11\xf5\x1d^\x11r*!-d\x1c\r5\xfb\x89\xb7\xf2h\x8f\xf7\xb9\xfaO0\xcb\xaf\x8c\xc5\xab\xda\xe6\xf9\xf0\xf9L\xfc\xfa\x0e\xf2d\xf3\x10\xa8D\\\x83\xb3\x0e0\xc2\x0fBT\xba\x03%\x9b\x05\xe5\xe8\xd7\x95Ayy\x17\xd7\x02\x93\x17\xa8A\xcf\x86\x9e\x16\x89\xd7\xc9g)\xec\xcad\x15\xd0\x03\xc3xi\xc5\xf7\"=\x947tdc\xba\xe2', 0x2)
write$binfmt_script(r2, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000200), 0x0)
r4 = dup2(r1, r3)
syz_io_uring_setup(0x5173, &(0x7f0000000540)={0x0, 0x17b2, 0x8, 0x1, 0x12e, 0x0, r4}, &(0x7f00000003c0), &(0x7f0000000680), 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="021800001c000000000000000000000005000600000000000a00000000000000000000000000000000000000000000000000000000000000020012000000000000000000fcffffff0600ff0000000000000000000000000000000000000000000000000001000000fe8000000000002100000000000000bb050005002b0000000a00000000000000fc010000000200000002000000000000000000000000000008001900000000000a"], 0xe0}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = syz_io_uring_setup(0x4b6, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x1, 0x5}, 0x0, &(0x7f0000000000), 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000002600)=[{&(0x7f0000000a00)=""/217, 0xd9}, {&(0x7f0000000480)=""/16, 0x10}, {&(0x7f0000000b40)=""/167, 0xa7}, {&(0x7f0000000440)=""/54, 0x36}, {&(0x7f0000000c40)=""/241, 0xf1}, {&(0x7f0000001600)=""/4096, 0x1000}], &(0x7f0000000400)=[0x2, 0x2, 0x400008001, 0xffffffffffffffc0, 0x8000000000000000, 0x251, 0x5, 0x4], 0x6}, 0x20)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x6)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000080)=0x1)
ioctl$TIOCVHANGUP(r7, 0x5437, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x10, &(0x7f0000000000)={[{@resuid}, {@dioread_lock}]}, 0x8, 0x506, &(0x7f00000010c0)="$eJzs3c9vG1kdAPDvTOImm3U2XdgDIGDLslDQqs6P7kYrONC9gNBqJcSKE4duSLxRFLuO4qQ0oYfkyB2JSpzgT+DGAaknDty4wY1LOSBVUIEapB6MZjxNTGLHQU2cJv58pPHMezP19z3b7z3Pa90XwNC6FhE7EXElIj6JiKkiPym2uNXesuuePrm/uPfk/mISrdbH/0jy81ledPyZzKvFc45HxA+/F/GT5Gjc5tb26kKtVl0v0tMb9bXp5tb2jZW0yJmbn52fef/me3OnVtc36799/N2VD3/0+9996dGfdr75s6xY5Z9P5uc663Ga2lUvRbkjbzQiPjyLYOdktPj8cPFkre0zEfFW3v6nYiR/Nw9JoksLju6ZAMBLr9WaitZUZxoAuOyy+/9yJGmlmAsoR5pWKu05vDdiIq01mhvvTDU27yxFPod1NUrppyu16kwxV3g1SkmWns2PD9Jzh9I3I+L1iPjF2Ct5urLYqC2d5xcfABhirx4a//891h7/AYBLbvy8CwAADJzxHwCGj/EfAIbP/zH+d/l1IABwEbn/B4DhY/wHgOHTd/zfHUw5AICB+MFHH2Vba6/4/6+X7m5tfrt898ZStblaqW8uVhYb62uV5UZjuVatLLZa/Z6v1miszb67n2xubd+uNzbvbNxeqS8sV29XS2dcHwCgv9fffPiXJCJ2vvVKvkXHWg7Garjc0hPmAZfPSN8rJgdSDmDw/J4HhtcJ7vFNA8Al128tz57/ROiBxV/horr+efP/MKzM9cPw6j//3813Tr0cwOCZ/4fh1Wol1vwHgCFjjh94ob//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCFVzrckreRrge9kj2mlEjEZEVejlHy6UqvORMRrEfHnsdJYlp4970IDAC8o/XtSrP91fert8uGzV5L/jOX7iPjprz7+5b2FjY312Sz/n/v5Gw+K/Lkr51EBAKDTraNZ7XG62HfcyD99cn/x+TbIIj7+oL24aBZ3r9jaZ0ZjNN+PRykiJv6VFOm27PvKyCnE39mNiM8d1P9eR4RyPgfSXvn0cPws9uQZxD94/Q/HT/8nfpqfy/al/LX47CmUBYbNww/a/WTR9rImVrS/NK7l++7tfzzvoV7c8/5v70j/l+73fyNH4id5m7+2nz6+JI/f/cP3j2S2ptrndiO+MNotfrIfP+nR/759wjr+9YtffqvXudavI65H9/ht9bybnd6or003t7ZvrNQXlqvL1Ttzc/Oz8zPv33xvbjqfo24//vHQ0z8rlrl/redrsxsx0SP+eJ/6f+2E9f/Ns09+/JVj4n/jq93f/zeOiZ+NiV8/YfyFiVs9l+/O4i/1qH+/9/+dE8Z/9LftpRNeCgAMQHNre3WhVquu9znIvmv2u8bBxTyInYiXoBj9DtLiI/uylOeSHxzTaaQD6pyAM3XQ6M+7JAAAAAAAAAAAAAAAQC/Nre3VsTjbnxOddx0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4vP4bAAD//5aY0i4=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r8, 0x6628)

68.063168ms ago: executing program 6 (id=1730):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x552, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x3efd7ab4c41335d9, @perf_bp={0x0, 0x6}, 0x1000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x26, &(0x7f0000000340)=""/220, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@gettaction={0x30, 0x32, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x81f7}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x400c004}, 0x24048840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x4000044)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYRES32=0x0, @ANYBLOB="100804000402000014002b80080003001104000008000100", @ANYRES32, @ANYBLOB="14003500626f6e645f736c6176655f300000"], 0x50}}, 0x4004000)

0s ago: executing program 6 (id=1731):
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x64, 0x6, 0x0, 0x0, 0x0, 0xb, 0x22, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc090, 0x2, @perf_bp={0x0, 0x3}, 0xd, 0x0, 0x11000, 0x4, 0x4, 0x5, 0x0, 0x0, 0x0, 0x0, 0xa7}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c000000200081dc2abd700003000000020000008000380aedffffff0500"], 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x44004)

0s ago: executing program 4 (id=1736):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x2, 0x2}, 0x108361, 0x10000, 0x4, 0x5, 0x8, 0x0, 0xa48, 0x0, 0x4, 0x0, 0x2000000020000006}, 0x0, 0x2, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002ff0000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff0100000000"], 0x90)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="5c00000011006bec9e3be35c6e17aa31076b876c1d0000007ea60864160af3653c001ac00400020208000c000500010004000000eab556a705251e618294ff0051f60a84c9f4d4938037e7bb44d0000300000000000200ffffc6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x200400d4)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000002c0)={[{@init_itable}, {@nobh}, {@nodiscard}]}, 0x3, 0x45c, &(0x7f0000000940)="$eJzs281vFGUYAPBnZtsCArYifvChVtHY+NFSQOXgQY0mHjAx0YMem7YQZKGG1kQIUTAGT8aYeDce/Rc86cUYTyZe9W5IiOECeFozuzN0d9ld6LLbLezvlwy873z0fZ6deXffmXc3gKE1mf2TRGyLiL8iYrxWbdxhsvbftSvn5q9fOTefRKXy3r9Jdb+rV87NF7sWx23NK1NpRPplEntatLt85uyJuXJ58XRen1k5+fHM8pmzLx4/OXds8djiqQOHDx86OPvKywde6kmeWUxXd3+2tHfX2x9++86Rr7N1aZF/Ux49Mtlp4zOVSo+bG6ztdeVkZICBsCaliMhO12i1/49HKVZP3ni89cVAgwP6qlKpVLa233y+AtzDkmis6/IwLIoP+uz+t1iaBwGv9W/4MXCXX6/dAGV5X8uX2paR6vOByO+Ntvep/cmI+OD8f99nS/TnOQQAQIOfs/HPC63Gf2k8XLff/fnc0EREPBAROyLiwYjYGREPRVT3fSQiHl1j+82TJDePf9JLXSV2m7Lx36v53Fbj+K8Y/cVEKa9tr+Y/mhw9Xl7cn78mUzG6KavPdmjjlzf//KbdtvrxX7Zk7RdjwTyOSyObGo9ZmFuZu5Oc612+ELF7pFX+yY2ZgCQidkXE7i7bOP7cj3vbbbt1/h30YJ6p8kPEs7Xzfz6a8i8knecnZzZHeXH/THFV3Oz3Py6+2679O8q/B7Lzf1/L6/9G/hNJ/Xzt8trbuPj3V23vabq9/seS96vlsXzdp3MrK6dnI8aSI7Wg69cfWD22qBf7Z/lP7Wvd/3fE6iuxJyKyi/ixiHg8Ip7IY38yIp6KiH0d8v/tjac/6j7//sryX1jT+V8tjEXzmtaF0olff2podOKm/K93Pv+HqqWpfM3tvP/dTlzdXc0AAABw90kjYlsk6fSNcppOT9e+L78zIi0vLa88f3Tpk1MLtd8ITESkxZOu8brnobP5bX2tfiEial8tKLYfzJ8bf1faUq1Pzy+VFwadPAy5rW36f+af0qCjA/rO77VgeOn/MLxu1f8/X6c4gPXn8x+GV4v+v2UQcQDrbVPLz39jfhgOTf3ftB8Mkab+v3lQcQDrr/vnf2M9jQNYf57/w1Ba3hK3/pF8x0Lxl7o8/J4txOiGCKNvhUg3RBgbtjB6l/eLwb0nAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9NL/AQAA//8kV94B")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f0000000200)={[{@dax_never}, {@block_validity}, {@jqfmt_vfsold}, {@quota}, {@resuid}, {@norecovery}, {@init_itable}, {@usrquota}]}, 0x1, 0x443, &(0x7f0000001040)="$eJzs28tvG8UfAPDvrpP019cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrsAZVapQLi2cjNbebRzXdpNg1yH+fKRNZnbHmfl6duzZnWwAA2ss+5FE7IqIXyNitJ5dXWCs/uvm8uWZv5YvzyRRrb7xZ1Ird2P58kxRtHjdziIzFJF+ksSBFvUuXLx0drpSmbuQ5ycWz707sXDx0jNnzk2fnjs9d37qxIljRyefOz71bFfizOK6sf+D+YP7Xnnr6mszJ6++/ePXSRF/UxxdMtbp4OPVaper66/dDelkqI8NYV1K9WEaw7XxPxqlWOm80Xj54742DuiparVava/94aUqsIUl0e8WAP1RfNFn17/FdpemHpvC9RfqF0BZ3DfzrX5kKNK8zHDT9W03jUXEyaW/v8i2aL4Psb1HlQIAA+3bbP7zdKv5XxqN94X+n6+hlCPinojYExHHI2JvRNwbUSt7f0Q8sM76mxdJbp9/ptc2FNgaZfO/5/O1rdXzv2L2F+VSnttdi384OXWmMnckf08Ox/C2LD/ZoY7vXvrls3bHGud/2ZbVX8wF83ZcG9q2+jWz04vT/ybmRtc/itg/1Cr+5NZKQBIR+yJi/wbrOPPkVwfbHWsT/8ia/nAX1pmqX0Y8Ue//pWiKv5B0Xp+c+F9U5o5MFGfF7X76+crr7eq/c//3Vtb/O1qe/0X8v5eTxvXahfXXceW3T9teU270/B9J3ly17/3pxcULkxEjyau1fLlx/1RTuamV8ln8hw+1Hv97YuWdOBAR2Un8YEQ8FBEP521/JCIejYhDHeL/4cXH3tl4/L2VxT/bsf+jqf9XEiPRvKd1onT2+29WVVpeT/xZ/x+rpQ7ne9by+beWdm3sbAYAAID/njQidkWSjt9Kp+n4eP1/+PfGjrQyv7D41Kn5987P1p8RKMdwWtzpGm24HzqZX9YX+amm/NH8vvHnpe21/PjMfGW238HDgNvZZvxn/ij1u3VAz3leCwaX8Q+Dy/iHwWX8w+BqMf49egYDotX3/4d9aAdw9zWN/47LfiYGsLW4/ofBZfzD4DL+YSAtbI87PyS/NRJpRGyCZmyVRKSbohkSPUr0+5MJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4JAAD//5025W8=")
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x18000, 0x0)
socket(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x4008, &(0x7f00000000c0)={[{@lazytime}, {@init_itable_val={'init_itable', 0x3d, 0x2}}]}, 0x2, 0x548, &(0x7f00000011c0)="$eJzs3cFvI1cZAPBvvPEmu802KfQACOhSCgtarZN426jqhe0FhKpKiIoTh21I3CiKvY5ir2jMHrJH7pVYiRPwH3DjgNQTB27cQOLQSzkgLbACNUgcjGY8SbyJnbhN1k7i30+aeN6b2fnei/e9N/Mi+wUwtq5HxHZEXI6IdyNiJs9P8i3udLb0vE+ePFjeefJgOYl2+51/JtnxNC+6/k3qufyaUxHxw+9F/CQ5HLex1VpfqlYrm3l6rlnbmGtstW6tFfKc8uLC4vzrt18rn1pdX6r99vF319760e9/95WP/7T97Z+lxZr++bXsWHc99hVPHDPJrzPdlTcREW+d+Mpnx0T+/4fzJ21tn4uIl7P2PxOXsncTALjI2u2ZaM90pwGAiy59/p+OpFDK5wKmo1AolTpzeC/G1UK13mjenKnfv7cS2RzWbBQL761VK/P5XOFsFJM0vZDt76fLT6U/qNyOiBci4oPJK9nx0nK9ujLKGx8AGGPPHRj//zPZGf+7nfyvYADAmTM16gIAAEPXNf7PjrIcAMDweP4HgPHzKcZ/nw4EgAvC8z8AjB/jPwCMn2PH/4fDKQcAMBQ/ePvtdGvvdL7/evebum+tVBrrpdr95dJyfXOjtFqvr1YrpeV2+7jrVev1jYVX95KNrdbdWv3+vebdtdrSauVuxXcJAMDovfDSh39JB/3tN65kW3St5WCshoutMOoCACNzadQFAEbG53lgfA3wjG8aAC64Hkv0duQTBEm/Ex5Z/BXOqxtfNP8P4+ok8//mDuB8+2zz/9859XIAw2cMh/HVbifW/AeAMbM/xz/59I1B3z8IAhfNcc2971eEPBrg4nc+fXkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgPJjOtqRQytYC305/FkqliGsRMRvF5L21amU+Ip6PiD9PFifT9MKoCw0AnFDh70m+/teNmVemDx69nPw3WxjwckT89Jfv/OL9pWZzcyHN/9defvNRmn+luVm+PIoKAADddtfd/Gg/Kxu/y/lr14P8J08eLO9uwyzi4zcjYupKFn8n3zpHJmIie52KYkRc/XeSpzvS+5VLpxB/+2FEfGG3/lPxfleE6WwOpLPy6cH4aexrpx6/+/d/MH7hqfoWsmPpazH7XXw+DhQOONaHb3b6ybztpU08b3+FuJ699m7/U1kPdXJp/5c2151D/V9hr/+7dCh+krX563vpo0vy+NU/fP9QZnumc+xhxJcmesVP9uInvfvf4isD1vGjL3/15X7H2r+KuNGz/rsrUteybnauWduYa2y1bq3VllYrq5V75fLiwuL867dfK89lc9Sdn3/sFeMfb9x8vl/8tP5X+8SfOrr+8Y0B6//r/737468dEf9bX+/9/r94RPx0TPzmgPGXrt7pu3x3Gn+lT/2Pef/j5oDxP/5ba2XAUwGAIWhstdaXqtXK5jE76b3mcefYGXwnfbY/A8XIdmI74rQumE1KRETPc9I76rNR5We1k7TSO+NRRP/NaV9w1D0T8KztN/r+5/x1mAUCAAAAAAAAAAAAAAAOaWy11id7f1rr1HZGXUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAurv8HAAD//yHZxLU=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x800c4, 0x0)
r3 = inotify_init()
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x20)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r2, 0x0, 0x3ffff)
sendfile(r4, r2, 0x0, 0x7ffff000)
syz_open_dev$rtc(&(0x7f0000000140), 0x8, 0x109202)
timer_create(0xfffffffd, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f00000001c0)={{0x0, 0x989680}}, 0x0)
timer_gettime(0x0, &(0x7f0000000100))
ioctl$XFS_IOC_ERROR_INJECTION(r2, 0x40085874, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x1, 0x0)

kernel console output (not intermixed with test programs):

f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  183.329826][ T7517] RSP: 002b:00007f06a67e7028 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  183.329899][ T7517] RAX: ffffffffffffffda RBX: 00007f06a8005fa0 RCX: 00007f06a7d8ce59
[  183.329911][ T7517] RDX: ffffffffffffff9c RSI: 0000200000000000 RDI: ffffffffffffff9c
[  183.330000][ T7517] RBP: 00007f06a67e7090 R08: 0000000000000002 R09: 0000000000000000
[  183.330011][ T7517] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[  183.330022][ T7517] R13: 00007f06a8006038 R14: 00007f06a8005fa0 R15: 00007fff9ef5f5b8
[  183.330040][ T7517]  </TASK>
[  196.828667][ T7520] nci: __nci_request: wait_for_completion_interruptible_timeout failed 0
[  197.015450][ T7560] loop2: detected capacity change from 0 to 8192
[  197.115529][ T7566] __nla_validate_parse: 2 callbacks suppressed
[  197.115545][ T7566] netlink: 4 bytes leftover after parsing attributes in process `syz.4.987'.
[  197.353836][ T7576] loop5: detected capacity change from 0 to 1024
[  197.360818][ T7576] EXT4-fs: Ignoring removed nobh option
[  197.366526][ T7576] EXT4-fs: Ignoring removed bh option
[  197.389391][ T7575] netlink: 12 bytes leftover after parsing attributes in process `syz.3.986'.
[  197.864285][ T7576] EXT4-fs (loop5): stripe (17) is not aligned with cluster size (16), stripe is disabled
[  198.069650][ T7576] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.112232][   T28] kauditd_printk_skb: 17 callbacks suppressed
[  198.112248][   T28] audit: type=1400 audit(514.234:1288): avc:  denied  { write } for  pid=7556 comm="syz.5.982" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  198.142722][   T28] audit: type=1400 audit(514.264:1289): avc:  denied  { write } for  pid=7556 comm="syz.5.982" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  198.333743][ T7582] random: crng reseeded on system resumption
[  198.397938][ T5390] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.469141][   T28] audit: type=1400 audit(514.584:1290): avc:  denied  { ioctl } for  pid=7601 comm="syz.5.992" path="socket:[16475]" dev="sockfs" ino=16475 ioctlcmd=0x89f2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  198.524585][ T7602] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.545306][ T7602] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.555370][ T7602] ieee802154 phy1 wpan1: encryption failed: -22
[  198.579605][   T28] audit: type=1400 audit(514.644:1291): avc:  denied  { bind } for  pid=7601 comm="syz.5.992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  198.683091][ T7587] loop4: detected capacity change from 0 to 512
[  198.689931][   T28] audit: type=1400 audit(514.664:1292): avc:  denied  { write } for  pid=7592 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  198.793904][   T28] audit: type=1400 audit(514.754:1293): avc:  denied  { write } for  pid=7607 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  198.878571][   T28] audit: type=1400 audit(514.994:1294): avc:  denied  { write } for  pid=7609 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  198.932502][   T28] audit: type=1400 audit(515.034:1295): avc:  denied  { write } for  pid=7621 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  198.976901][ T7587] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.036273][ T7602] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.043429][ T7602] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.106205][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.155048][ T7627] netlink: 8 bytes leftover after parsing attributes in process `syz.3.993'.
[  199.163227][ T7630] loop4: detected capacity change from 0 to 1024
[  199.170587][ T7630] EXT4-fs: Ignoring removed bh option
[  199.174700][ T7626] netlink: 96 bytes leftover after parsing attributes in process `syz.1.995'.
[  199.193949][ T7627] netlink: 'syz.3.993': attribute type 15 has an invalid length.
[  199.230941][ T7602] ip6gretap0: left allmulticast mode
[  199.244637][ T7627] loop3: detected capacity change from 0 to 512
[  199.261717][ T7627] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  199.271636][ T6724] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.289693][ T7627] EXT4-fs (loop3): orphan cleanup on readonly fs
[  199.297163][ T6724] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.314287][ T7627] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.993: Block bitmap for bg 0 marked uninitialized
[  199.328524][ T6724] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.347267][ T6724] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.357660][ T7627] loop3: lost filesystem error report for type 5 error -117
[  199.358335][ T7627] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6679: Corrupt filesystem
[  199.360222][ T7630] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.365698][ T7627] loop3: lost filesystem error report for type 5 error -117
[  199.367278][ T7627] EXT4-fs (loop3): 1 orphan inode deleted
[  199.399935][ T7627] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  199.440034][ T7627] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  199.466011][ T7627] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  199.485852][   T28] audit: type=1400 audit(515.604:1296): avc:  denied  { write } for  pid=7629 comm="syz.4.994" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  199.526082][   T28] audit: type=1400 audit(515.634:1297): avc:  denied  { write } for  pid=7629 comm="syz.4.994" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  199.551019][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.561077][ T7627] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.993: Block bitmap for bg 0 marked uninitialized
[  199.578016][ T7627] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.993: Block bitmap for bg 0 marked uninitialized
[  199.636479][ T7642] FAULT_INJECTION: forcing a failure.
[  199.636479][ T7642] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.661813][ T7642] CPU: 0 UID: 0 PID: 7642 Comm: syz.2.998 Not tainted syzkaller #0 PREEMPT(full) 
[  199.661841][ T7642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  199.661856][ T7642] Call Trace:
[  199.661862][ T7642]  <TASK>
[  199.661871][ T7642]  __dump_stack+0x1d/0x30
[  199.661940][ T7642]  dump_stack_lvl+0x95/0xd0
[  199.661964][ T7642]  dump_stack+0x15/0x1b
[  199.661986][ T7642]  should_fail_ex+0x263/0x280
[  199.662019][ T7642]  should_fail+0xb/0x20
[  199.662045][ T7642]  should_fail_usercopy+0x1a/0x20
[  199.662072][ T7642]  _copy_to_user+0x20/0xa0
[  199.662099][ T7642]  simple_read_from_buffer+0xb5/0x130
[  199.662137][ T7642]  proc_fail_nth_read+0x10e/0x150
[  199.662194][ T7642]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  199.662219][ T7642]  vfs_read+0x1ab/0x7f0
[  199.662272][ T7642]  ? __rcu_read_unlock+0x4e/0x70
[  199.662295][ T7642]  ? __fget_files+0x184/0x1c0
[  199.662315][ T7642]  ? mutex_lock+0x57/0x90
[  199.662338][ T7642]  ksys_read+0xdc/0x1a0
[  199.662369][ T7642]  __x64_sys_read+0x40/0x50
[  199.662419][ T7642]  x64_sys_call+0x2886/0x3020
[  199.662453][ T7642]  do_syscall_64+0x12c/0x3b0
[  199.662557][ T7642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.662581][ T7642] RIP: 0033:0x7f58f6cdd68e
[  199.662629][ T7642] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  199.662649][ T7642] RSP: 002b:00007f58f576efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  199.662737][ T7642] RAX: ffffffffffffffda RBX: 00007f58f576f6c0 RCX: 00007f58f6cdd68e
[  199.662753][ T7642] RDX: 000000000000000f RSI: 00007f58f576f0a0 RDI: 0000000000000003
[  199.662766][ T7642] RBP: 00007f58f576f090 R08: 0000000000000000 R09: 0000000000000000
[  199.662777][ T7642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.662787][ T7642] R13: 00007f58f6f96038 R14: 00007f58f6f95fa0 R15: 00007fff1182f788
[  199.662814][ T7642]  </TASK>
[  199.882789][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.915614][ T7647] loop3: detected capacity change from 0 to 1024
[  199.963800][ T7647] EXT4-fs: Ignoring removed bh option
[  200.049932][ T7647] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.239275][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.324625][ T7670] netlink: 200 bytes leftover after parsing attributes in process `syz.1.1008'.
[  201.416479][ T7676] loop3: detected capacity change from 0 to 2048
[  201.482286][ T7676] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.522992][ T7676] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #12: comm syz.3.1011: corrupted in-inode xattr: e_name out of bounds
[  201.547114][ T7676] EXT4-fs (loop3): Remounting filesystem read-only
[  201.572572][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.619344][ T7688] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1016'.
[  201.674382][ T7690] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1017'.
[  201.718457][ T7690] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1017'.
[  201.788025][ T7690] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1017'.
[  201.941857][ T7694] loop3: detected capacity change from 0 to 512
[  201.965419][ T7694] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  202.036081][ T7694] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  202.047205][ T7694] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.1015: bad orphan inode 4
[  202.057732][ T7694] loop3: lost filesystem error report for type 5 error -117
[  202.059230][ T7694] EXT4-fs (loop3): 1 orphan inode deleted
[  202.073146][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  202.073204][    C0] EXT4-fs (loop3): initial error at time 518: ext4_orphan_get:1423
[  202.073796][    C0] EXT4-fs (loop3): last error at time 518: ext4_orphan_get:1423
[  202.103456][ T7694] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.135910][ T7694] EXT4-fs error (device loop3): ext4_map_blocks:791: inode #2: block 4: comm syz.3.1015: lblock 0 mapped to illegal pblock 4 (length 1)
[  202.786241][ T7699] Failed to initialize the IGMP autojoin socket (err -2)
[  202.905365][ T7708] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1022'.
[  202.936817][ T7708] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  202.968882][ T7708] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  203.005048][ T7708] bond0 (unregistering): Released all slaves
[  203.016074][ T7701] loop4: detected capacity change from 0 to 1764
[  203.066275][ T7699] Failed to initialize the IGMP autojoin socket (err -2)
[  203.205048][ T7721] loop4: detected capacity change from 0 to 2048
[  203.242432][ T7721] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.286408][ T7721] netlink: 391 bytes leftover after parsing attributes in process `syz.4.1023'.
[  203.307189][ T7721] openvswitch: netlink: ufid size 36 bytes exceeds the range (1, 16)
[  203.334854][ T7721] openvswitch: netlink: Message has 4 unknown bytes.
[  203.395527][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.489720][ T7734] random: crng reseeded on system resumption
[  203.523654][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  203.523741][   T28] audit: type=1400 audit(519.644:1309): avc:  denied  { firmware_load } for  pid=7732 comm="syz.2.1028" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  203.844293][ T7741] loop4: detected capacity change from 0 to 1024
[  203.883831][ T7741] EXT4-fs: Ignoring removed bh option
[  203.939727][ T7741] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.964793][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.001598][   T28] audit: type=1400 audit(520.124:1310): avc:  denied  { write } for  pid=7740 comm="syz.4.1027" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  204.059535][   T28] audit: type=1400 audit(520.184:1311): avc:  denied  { write } for  pid=7740 comm="syz.4.1027" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  204.087346][   T28] audit: type=1400 audit(520.184:1312): avc:  denied  { write } for  pid=7740 comm="syz.4.1027" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  204.129876][   T28] audit: type=1400 audit(520.184:1313): avc:  denied  { write } for  pid=7740 comm="syz.4.1027" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  204.163565][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.211756][ T7753] loop4: detected capacity change from 0 to 2048
[  204.358556][ T7758] loop3: detected capacity change from 0 to 8192
[  204.565509][ T7765] bond1: entered allmulticast mode
[  204.591032][ T7753]  loop4: p2 p3 p7
[  204.763970][ T7545] udevd[7545]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  204.764642][ T7761] udevd[7761]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  204.781574][ T7563] udevd[7563]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  204.799334][ T7758] macvlan2: entered promiscuous mode
[  204.804654][ T7758] macvlan2: entered allmulticast mode
[  204.812894][ T7758] bond1: (slave macvlan2): Opening slave failed
[  204.896548][ T7780] loop2: detected capacity change from 0 to 128
[  204.903427][ T7780] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x61417272 (sector = 1)
[  204.944088][ T6727] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x61417272 (sector = 1)
[  205.021662][ T7787] loop4: detected capacity change from 0 to 1024
[  205.030089][ T7787] EXT4-fs: Ignoring removed bh option
[  205.054890][ T7790] IPv6: addrconf: prefix option has invalid lifetime
[  205.062081][ T7790] IPv6: addrconf: prefix option has invalid lifetime
[  205.125034][ T7792] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1048'.
[  205.183863][ T7787] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.211839][   T28] audit: type=1400 audit(521.334:1314): avc:  denied  { write } for  pid=7785 comm="syz.4.1045" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  205.243598][ T7797] loop2: detected capacity change from 0 to 1024
[  205.260221][   T28] audit: type=1400 audit(521.374:1315): avc:  denied  { write } for  pid=7785 comm="syz.4.1045" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  205.287985][ T7797] EXT4-fs: Ignoring removed bh option
[  205.306602][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.330365][   T28] audit: type=1400 audit(521.374:1316): avc:  denied  { write } for  pid=7785 comm="syz.4.1045" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  205.393096][   T28] audit: type=1400 audit(521.374:1317): avc:  denied  { write } for  pid=7785 comm="syz.4.1045" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  205.511162][ T7797] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.529224][   T28] audit: type=1400 audit(521.654:1318): avc:  denied  { write } for  pid=7796 comm="syz.2.1049" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  205.580083][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.589316][ T7810] loop3: detected capacity change from 0 to 1024
[  205.605187][ T7810] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  205.613797][ T7810] System zones: 0-1, 3-36
[  205.619184][ T7810] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.1052: bad orphan inode 134217728
[  205.641541][ T7810] loop3: lost filesystem error report for type 5 error -117
[  205.642192][ T7810] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.665131][ T7810] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1052'.
[  205.773736][ T7824] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1056'.
[  205.839968][ T7830] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1058'.
[  206.170392][ T7836] loop2: detected capacity change from 0 to 512
[  206.217913][ T7836] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  206.290688][ T7836] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  206.300872][ T7836] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.1057: Corrupt directory, running e2fsck is recommended
[  206.392882][ T7836] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  206.401113][ T7836] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.1057: corrupted in-inode xattr: e_name out of bounds
[  206.414943][ T7836] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  206.459954][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  206.476404][    C1] EXT4-fs (loop2): initial error at time 522: ext4_iget_extra_inode:5128: inode 15
[  206.486212][    C1] EXT4-fs (loop2): last error at time 522: ext4_iget_extra_inode:5128: inode 15
[  206.510435][ T7836] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1057: couldn't read orphan inode 15 (err -117)
[  206.523275][ T7836] loop2: lost filesystem error report for type 5 error -117
[  206.524768][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.525403][ T7836] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.557888][ T7836] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  206.604925][ T7841] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1060'.
[  206.605182][ T7836] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  206.664581][ T7836] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.1057: Corrupt directory, running e2fsck is recommended
[  207.058443][ T7851] rock: corrupted directory entry. extent=458780 out of volume (nzones=41)
[  207.106525][ T7851] rock: corrupted directory entry. extent=458780 out of volume (nzones=41)
[  207.233861][ T7851] iso9660: Corrupted directory entry in block 4 of inode 1792
[  207.261243][ T7861] ext2: Unknown parameter 'dont_appraise'
[  207.522209][ T7868] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=8208 sclass=netlink_xfrm_socket pid=7868 comm=syz.4.1069
[  207.631615][ T7866] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  207.650063][ T7866] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #12: comm syz.3.1068: corrupted in-inode xattr: e_name out of bounds
[  207.694841][ T7866] EXT4-fs (loop3): Remounting filesystem read-only
[  207.784230][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.013472][ T7880] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1073'.
[  208.195698][ T7887] netlink: 'syz.3.1074': attribute type 1 has an invalid length.
[  208.225264][ T7887] netlink: 'syz.3.1074': attribute type 2 has an invalid length.
[  208.347962][ T7888] set_capacity_and_notify: 3 callbacks suppressed
[  208.347991][ T7888] loop4: detected capacity change from 0 to 512
[  208.417423][ T7888] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  208.429570][ T7888] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[  208.440316][ T7888] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.1070: Corrupt directory, running e2fsck is recommended
[  208.455374][ T7888] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  208.464174][ T7888] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #15: comm syz.4.1070: corrupted in-inode xattr: e_name out of bounds
[  208.479192][ T7888] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  208.481811][ T7888] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.1070: couldn't read orphan inode 15 (err -117)
[  208.491570][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  208.491584][    C1] EXT4-fs (loop4): initial error at time 524: ext4_iget_extra_inode:5128: inode 15
[  208.491628][    C1] EXT4-fs (loop4): last error at time 524: ext4_iget_extra_inode:5128: inode 15
[  208.530315][ T7888] loop4: lost filesystem error report for type 5 error -117
[  208.531632][ T7888] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.557767][ T7888] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  208.569957][ T7888] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[  208.580551][ T7888] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.1070: Corrupt directory, running e2fsck is recommended
[  209.189940][ T7581] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  209.572446][   T28] kauditd_printk_skb: 23 callbacks suppressed
[  209.572462][   T28] audit: type=1400 audit(525.694:1342): avc:  denied  { create } for  pid=7894 comm="syz.1.1077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  209.688193][ T7581] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  209.743084][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.765578][ T7905] loop3: detected capacity change from 0 to 512
[  209.812681][ T7905] EXT4-fs warning (device loop3): ext4_xattr_inode_get:546: inode #11: comm syz.3.1079: ea_inode file size=458758 entry size=16777216
[  209.943623][ T7905] ------------[ cut here ]------------
[  209.949102][ T7905] EA inode 11 i_nlink=2
[  209.949166][ T7905] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x313/0x350, CPU#1: syz.3.1079/7905
[  209.964046][ T7905] Modules linked in:
[  209.967964][ T7905] CPU: 1 UID: 0 PID: 7905 Comm: syz.3.1079 Not tainted syzkaller #0 PREEMPT(full) 
[  209.977344][ T7905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  209.987445][ T7905] RIP: 0010:ext4_xattr_inode_update_ref+0x332/0x350
[  209.994133][ T7905] Code: 74 5a 98 ff 4c 8d 2d 5d 68 5c 05 49 8d 7e 40 e8 04 18 b6 ff 49 8b 6e 40 4c 89 e7 e8 38 13 b6 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 02 ff ff ff e8 af fe d7 03 66 66 66 66 66 66 2e
[  210.013800][ T7905] RSP: 0018:ffffc90002d67778 EFLAGS: 00010246
[  210.019935][ T7905] RAX: ffff888104d54f00 RBX: ffff8881081eb718 RCX: ffffffff81c0d898
[  210.027935][ T7905] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff871d40e0
[  210.041713][ T7905] RBP: 000000000000000b R08: 00018881081eb6cb R09: 0000000000000000
[  210.050255][ T7905] R10: 0001c90002c27a17 R11: 0000000000000008 R12: ffff8881081eb6c8
[  210.058880][ T7905] R13: ffffffff871d40e0 R14: ffff8881081eb680 R15: 0000000000000001
[  210.067410][ T7905] FS:  00007f006e9276c0(0000) GS:ffff8882ae9fa000(0000) knlGS:0000000000000000
[  210.076873][ T7905] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  210.083954][ T7905] CR2: 00007f28c2e18e9c CR3: 0000000113d5c000 CR4: 00000000003506f0
[  210.092439][ T7905] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  210.100922][ T7905] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  210.109439][ T7905] Call Trace:
[  210.112957][ T7905]  <TASK>
[  210.116137][ T7905]  ext4_xattr_inode_dec_ref_all+0x57c/0x8b0
[  210.122413][ T7905]  ? errseq_check+0x2c/0x50
[  210.127238][ T7905]  ext4_xattr_delete_inode+0x6c1/0x7a0
[  210.133105][ T7905]  ? ext4_truncate+0x89f/0xa10
[  210.138284][ T7905]  ext4_evict_inode+0xb16/0xe30
[  210.143492][ T7905]  ? __pfx_ext4_evict_inode+0x10/0x10
[  210.149306][ T7905]  evict+0x2af/0x510
[  210.153497][ T7905]  ? __dquot_initialize+0x146/0x7c0
[  210.159120][ T7905]  iput+0x41a/0x580
[  210.163452][ T7905]  ext4_process_orphan+0x1a9/0x1c0
[  210.168986][ T7905]  ext4_orphan_cleanup+0x69c/0x9f0
[  210.174419][ T7905]  ext4_fill_super+0x3408/0x37c0
[  210.179791][ T7905]  ? set_blocksize+0x14c/0x270
[  210.184941][ T7905]  ? setup_bdev_super+0x30e/0x370
[  210.190353][ T7905]  ? __pfx_ext4_fill_super+0x10/0x10
[  210.196050][ T7905]  get_tree_bdev_flags+0x291/0x300
[  210.201695][ T7905]  ? __pfx_ext4_fill_super+0x10/0x10
[  210.207302][ T7905]  get_tree_bdev+0x1f/0x30
[  210.212113][ T7905]  ext4_get_tree+0x1c/0x30
[  210.216956][ T7905]  vfs_get_tree+0x57/0x1d0
[  210.221870][ T7905]  do_new_mount+0x288/0x8d0
[  210.226720][ T7905]  path_mount+0x4d0/0xbc0
[  210.231485][ T7905]  __se_sys_mount+0x28c/0x2e0
[  210.236554][ T7905]  __x64_sys_mount+0x67/0x80
[  210.241502][ T7905]  x64_sys_call+0x2d61/0x3020
[  210.246593][ T7905]  do_syscall_64+0x12c/0x3b0
[  210.251592][ T7905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.258014][ T7905] RIP: 0033:0x7f006fece0ca
[  210.262793][ T7905] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  210.283574][ T7905] RSP: 002b:00007f006e926e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  210.292528][ T7905] RAX: ffffffffffffffda RBX: 00007f006e926ee0 RCX: 00007f006fece0ca
[  210.301041][ T7905] RDX: 00002000000009c0 RSI: 0000200000000540 RDI: 00007f006e926ea0
[  210.309494][ T7905] RBP: 00002000000009c0 R08: 00007f006e926ee0 R09: 0000000000800718
[  210.318049][ T7905] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000540
[  210.326565][ T7905] R13: 00007f006e926ea0 R14: 000000000000048d R15: 0000200000000200
[  210.335123][ T7905]  </TASK>
[  210.338366][ T7905] ---[ end trace 0000000000000000 ]---
[  210.357110][ T7905] EXT4-fs (loop3): 1 orphan inode deleted
[  210.364399][ T7905] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.401591][ T7922] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1084'.
[  210.509232][ T7927] Failed to initialize the IGMP autojoin socket (err -2)
[  210.566770][ T7926] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1085'.
[  210.583024][ T7926] netlink: 'syz.4.1085': attribute type 15 has an invalid length.
[  210.641440][ T7930] loop4: detected capacity change from 0 to 512
[  210.678211][ T7930] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  210.704535][ T7930] EXT4-fs (loop4): orphan cleanup on readonly fs
[  210.728266][ T7930] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.1085: Block bitmap for bg 0 marked uninitialized
[  210.741467][ T7930] loop4: lost filesystem error report for type 5 error -117
[  210.741655][ T7930] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6679: Corrupt filesystem
[  210.754443][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  210.754466][    C1] EXT4-fs (loop4): initial error at time 526: ext4_read_block_bitmap_nowait:517
[  210.754494][    C1] EXT4-fs (loop4): last error at time 526: ext4_read_block_bitmap_nowait:517
[  210.798853][ T7930] loop4: lost filesystem error report for type 5 error -117
[  210.803188][ T7930] EXT4-fs (loop4): 1 orphan inode deleted
[  210.881251][ T7930] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  210.910325][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.976411][ T7933] loop3: detected capacity change from 0 to 1024
[  210.992999][ T7933] EXT4-fs: Ignoring removed bh option
[  211.023831][ T7933] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.041132][   T28] audit: type=1400 audit(527.164:1343): avc:  denied  { write } for  pid=7932 comm="syz.3.1087" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  211.068768][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.145040][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.203460][ T7937] loop4: detected capacity change from 0 to 1024
[  211.219527][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.240567][ T7937] EXT4-fs: Ignoring removed bh option
[  211.373763][ T7937] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.765658][ T7965] loop2: detected capacity change from 0 to 512
[  211.777414][ T7966] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1096'.
[  211.803556][ T7965] ext4: Unknown parameter 'nouser_xattr'
[  211.937648][   T28] audit: type=1326 audit(528.054:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7967 comm="syz.5.1097" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  211.969619][ T7962] netlink: 'syz.2.1094': attribute type 4 has an invalid length.
[  212.098283][   T28] audit: type=1326 audit(528.094:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7967 comm="syz.5.1097" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  212.276704][   T28] audit: type=1326 audit(528.094:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7967 comm="syz.5.1097" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  212.353942][   T28] audit: type=1326 audit(528.114:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz.5.1097" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f06a7d4d68e code=0x7ffc0000
[  212.401800][   T28] audit: type=1326 audit(528.114:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7967 comm="syz.5.1097" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  212.426638][   T28] audit: type=1326 audit(528.114:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7967 comm="syz.5.1097" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  212.451444][   T28] audit: type=1326 audit(528.124:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7967 comm="syz.5.1097" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  212.476216][   T28] audit: type=1326 audit(528.264:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz.5.1097" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  212.547442][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.631617][ T7980] lo speed is unknown, defaulting to 1000
[  212.642283][ T7980] lo speed is unknown, defaulting to 1000
[  212.684941][ T7980] lo speed is unknown, defaulting to 1000
[  212.697001][ T7980] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -2
[  212.733961][ T7970] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1097'.
[  212.748519][ T7987] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1102'.
[  212.782399][ T7980] lo speed is unknown, defaulting to 1000
[  212.821374][ T7980] lo speed is unknown, defaulting to 1000
[  212.860678][ T7980] lo speed is unknown, defaulting to 1000
[  212.879100][ T7980] lo speed is unknown, defaulting to 1000
[  212.910433][ T7980] lo speed is unknown, defaulting to 1000
[  213.082805][ T7998] loop4: detected capacity change from 0 to 256
[  213.174528][ T8002] loop4: detected capacity change from 0 to 512
[  213.208730][ T8002] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.306900][ T8008] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1108'.
[  213.853689][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.058982][ T8040] loop4: detected capacity change from 0 to 1024
[  214.065814][ T8040] EXT4-fs: inline encryption not supported
[  214.104650][ T8040] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  214.129362][ T8040] EXT4-fs error (device loop4): ext4_map_blocks:791: inode #3: block 2: comm syz.4.1120: lblock 2 mapped to illegal pblock 2 (length 1)
[  214.143374][ T8040] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  214.144183][ T8042] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1121'.
[  214.159940][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  214.159956][    C1] EXT4-fs (loop4): initial error at time 530: ext4_map_blocks:791: inode 3: block 2
[  214.160008][    C1] EXT4-fs (loop4): last error at time 530: ext4_map_blocks:791: inode 3: block 2
[  214.265240][ T8040] EXT4-fs (loop4): Remounting filesystem read-only
[  214.271873][ T8040] EXT4-fs (loop4): 1 orphan inode deleted
[  214.278228][ T8040] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.323363][ T8040] syz.4.1120 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  214.413245][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.750029][ T8058] random: crng reseeded on system resumption
[  215.402413][ T8072] FAULT_INJECTION: forcing a failure.
[  215.402413][ T8072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.468227][ T8072] CPU: 0 UID: 0 PID: 8072 Comm: syz.4.1129 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  215.468266][ T8072] Tainted: [W]=WARN
[  215.468290][ T8072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  215.468306][ T8072] Call Trace:
[  215.468312][ T8072]  <TASK>
[  215.468319][ T8072]  __dump_stack+0x1d/0x30
[  215.468344][ T8072]  dump_stack_lvl+0x95/0xd0
[  215.468370][ T8072]  dump_stack+0x15/0x1b
[  215.468423][ T8072]  should_fail_ex+0x263/0x280
[  215.468460][ T8072]  should_fail+0xb/0x20
[  215.468494][ T8072]  should_fail_usercopy+0x1a/0x20
[  215.468652][ T8072]  _copy_from_user+0x1c/0xb0
[  215.468685][ T8072]  __sys_bpf+0x183/0x7e0
[  215.468741][ T8072]  __x64_sys_bpf+0x41/0x50
[  215.468765][ T8072]  x64_sys_call+0x10cb/0x3020
[  215.468793][ T8072]  do_syscall_64+0x12c/0x3b0
[  215.468830][ T8072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.468884][ T8072] RIP: 0033:0x7f7ba7e6ce59
[  215.468902][ T8072] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  215.468918][ T8072] RSP: 002b:00007f7ba68c7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  215.468939][ T8072] RAX: ffffffffffffffda RBX: 00007f7ba80e5fa0 RCX: 00007f7ba7e6ce59
[  215.468953][ T8072] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  215.468965][ T8072] RBP: 00007f7ba68c7090 R08: 0000000000000000 R09: 0000000000000000
[  215.468975][ T8072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.469052][ T8072] R13: 00007f7ba80e6038 R14: 00007f7ba80e5fa0 R15: 00007ffe5072e6c8
[  215.469102][ T8072]  </TASK>
[  215.825889][ T8077] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1130'.
[  215.855478][ T8077] 8021q: adding VLAN 0 to HW filter on device bond2
[  215.867842][ T8077] 8021q: adding VLAN 0 to HW filter on device bond2
[  215.875191][ T8077] bond2: (slave vti0): The slave device specified does not support setting the MAC address
[  215.886176][ T8077] bond2: (slave vti0): Error -95 calling set_mac_address
[  215.982006][ T8083] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1131'.
[  216.122597][ T8087] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1133'.
[  216.179791][ T8090] loop4: detected capacity change from 0 to 512
[  216.195309][   T28] kauditd_printk_skb: 25 callbacks suppressed
[  216.195333][   T28] audit: type=1400 audit(532.314:1375): avc:  denied  { listen } for  pid=8091 comm="syz.3.1135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  216.236420][ T8090] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  216.261551][   T28] audit: type=1400 audit(532.314:1376): avc:  denied  { ioctl } for  pid=8091 comm="syz.3.1135" path="socket:[17211]" dev="sockfs" ino=17211 ioctlcmd=0x89eb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  216.303150][ T8094] loop3: detected capacity change from 0 to 512
[  216.303416][ T8090] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  216.340404][ T8090] System zones: 1-12
[  216.345143][ T8090] EXT4-fs (loop4): 1 truncate cleaned up
[  216.351232][ T8094] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  216.359898][ T8090] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.372580][ T8094] EXT4-fs (loop3): orphan cleanup on readonly fs
[  216.384181][   T28] audit: type=1400 audit(532.504:1377): avc:  denied  { write } for  pid=8089 comm="syz.4.1134" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  216.417282][ T8094] Quota error (device loop3): v2_read_file_info: Can't read info structure
[  216.438280][   T28] audit: type=1400 audit(532.504:1378): avc:  denied  { write } for  pid=8089 comm="syz.4.1134" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  216.452271][ T8094] EXT4-fs warning (device loop3): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-5, ino=4). Please run e2fsck to fix.
[  216.463968][   T28] audit: type=1400 audit(532.504:1379): avc:  denied  { rename } for  pid=8089 comm="syz.4.1134" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  216.490338][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.496214][ T8094] EXT4-fs (loop3): Cannot turn on quotas: error -5
[  216.512024][ T8094] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1136: bg 0: block 64: padding at end of block bitmap is not set
[  216.526200][ T8094] loop3: lost filesystem error report for type 5 error -117
[  216.526345][ T8094] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6679: Corrupt filesystem
[  216.542359][ T8094] loop3: lost filesystem error report for type 5 error -117
[  216.542750][ T8094] EXT4-fs (loop3): 1 truncate cleaned up
[  216.557354][ T8094] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  216.682564][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.789569][ T8104] loop4: detected capacity change from 0 to 512
[  216.796138][ T8104] EXT4-fs: Ignoring removed nobh option
[  216.902920][ T8104] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #3: comm syz.4.1139: corrupted inode contents
[  216.918276][ T8104] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  216.918868][ T8104] EXT4-fs (loop4): Remounting filesystem read-only
[  216.928541][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  216.928579][    C1] EXT4-fs (loop4): initial error at time 533: ext4_do_update_inode:5690: inode 3
[  216.928613][    C1] EXT4-fs (loop4): last error at time 533: ext4_do_update_inode:5690: inode 3
[  217.053810][ T8110] loop3: detected capacity change from 0 to 2048
[  217.063845][ T8104] Quota error (device loop4): write_blk: dquota write failed
[  217.099660][ T8104] Quota error (device loop4): qtree_write_dquot: Error -30 occurred while creating quota
[  217.127684][ T8104] EXT4-fs (loop4): 1 truncate cleaned up
[  217.131285][ T8110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.146990][ T8104] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.195388][ T8110] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #12: comm syz.3.1140: corrupted in-inode xattr: e_name out of bounds
[  217.339745][ T8110] EXT4-fs (loop3): Remounting filesystem read-only
[  217.428691][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.438385][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.479197][   T28] audit: type=1400 audit(533.594:1380): avc:  denied  { bind } for  pid=8117 comm="syz.3.1142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  217.789310][ T8128] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1146'.
[  217.875476][ T8133] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1148'.
[  217.913308][ T8134] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  217.948875][ T8134] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  217.980629][ T8128] macvlan2: entered promiscuous mode
[  217.991656][ T8128] macvlan2: entered allmulticast mode
[  218.008956][ T8128] bond2: (slave macvlan2): Error -98 calling set_mac_address
[  218.172097][ T8146] Failed to initialize the IGMP autojoin socket (err -2)
[  218.230602][   T28] audit: type=1400 audit(534.354:1381): avc:  denied  { listen } for  pid=8153 comm="syz.1.1154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  218.275061][ T8158] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1155'.
[  218.353668][ T8163] loop4: detected capacity change from 0 to 1024
[  218.375159][ T8163] EXT4-fs: Ignoring removed bh option
[  218.413978][ T8163] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.432218][ T8174] loop3: detected capacity change from 0 to 1024
[  218.480736][ T8174] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  218.509791][ T8182] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1160'.
[  218.526405][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.537878][ T8174] EXT4-fs error (device loop3): ext4_map_blocks:833: inode #15: block 3: comm syz.3.1158: lblock 3 mapped to illegal pblock 3 (length 3)
[  218.552735][ T8174] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  218.565021][ T8174] EXT4-fs (loop3): This should not happen!! Data will be lost
[  218.565021][ T8174] 
[  218.727218][ T8189] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1164'.
[  218.883372][ T8200] loop2: detected capacity change from 0 to 256
[  218.898402][ T8200] msdos: Unknown parameter '/dev/bus/usb/00#/00#'
[  219.950155][   T49] EXT4-fs error (device loop3): ext4_map_blocks:833: inode #15: block 8: comm kworker/u8:3: lblock 8 mapped to illegal pblock 8 (length 8)
[  219.998591][   T49] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  220.013021][ T8203] netlink: 'syz.4.1169': attribute type 8 has an invalid length.
[  220.915568][   T49] EXT4-fs (loop3): This should not happen!! Data will be lost
[  220.915568][   T49] 
[  220.929398][ T3299] EXT4-fs warning (device loop3): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  220.943169][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  221.224760][ T8214] loop2: detected capacity change from 0 to 1024
[  221.237193][ T8214] EXT4-fs: Ignoring removed bh option
[  221.259732][ T8214] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.310416][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.320135][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  221.320149][   T28] audit: type=1400 audit(537.404:1388): avc:  denied  { write } for  pid=8213 comm="syz.2.1172" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  221.450741][ T8225] loop2: detected capacity change from 0 to 512
[  221.475458][ T8225] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.1174: bad orphan inode 15
[  221.485715][ T8225] loop2: lost filesystem error report for type 5 error -117
[  221.485923][ T8225] ext4_test_bit(bit=14, block=18) = 1
[  221.493255][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  221.493274][    C0] EXT4-fs (loop2): initial error at time 537: ext4_orphan_get:1423
[  221.493296][    C0] EXT4-fs (loop2): last error at time 537: ext4_orphan_get:1423
[  221.521058][ T8225] is_bad_inode(inode)=0
[  221.525247][ T8225] NEXT_ORPHAN(inode)=1023
[  221.529614][ T8225] max_ino=32
[  221.532823][ T8225] i_nlink=0
[  221.536043][ T8225] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2972: inode #15: comm syz.2.1174: corrupted xattr block 19: invalid header
[  221.563154][ T8225] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  221.565684][ T8225] EXT4-fs warning (device loop2): ext4_evict_inode:287: xattr delete (err -117)
[  221.606293][ T8225] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  221.638954][ T8225] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1174: bg 0: block 449: padding at end of block bitmap is not set
[  221.649057][   T28] audit: type=1400 audit(537.764:1389): avc:  denied  { write } for  pid=8224 comm="syz.2.1174" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  221.675515][ T8225] EXT4-fs error (device loop2): ext4_find_dest_de:2050: inode #2: block 3: comm syz.2.1174: bad entry in directory: directory entry overrun - offset=60, inode=458767, rec_len=4096, size=4096 fake=0
[  221.689753][   T28] audit: type=1400 audit(537.804:1390): avc:  denied  { write } for  pid=8224 comm="syz.2.1174" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  221.716991][ T8225] netlink: 'syz.2.1174': attribute type 5 has an invalid length.
[  221.723998][   T28] audit: type=1400 audit(537.804:1391): avc:  denied  { write } for  pid=8224 comm="syz.2.1174" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  221.778189][   T28] audit: type=1400 audit(537.804:1392): avc:  denied  { write } for  pid=8224 comm="syz.2.1174" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  221.803298][ T8236] loop3: detected capacity change from 0 to 512
[  221.810774][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  221.824999][ T8236] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  221.835389][ T8236] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  221.888597][ T8236] EXT4-fs (loop3): Errors on filesystem, clearing orphan list.
[  221.896550][ T8236] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.923389][   T28] audit: type=1400 audit(538.044:1393): avc:  denied  { write } for  pid=8235 comm="syz.3.1178" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  221.979885][   T28] audit: type=1400 audit(538.044:1394): avc:  denied  { append } for  pid=8235 comm="syz.3.1178" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  222.013649][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.162902][ T8251] loop2: detected capacity change from 0 to 512
[  222.181025][ T8251] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  222.191117][ T8255] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1184'.
[  222.227445][ T8251] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  222.261917][ T8251] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.1185: bad orphan inode 13
[  222.323212][ T8251] loop2: lost filesystem error report for type 5 error -117
[  222.325398][ T8251] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.614682][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.681453][ T8274] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1188'.
[  222.727260][ T8284] loop4: detected capacity change from 0 to 2048
[  222.739373][ T8284] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.753181][ T8284] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #12: comm syz.4.1198: corrupted in-inode xattr: e_name out of bounds
[  222.767207][ T8284] EXT4-fs (loop4): Remounting filesystem read-only
[  222.807329][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.824873][ T8288] loop2: detected capacity change from 0 to 2048
[  222.915677][ T8288] EXT4-fs: Ignoring removed bh option
[  222.924385][ T8288] EXT4-fs (loop2): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  222.940048][ T8288] EXT4-fs (loop2): changing journal_checksum during remount not supported; ignoring
[  222.950072][ T8288] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  223.164147][ T8312] netlink: 'syz.2.1205': attribute type 3 has an invalid length.
[  223.174205][ T8312] netlink: 'syz.2.1205': attribute type 4 has an invalid length.
[  223.188224][ T8312] netlink: 9067 bytes leftover after parsing attributes in process `syz.2.1205'.
[  223.216379][ T8312] loop2: detected capacity change from 0 to 1024
[  223.230741][ T8312] EXT4-fs: Ignoring removed bh option
[  223.237786][ T8312] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  223.262692][ T8324] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1209'.
[  223.284193][   T28] audit: type=1400 audit(539.404:1395): avc:  denied  { write } for  pid=8311 comm="syz.2.1205" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  223.318722][   T28] audit: type=1400 audit(539.434:1396): avc:  denied  { mounton } for  pid=8311 comm="syz.2.1205" path="/206/file1/bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  223.353199][   T28] audit: type=1400 audit(539.474:1397): avc:  denied  { write } for  pid=8329 comm="syz.4.1211" name="usbmon9" dev="devtmpfs" ino=169 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  223.494131][ T8312] loop2: detected capacity change from 1024 to 0
[  223.508568][   T12] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:5008: inode #18: block 9: comm kworker/u8:0: unable to read itable block
[  223.529821][   T12] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[  223.549517][   T12] EXT4-fs (loop2): I/O error while writing superblock
[  223.565173][   T12] EXT4-fs (loop2): Remounting filesystem read-only
[  223.572727][ T8327] Buffer I/O error on dev loop2, logical block 64, lost sync page write
[  223.601416][ T8342] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1216'.
[  223.683285][ T8348] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1218'.
[  223.701327][ T8346] bond0: option primary_reselect: invalid value (254)
[  223.725410][ T8346] bond0 (unregistering): Released all slaves
[  223.877320][ T8360] loop2: detected capacity change from 0 to 512
[  223.906388][ T8360] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  223.919220][ T8360] EXT4-fs (loop2): 1 truncate cleaned up
[  224.021612][ T8369] ip6gretap1: entered promiscuous mode
[  224.027394][ T8369] ip6gretap1: entered allmulticast mode
[  224.149937][ T8386] FAULT_INJECTION: forcing a failure.
[  224.149937][ T8386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.157206][ T8387] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1233'.
[  224.175473][ T8386] CPU: 1 UID: 0 PID: 8386 Comm: syz.3.1232 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  224.175504][ T8386] Tainted: [W]=WARN
[  224.175510][ T8386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  224.175521][ T8386] Call Trace:
[  224.175526][ T8386]  <TASK>
[  224.175589][ T8386]  __dump_stack+0x1d/0x30
[  224.175626][ T8386]  dump_stack_lvl+0x95/0xd0
[  224.175648][ T8386]  dump_stack+0x15/0x1b
[  224.175664][ T8386]  should_fail_ex+0x263/0x280
[  224.175693][ T8386]  should_fail+0xb/0x20
[  224.175740][ T8386]  should_fail_usercopy+0x1a/0x20
[  224.175773][ T8386]  _copy_from_iter+0xcf/0xea0
[  224.175886][ T8386]  ? __tsan_read4+0xb7/0x190
[  224.175940][ T8386]  ? __alloc_skb+0x4f6/0x690
[  224.175958][ T8386]  ? __alloc_skb+0x200/0x690
[  224.175976][ T8386]  netlink_sendmsg+0x4ae/0x6f0
[  224.176079][ T8386]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.176107][ T8386]  ____sys_sendmsg+0x563/0x5b0
[  224.176134][ T8386]  ___sys_sendmsg+0x195/0x1e0
[  224.176245][ T8386]  __x64_sys_sendmsg+0xd4/0x160
[  224.176270][ T8386]  x64_sys_call+0x194c/0x3020
[  224.176292][ T8386]  do_syscall_64+0x12c/0x3b0
[  224.176321][ T8386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.176344][ T8386] RIP: 0033:0x7f006fecce59
[  224.176358][ T8386] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  224.176375][ T8386] RSP: 002b:00007f006e927028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.176450][ T8386] RAX: ffffffffffffffda RBX: 00007f0070145fa0 RCX: 00007f006fecce59
[  224.176463][ T8386] RDX: 0000000004004080 RSI: 0000200000000280 RDI: 0000000000000003
[  224.176475][ T8386] RBP: 00007f006e927090 R08: 0000000000000000 R09: 0000000000000000
[  224.176486][ T8386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.176561][ T8386] R13: 00007f0070146038 R14: 00007f0070145fa0 R15: 00007ffcd728f228
[  224.176579][ T8386]  </TASK>
[  224.419149][ T8393] loop4: detected capacity change from 0 to 1024
[  224.535586][ T8401] netlink: 'syz.1.1237': attribute type 1 has an invalid length.
[  224.543818][ T8401] netlink: 'syz.1.1237': attribute type 2 has an invalid length.
[  224.557447][ T8399] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1235'.
[  224.567561][ T8393] Failed to initialize the IGMP autojoin socket (err -2)
[  224.633270][ T8404] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1238'.
[  224.751655][ T8407] netlink: 'syz.2.1236': attribute type 1 has an invalid length.
[  224.759500][ T8407] netlink: 112865 bytes leftover after parsing attributes in process `syz.2.1236'.
[  225.684437][ T8417] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1241'.
[  225.752997][ T8421] netlink: 200 bytes leftover after parsing attributes in process `syz.4.1243'.
[  225.849877][ T8428] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1246'.
[  226.100449][ T8441] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1251'.
[  226.438456][ T8460] kernel profiling enabled (shift: 17)
[  226.484630][ T8460] batadv0: entered promiscuous mode
[  226.502069][ T8460] 8021q: adding VLAN 0 to HW filter on device batadv0
[  226.539563][ T8463] set_capacity_and_notify: 2 callbacks suppressed
[  226.539579][ T8463] loop2: detected capacity change from 0 to 1024
[  226.578217][ T8463] EXT4-fs: dax option not supported
[  226.663034][ T8468] loop4: detected capacity change from 0 to 2048
[  226.694513][ T8468] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #12: comm syz.4.1260: corrupted in-inode xattr: e_name out of bounds
[  226.736227][ T8468] EXT4-fs (loop4): Remounting filesystem read-only
[  226.863153][ T8435] syz.5.1248 (8435) used greatest stack depth: 8888 bytes left
[  227.322183][ T8512] loop2: detected capacity change from 0 to 2048
[  227.336254][ T8520] loop4: detected capacity change from 0 to 1024
[  227.346494][ T8520] EXT4-fs: test_dummy_encryption option not supported
[  227.441338][ T8524] netlink: 'syz.5.1279': attribute type 1 has an invalid length.
[  227.521013][ T8524] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.550308][ T8512] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #12: comm syz.2.1276: corrupted in-inode xattr: e_name out of bounds
[  227.568429][ T8528] netlink: 'syz.4.1278': attribute type 15 has an invalid length.
[  227.578523][ T8512] EXT4-fs (loop2): Remounting filesystem read-only
[  227.594985][ T8528] loop4: detected capacity change from 0 to 512
[  227.617107][ T8528] EXT4-fs (loop4): 1 orphan inode deleted
[  227.628552][   T30] __quota_error: 178 callbacks suppressed
[  227.628568][   T30] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  227.680193][   T30] EXT4-fs error (device loop4): ext4_release_dquot:7070: comm kworker/u8:1: Failed to release dquot type 1
[  227.743406][ T8534] loop2: detected capacity change from 0 to 512
[  227.749959][ T8534] EXT4-fs: Ignoring removed nobh option
[  227.755668][ T8534] EXT4-fs: Ignoring removed nomblk_io_submit option
[  227.785667][ T8534] EXT4-fs: Ignoring removed bh option
[  227.792042][ T8534] EXT4-fs: Ignoring removed oldalloc option
[  227.801057][ T8534] EXT4-fs (loop2): filesystem is read-only
[  227.807420][ T8534] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  227.821899][ T8534] EXT4-fs (loop2): filesystem is read-only
[  227.834465][ T8534] EXT4-fs (loop2): orphan cleanup on readonly fs
[  227.848049][ T8534] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1280: bg 0: block 64: padding at end of block bitmap is not set
[  227.867016][ T8534] loop2: lost filesystem error report for type 5 error -117
[  227.867147][ T8534] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6679: Corrupt filesystem
[  227.874921][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  227.874955][    C1] EXT4-fs (loop2): initial error at time 543: ext4_validate_block_bitmap:441
[  227.875011][    C1] EXT4-fs (loop2): last error at time 543: ext4_validate_block_bitmap:441
[  227.909779][ T8534] loop2: lost filesystem error report for type 5 error -117
[  227.909994][ T8534] EXT4-fs (loop2): 1 orphan inode deleted
[  228.029418][ T8544] loop2: detected capacity change from 0 to 4096
[  228.047765][ T8544] EXT4-fs: Ignoring removed mblk_io_submit option
[  228.063908][ T8544] EXT4-fs: test_dummy_encryption option not supported
[  228.218670][ T3304] EXT4-fs unmount: 17 callbacks suppressed
[  228.218702][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.240005][   T28] audit: type=1400 audit(544.364:1576): avc:  denied  { unmount } for  pid=3305 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  228.629414][ T8555] loop2: detected capacity change from 0 to 256
[  229.394874][   T28] audit: type=1326 audit(545.514:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8553 comm="syz.4.1287" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  229.427036][ T8554] loop4: detected capacity change from 0 to 512
[  229.484906][ T8554] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.534819][   T28] audit: type=1326 audit(545.514:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8553 comm="syz.4.1287" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  229.664705][   T28] audit: type=1326 audit(545.544:1579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8553 comm="syz.4.1287" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  229.787809][   T28] audit: type=1326 audit(545.544:1580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8553 comm="syz.4.1287" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  229.946659][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.006462][   T28] audit: type=1326 audit(545.544:1581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8553 comm="syz.4.1287" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  230.106935][   T28] audit: type=1326 audit(545.544:1582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8553 comm="syz.4.1287" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  230.142282][ T8568] __nla_validate_parse: 9 callbacks suppressed
[  230.142297][ T8568] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1291'.
[  230.241260][   T28] audit: type=1326 audit(545.544:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8553 comm="syz.4.1287" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7ba7e6cbc2 code=0x7ffc0000
[  230.386090][   T28] audit: type=1326 audit(545.544:1584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8553 comm="syz.4.1287" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7ba7e2d68e code=0x7ffc0000
[  230.655611][ T8582] loop3: detected capacity change from 0 to 512
[  230.703108][ T8582] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.875497][ T8591] EXT4-fs: test_dummy_encryption option not supported
[  231.046580][ T8600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1301'.
[  231.191218][ T8606] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.227054][ T8606] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #12: comm syz.2.1304: corrupted in-inode xattr: e_name out of bounds
[  231.296161][ T8606] EXT4-fs (loop2): Remounting filesystem read-only
[  231.376657][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.494892][ T8619] EXT4-fs: Ignoring removed mblk_io_submit option
[  231.549754][ T8619] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.646884][ T8629] program syz.2.1306 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  232.359283][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.771322][ T8665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1322'.
[  232.960458][ T8671] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1324'.
[  233.183851][ T8673] set_capacity_and_notify: 3 callbacks suppressed
[  233.183867][ T8673] loop2: detected capacity change from 0 to 8192
[  233.243502][ T8673] Failed to initialize the IGMP autojoin socket (err -2)
[  233.558403][ T8430] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  233.783738][ T8686] Failed to initialize the IGMP autojoin socket (err -2)
[  233.836320][ T8690] netlink: 'syz.1.1330': attribute type 1 has an invalid length.
[  233.887042][ T8690] netlink: 'syz.1.1330': attribute type 2 has an invalid length.
[  234.186200][ T8701] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1334'.
[  234.203487][ T8703] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1335'.
[  234.333652][ T8707] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1337'.
[  234.878184][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.030973][ T8735] SELinux:  policydb table sizes (0,0) do not match mine (6,6)
[  235.061824][ T8735] SELinux: failed to load policy
[  235.162237][ T8744] Failed to initialize the IGMP autojoin socket (err -2)
[  235.455278][ T8756] netlink: 'syz.4.1356': attribute type 2 has an invalid length.
[  235.548339][ T8760] veth0_to_bridge: entered promiscuous mode
[  235.556978][ T8752] loop3: detected capacity change from 0 to 32768
[  235.612419][ T8752]  loop3: p1 p2 p3 < p5 p6 >
[  235.625166][ T8752] loop3: p2 size 16775168 extends beyond EOD, truncated
[  235.643925][ T8752] loop3: p5 start 4294970168 is beyond EOD, truncated
[  235.799677][ T8774] netlink: 'syz.2.1364': attribute type 5 has an invalid length.
[  235.831926][ T8774] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1364'.
[  235.859086][   T28] kauditd_printk_skb: 56 callbacks suppressed
[  235.859111][   T28] audit: type=1326 audit(551.984:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.4.1365" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  235.920053][ T7563] udevd[7563]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  235.931115][ T7761] udevd[7761]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  235.942295][ T8594] udevd[8594]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  235.961925][ T8777] udevd[8777]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[  235.986545][   T28] audit: type=1326 audit(552.014:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.4.1365" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  236.119417][   T28] audit: type=1326 audit(552.014:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.4.1365" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  236.144365][   T28] audit: type=1326 audit(552.014:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.4.1365" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  236.199459][   T28] audit: type=1326 audit(552.024:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.4.1365" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  236.247072][   T28] audit: type=1326 audit(552.024:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.4.1365" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  236.281326][   T28] audit: type=1326 audit(552.024:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.4.1365" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  236.306364][   T28] audit: type=1326 audit(552.024:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.4.1365" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  236.337063][   T28] audit: type=1326 audit(552.024:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.4.1365" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  236.364381][   T28] audit: type=1326 audit(552.024:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8775 comm="syz.4.1365" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba7e6ce59 code=0x7ffc0000
[  236.398578][ T8794] loop2: detected capacity change from 0 to 256
[  236.481950][ T8794] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  236.565770][ T8804] loop3: detected capacity change from 0 to 2048
[  236.692322][ T8804] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.724099][ T8804] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #12: comm syz.3.1376: corrupted in-inode xattr: e_name out of bounds
[  236.966657][ T8804] EXT4-fs (loop3): Remounting filesystem read-only
[  237.138867][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.290015][ T8825] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1379'.
[  237.480962][ T8829] 9pnet_fd: Insufficient options for proto=fd
[  237.612364][ T8816] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1378'.
[  237.930666][ T8848] tipc: Started in network mode
[  237.986767][ T8848] tipc: Node identity ac1414aa, cluster identity 4711
[  238.024136][ T8848] tipc: Enabling of bearer <udp:{yz2> rejected, failed to enable media
[  238.083051][ T8856] batadv_slave_0: entered promiscuous mode
[  238.132665][ T8855] batadv_slave_0: left promiscuous mode
[  238.194116][ T8861] loop2: detected capacity change from 0 to 512
[  238.229817][ T8861] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  238.396044][ T8861] EXT4-fs (loop2): 1 truncate cleaned up
[  238.417806][ T8861] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.877388][ T8875] loop3: detected capacity change from 0 to 512
[  238.906661][ T8875] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  238.918283][ T8875] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[  238.928419][ T8875] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.1395: Corrupt directory, running e2fsck is recommended
[  238.946747][ T8875] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  238.956384][ T8875] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.1395: corrupted in-inode xattr: e_name out of bounds
[  238.970267][ T8875] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  238.971216][ T8875] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.1395: couldn't read orphan inode 15 (err -117)
[  238.980364][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  238.980382][    C0] EXT4-fs (loop3): initial error at time 555: ext4_iget_extra_inode:5128: inode 15
[  238.980435][    C0] EXT4-fs (loop3): last error at time 555: ext4_iget_extra_inode:5128: inode 15
[  239.017282][ T8875] loop3: lost filesystem error report for type 5 error -117
[  239.019314][ T8875] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.041552][ T8875] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  239.053072][ T8875] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[  239.063291][ T8875] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.1395: Corrupt directory, running e2fsck is recommended
[  239.290223][ T8861] rdma_rxe: Failed to create IPv4 UDP tunnel
[  239.406930][ T8889] Failed to initialize the IGMP autojoin socket (err -2)
[  239.437934][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.819778][ T8916] 9p: Bad value for 'wfdno'
[  240.938724][ T8918] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1412'.
[  240.957315][ T3299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.062320][ T8922] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1410'.
[  241.096136][ T8924] loop4: detected capacity change from 0 to 2048
[  241.150991][ T8924] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.363883][ T8924] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #12: comm syz.4.1414: corrupted in-inode xattr: e_name out of bounds
[  241.804866][ T8924] EXT4-fs (loop4): Remounting filesystem read-only
[  241.913562][ T8932] random: crng reseeded on system resumption
[  242.025357][ T8947] loop3: detected capacity change from 0 to 512
[  242.070680][ T8947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.083932][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.129824][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  242.129837][   T28] audit: type=1400 audit(558.254:1672): avc:  denied  { connect } for  pid=8946 comm="syz.3.1422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  242.174481][   T28] audit: type=1400 audit(558.294:1673): avc:  denied  { setopt } for  pid=8956 comm="syz.5.1425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  242.232118][ T3299] EXT4-fs error (device loop3): ext4_readdir:225: inode #11: comm syz-executor: path /270/file0/lost+found: directory fails checksum at offset 4096
[  242.250877][   T28] audit: type=1400 audit(558.374:1674): avc:  denied  { write } for  pid=3299 comm="syz-executor" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  242.274700][ T3299] EXT4-fs error (device loop3): ext4_empty_dir:3114: inode #11: block 4: comm syz-executor: Directory block failed checksum
[  242.292470][ T3299] EXT4-fs error (device loop3): ext4_readdir:225: inode #11: comm syz-executor: path /270/file0/lost+found: directory fails checksum at offset 4096
[  242.311663][   T28] audit: type=1400 audit(558.394:1675): avc:  denied  { rmdir } for  pid=3299 comm="syz-executor" name="lost+found" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  242.358090][ T3299] EXT4-fs error (device loop3): ext4_empty_dir:3114: inode #11: block 4: comm syz-executor: Directory block failed checksum
[  242.372323][   T28] audit: type=1400 audit(558.474:1676): avc:  denied  { write } for  pid=3299 comm="syz-executor" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  242.394861][ T8968] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1430'.
[  242.396568][ T3299] EXT4-fs error (device loop3): ext4_readdir:225: inode #11: comm syz-executor: path /270/file0/lost+found: directory fails checksum at offset 4096
[  242.404596][ T8966] loop4: detected capacity change from 0 to 2048
[  242.419493][   T28] audit: type=1400 audit(558.544:1677): avc:  denied  { write } for  pid=3299 comm="syz-executor" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  242.436306][ T8968] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1430'.
[  242.456078][ T3299] EXT4-fs error (device loop3): ext4_empty_dir:3114: inode #11: block 4: comm syz-executor: Directory block failed checksum
[  242.474333][ T3299] EXT4-fs error (device loop3): ext4_readdir:225: inode #11: comm syz-executor: path /270/file0/lost+found: directory fails checksum at offset 4096
[  242.489690][   T28] audit: type=1400 audit(558.614:1678): avc:  denied  { write } for  pid=3299 comm="syz-executor" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  242.518127][ T3299] EXT4-fs error (device loop3): ext4_empty_dir:3114: inode #11: block 4: comm syz-executor: Directory block failed checksum
[  242.519005][ T8966] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.545889][ T3299] EXT4-fs error (device loop3): ext4_readdir:225: inode #11: comm syz-executor: path /270/file0/lost+found: directory fails checksum at offset 4096
[  242.562841][   T28] audit: type=1400 audit(558.684:1679): avc:  denied  { write } for  pid=3299 comm="syz-executor" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  242.584109][ T3299] EXT4-fs error (device loop3): ext4_empty_dir:3114: inode #11: block 4: comm syz-executor: Directory block failed checksum
[  242.598916][   T28] audit: type=1400 audit(558.724:1680): avc:  denied  { write } for  pid=3299 comm="syz-executor" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  242.620616][ T8966] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #12: comm syz.4.1429: corrupted in-inode xattr: e_name out of bounds
[  242.621203][ T8966] EXT4-fs (loop4): Remounting filesystem read-only
[  242.646008][   T28] audit: type=1400 audit(558.724:1681): avc:  denied  { write } for  pid=3299 comm="syz-executor" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  242.707608][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.932398][ T7125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.085804][   T30] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  243.172630][ T8991] netlink: 'syz.4.1439': attribute type 1 has an invalid length.
[  243.189623][ T8991] netlink: 'syz.4.1439': attribute type 2 has an invalid length.
[  243.300425][ T9007] loop2: detected capacity change from 0 to 512
[  243.314436][   T30] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  243.418279][ T8992] Failed to initialize the IGMP autojoin socket (err -2)
[  243.526613][   T30] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  243.651121][   T30] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  243.694860][ T9025] loop4: detected capacity change from 0 to 512
[  243.712266][ T9025] EXT4-fs (loop4): bad s_min_extra_isize: 65535
[  243.856033][ T9036] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1450'.
[  243.919406][ T8992] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.934261][ T8992] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.942244][ T8992] bridge_slave_0: entered allmulticast mode
[  243.971577][ T8992] bridge_slave_0: entered promiscuous mode
[  244.024587][ T8992] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.035035][ T8992] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.042813][ T8992] bridge_slave_1: entered allmulticast mode
[  244.050119][ T8992] bridge_slave_1: entered promiscuous mode
[  244.067021][   T30] bridge_slave_1: left allmulticast mode
[  244.079276][   T30] bridge_slave_1: left promiscuous mode
[  244.101835][   T30] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.132392][   T30] bridge_slave_0: left allmulticast mode
[  244.142460][   T30] bridge_slave_0: left promiscuous mode
[  244.148668][   T30] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.288466][   T30] bond0 (unregistering): Released all slaves
[  244.297284][   T30] bond1 (unregistering): Released all slaves
[  244.305964][   T30] bond2 (unregistering): Released all slaves
[  244.354870][ T9067] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1457'.
[  244.367592][ T9056] netlink: 'syz.5.1453': attribute type 1 has an invalid length.
[  244.379909][ T9056] netlink: 'syz.5.1453': attribute type 2 has an invalid length.
[  244.508465][ T8992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.524952][ T9081] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1459'.
[  244.593950][ T9084] loop4: detected capacity change from 0 to 512
[  244.731310][ T9084] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  244.742820][ T9084] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[  244.753005][ T9084] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.1458: Corrupt directory, running e2fsck is recommended
[  244.767846][ T9084] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  244.776094][ T9084] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #15: comm syz.4.1458: corrupted in-inode xattr: e_name out of bounds
[  244.789933][ T9084] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  244.819640][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  244.836024][    C1] EXT4-fs (loop4): initial error at time 560: ext4_iget_extra_inode:5128: inode 15
[  244.845883][    C1] EXT4-fs (loop4): last error at time 560: ext4_iget_extra_inode:5128: inode 15
[  244.856538][ T9084] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.1458: couldn't read orphan inode 15 (err -117)
[  244.869186][ T9084] loop4: lost filesystem error report for type 5 error -117
[  244.872819][ T9084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.899167][ T9084] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  244.911423][ T9084] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[  244.922241][ T9084] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.1458: Corrupt directory, running e2fsck is recommended
[  245.084109][ T8992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  245.150958][   T30] tipc: Left network mode
[  245.235194][ T8992] smc: adding net device veth1_to_team with user defined pnetid S
[  245.356324][ T9091] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1462'.
[  245.470456][   T30] hsr_slave_0: left promiscuous mode
[  245.488745][ T9090] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  245.518270][   T30] hsr_slave_1: left promiscuous mode
[  245.581835][ T9106] loop2: detected capacity change from 0 to 512
[  245.629355][ T9106] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  245.670488][   T30] team0 (unregistering): Port device team_slave_1 removed
[  245.681862][ T9106] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  245.682115][   T30] team0 (unregistering): Port device team_slave_0 removed
[  245.699080][ T9106] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.1464: corrupted in-inode xattr: overlapping e_value 
[  245.717437][ T9106] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  245.717694][ T9106] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1464: couldn't read orphan inode 15 (err -117)
[  245.727359][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  245.727372][    C1] EXT4-fs (loop2): initial error at time 561: ext4_iget_extra_inode:5128: inode 15
[  245.727410][    C1] EXT4-fs (loop2): last error at time 561: ext4_iget_extra_inode:5128: inode 15
[  245.783968][ T9106] loop2: lost filesystem error report for type 5 error -117
[  245.784836][ T9106] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  245.839532][ T8992] team0: Port device team_slave_0 added
[  245.866496][ T8992] team0: Port device team_slave_1 added
[  245.874640][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.935772][ T8992] batman_adv: batadv0: Adding interface: batadv_slave_0
[  245.944387][ T8992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  245.972187][ T8992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  245.993162][ T8992] batman_adv: batadv0: Adding interface: batadv_slave_1
[  246.000649][ T8992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  246.028545][ T8992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  246.126655][ T8992] hsr_slave_0: entered promiscuous mode
[  246.139595][ T8992] hsr_slave_1: entered promiscuous mode
[  246.146130][ T8992] debugfs: 'hsr0' already exists in 'hsr'
[  246.152644][ T8992] Cannot create hsr debugfs directory
[  246.370840][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.449890][ T9126] loop4: detected capacity change from 0 to 1024
[  246.494547][ T9126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  246.542015][ T9126] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1467: bg 0: block 112: padding at end of block bitmap is not set
[  246.542800][ T9136] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1470'.
[  246.578752][ T8992] netdevsim netdevsim6 netdevsim0: renamed from eth9
[  246.585542][ T9126] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 1 with error 28
[  246.602088][ T9126] EXT4-fs (loop4): This should not happen!! Data will be lost
[  246.602088][ T9126] 
[  246.612318][ T9126] EXT4-fs (loop4): Total free blocks count 0
[  246.618726][ T9126] EXT4-fs (loop4): Free/Dirty block details
[  246.626800][ T8992] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  246.633887][ T9126] EXT4-fs (loop4): free_blocks=0
[  246.641570][ T8992] netdevsim netdevsim6 netdevsim1: renamed from eth10
[  246.663804][ T9126] EXT4-fs (loop4): dirty_blocks=16
[  246.671477][ T9126] EXT4-fs (loop4): Block reservation details
[  246.677589][ T9126] EXT4-fs (loop4): i_reserved_data_blocks=1
[  246.714545][ T8992] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  246.732295][ T8992] netdevsim netdevsim6 netdevsim2: renamed from eth11
[  246.743215][ T8992] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  246.751263][ T8992] netdevsim netdevsim6 netdevsim3: renamed from eth12
[  246.771360][ T8992] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  246.780454][ T6727] EXT4-fs error (device loop4): ext4_map_blocks:833: inode #15: comm kworker/u8:14: lblock 0 mapped to illegal pblock 0 (length 1)
[  246.794792][ T6727] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  246.815005][ T3304] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  246.826269][ T9138] netlink: 'syz.2.1471': attribute type 1 has an invalid length.
[  246.844785][ T9138] netlink: 'syz.2.1471': attribute type 2 has an invalid length.
[  246.909157][ T9159] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1474'.
[  247.000001][ T8992] 8021q: adding VLAN 0 to HW filter on device team0
[  247.010981][ T9165] loop2: detected capacity change from 0 to 4096
[  247.017779][ T9165] EXT4-fs: Ignoring removed mblk_io_submit option
[  247.029050][ T6724] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.036296][ T6724] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.046211][ T9165] EXT4-fs: test_dummy_encryption option not supported
[  247.067574][ T9176] loop4: detected capacity change from 0 to 764
[  247.075817][ T9177] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1482'.
[  247.107735][ T9176] rock: directory entry would overflow storage
[  247.116170][ T9176] rock: sig=0x5245, size=8, remaining=5
[  247.122981][ T6722] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.130051][ T6722] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.199408][ T9180] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1483'.
[  247.330499][ T9197] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1487'.
[  247.351797][ T8992] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.369755][ T9197] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1487'.
[  247.403196][ T9207] netlink: 180 bytes leftover after parsing attributes in process `syz.4.1489'.
[  247.423954][ T9207] vti0: entered promiscuous mode
[  247.430963][   T28] kauditd_printk_skb: 102 callbacks suppressed
[  247.430977][   T28] audit: type=1400 audit(563.554:1784): avc:  denied  { create } for  pid=9206 comm="syz.4.1489" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  247.649402][ T9212] loop6: detected capacity change from 0 to 8
[  247.660662][    C0] critical medium error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  247.671518][    C1] critical medium error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.681740][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.689723][    C1] critical medium error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.699914][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.860738][    C0] critical medium error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.870981][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.889100][    C1] critical medium error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.899289][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  248.625427][    C1] critical medium error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  248.636210][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  248.645474][ T9212]  loop6: unable to read partition table
[  248.859980][ T9221] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1491'.
[  248.894952][   T28] audit: type=1400 audit(565.014:1785): avc:  denied  { getopt } for  pid=9206 comm="syz.4.1489" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  248.895346][ T9212] loop_reread_partitions: partition scan of loop6 (ÄNùh*h‘…ÿìžÝ×pਸ਼ "ýo§æ?<í¯ÊºöÙXDˆÚ
bÔÌp0ìO{š¸›>.) failed (rc=-5)
[  249.015303][    C1] critical medium error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  249.026226][    C1] critical medium error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.036401][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  249.048461][    C1] critical medium error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.058684][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  249.068385][    C1] critical medium error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.078586][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  249.145083][ T8992] veth0_vlan: entered promiscuous mode
[  249.152879][ T8992] veth1_vlan: entered promiscuous mode
[  249.164671][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  249.173281][ T9207]  loop6: unable to read partition table
[  249.189379][ T9207] loop_reread_partitions: partition scan of loop6 (ÄNùh*h‘…ÿìžÝ×pਸ਼ "ýo§æ?<í¯ÊºöÙXDˆÚ
bÔÌp0ìO{š¸›>.) failed (rc=-5)
[  249.206614][ T9230] FAULT_INJECTION: forcing a failure.
[  249.206614][ T9230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.219742][ T9230] CPU: 1 UID: 0 PID: 9230 Comm: syz.2.1493 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  249.219776][ T9230] Tainted: [W]=WARN
[  249.219783][ T9230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  249.219795][ T9230] Call Trace:
[  249.219863][ T9230]  <TASK>
[  249.219869][ T9230]  __dump_stack+0x1d/0x30
[  249.219891][ T9230]  dump_stack_lvl+0x95/0xd0
[  249.219914][ T9230]  dump_stack+0x15/0x1b
[  249.219935][ T9230]  should_fail_ex+0x263/0x280
[  249.219962][ T9230]  should_fail+0xb/0x20
[  249.220038][ T9230]  should_fail_usercopy+0x1a/0x20
[  249.220072][ T9230]  _copy_to_user+0x20/0xa0
[  249.220107][ T9230]  simple_read_from_buffer+0xb5/0x130
[  249.220249][ T9230]  proc_fail_nth_read+0x10e/0x150
[  249.220282][ T9230]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  249.220350][ T9230]  vfs_read+0x1ab/0x7f0
[  249.220437][ T9230]  ? __rcu_read_unlock+0x4e/0x70
[  249.220455][ T9230]  ? __fget_files+0x184/0x1c0
[  249.220472][ T9230]  ? mutex_lock+0x57/0x90
[  249.220511][ T9230]  ksys_read+0xdc/0x1a0
[  249.220612][ T9230]  __x64_sys_read+0x40/0x50
[  249.220636][ T9230]  x64_sys_call+0x2886/0x3020
[  249.220657][ T9230]  do_syscall_64+0x12c/0x3b0
[  249.220683][ T9230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.220737][ T9230] RIP: 0033:0x7f58f6cdd68e
[  249.220755][ T9230] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  249.220792][ T9230] RSP: 002b:00007f58f576efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  249.220871][ T9230] RAX: ffffffffffffffda RBX: 00007f58f576f6c0 RCX: 00007f58f6cdd68e
[  249.220921][ T9230] RDX: 000000000000000f RSI: 00007f58f576f0a0 RDI: 0000000000000003
[  249.220931][ T9230] RBP: 00007f58f576f090 R08: 0000000000000000 R09: 0000000000000000
[  249.221020][ T9230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.221030][ T9230] R13: 00007f58f6f96038 R14: 00007f58f6f95fa0 R15: 00007fff1182f788
[  249.221066][ T9230]  </TASK>
[  249.477866][ T8992] veth0_macvtap: entered promiscuous mode
[  249.486738][ T8992] veth1_macvtap: entered promiscuous mode
[  249.503638][ T8992] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.514011][ T8992] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.586264][ T8992] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  249.603305][ T8992] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  249.653429][ T8992] wireguard: wg0: Could not create IPv4 socket
[  249.672890][ T8992] wireguard: wg1: Could not create IPv4 socket
[  249.720765][ T8992] wireguard: wg2: Could not create IPv4 socket
[  249.876562][ T9245] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1496'.
[  249.969378][ T9250] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1497'.
[  249.987690][   T28] audit: type=1400 audit(566.094:1786): avc:  denied  { append } for  pid=9249 comm="syz.2.1497" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  250.131103][ T9262] loop4: detected capacity change from 0 to 512
[  250.176836][ T9262] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  250.222942][   T28] audit: type=1400 audit(566.344:1787): avc:  denied  { accept } for  pid=9275 comm="syz.6.1502" path="socket:[22091]" dev="sockfs" ino=22091 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  250.260955][   T28] audit: type=1400 audit(566.384:1788): avc:  denied  { write } for  pid=9247 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  250.323996][   T28] audit: type=1326 audit(566.444:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9264 comm="syz.5.1500" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  250.385991][   T28] audit: type=1326 audit(566.444:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9264 comm="syz.5.1500" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  250.441694][   T28] audit: type=1326 audit(566.444:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9264 comm="syz.5.1500" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  250.496457][   T28] audit: type=1326 audit(566.444:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9264 comm="syz.5.1500" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f06a7d8ce59 code=0x7ffc0000
[  250.561674][   T28] audit: type=1326 audit(566.444:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9264 comm="syz.5.1500" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f06a7d8cbc2 code=0x7ffc0000
[  250.786214][ T9317] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9317 comm=syz.1.1511
[  250.857217][ T9302] netlink: 'syz.6.1507': attribute type 1 has an invalid length.
[  250.865102][ T9302] netlink: 'syz.6.1507': attribute type 2 has an invalid length.
[  250.965937][ T9336] loop2: detected capacity change from 0 to 2048
[  251.011994][ T9336] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.025903][ T9342] netlink: 'syz.1.1515': attribute type 1 has an invalid length.
[  251.097761][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.101088][ T9342] 8021q: adding VLAN 0 to HW filter on device bond2
[  251.114455][ T9342] bond1: (slave bond2): making interface the new active one
[  251.122185][ T9342] bond1: (slave bond2): Enslaving as an active interface with an up link
[  251.131030][ T9336] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #12: comm syz.2.1514: corrupted in-inode xattr: e_name out of bounds
[  251.155730][ T9355] openvswitch: netlink: Key 25 has unexpected len 4 expected 16
[  251.165994][ T9336] EXT4-fs (loop2): Remounting filesystem read-only
[  251.198321][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.281496][ T9374] loop2: detected capacity change from 0 to 512
[  251.355725][ T9374] EXT4-fs warning (device loop2): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  251.401393][ T9374] EXT4-fs (loop2): mount failed
[  251.451871][ T9395] Failed to initialize the IGMP autojoin socket (err -2)
[  251.514322][ T9407] dvmrp1: tun_chr_ioctl cmd 35111
[  251.612646][ T9418] __nla_validate_parse: 4 callbacks suppressed
[  251.612751][ T9418] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1532'.
[  251.676105][ T9418] ip6gre2: entered promiscuous mode
[  251.691258][ T9433] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1535'.
[  251.708841][ T9429] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1532'.
[  251.728408][ T9433] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1535'.
[  251.733042][ T9407] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1527'.
[  251.737395][ T9418] ip6gre2: entered allmulticast mode
[  251.999922][ T9463] netlink: 556 bytes leftover after parsing attributes in process `syz.1.1538'.
[  252.095094][ T9476] loop2: detected capacity change from 0 to 512
[  252.108253][ T9476] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  252.119816][ T9476] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  252.129938][ T9476] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.1537: Corrupt directory, running e2fsck is recommended
[  252.174211][ T9476] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  252.183238][ T9476] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.1537: corrupted in-inode xattr: e_name out of bounds
[  252.197113][ T9476] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  252.198136][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  252.213711][    C0] EXT4-fs (loop2): initial error at time 568: ext4_iget_extra_inode:5128: inode 15
[  252.223033][    C0] EXT4-fs (loop2): last error at time 568: ext4_iget_extra_inode:5128: inode 15
[  252.237481][ T9476] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1537: couldn't read orphan inode 15 (err -117)
[  252.249391][ T9476] loop2: lost filesystem error report for type 5 error -117
[  252.257378][ T9476] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.283776][ T9476] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  252.295336][ T9476] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  252.305505][ T9476] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.1537: Corrupt directory, running e2fsck is recommended
[  252.803853][   T28] kauditd_printk_skb: 168 callbacks suppressed
[  252.803869][   T28] audit: type=1400 audit(568.924:1961): avc:  denied  { write } for  pid=9471 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  252.834395][ T9490] sg_write: data in/out 48/10 bytes for SCSI command 0x5d-- guessing data in;
[  252.834395][ T9490]    program syz.6.1543 not setting count and/or reply_len properly
[  252.918527][ T9272] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  252.935165][   T28] audit: type=1400 audit(568.964:1962): avc:  denied  { ioctl } for  pid=9489 comm="syz.6.1543" path="socket:[21394]" dev="sockfs" ino=21394 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  253.019476][ T9498] loop6: detected capacity change from 0 to 2048
[  253.041180][   T28] audit: type=1400 audit(569.024:1963): avc:  denied  { write } for  pid=9495 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  253.085183][ T9498] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.151938][ T9498] EXT4-fs error (device loop6): ext4_iget_extra_inode:5128: inode #12: comm syz.6.1544: corrupted in-inode xattr: e_name out of bounds
[  253.211081][ T9498] EXT4-fs (loop6): Remounting filesystem read-only
[  253.276064][ T9514] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1547'.
[  253.296522][ T8992] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.377298][   T28] audit: type=1400 audit(569.494:1964): avc:  denied  { write } for  pid=9504 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  253.473016][   T28] audit: type=1400 audit(569.594:1965): avc:  denied  { write } for  pid=9525 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  253.707855][ T9532] Failed to initialize the IGMP autojoin socket (err -2)
[  253.734575][ T9535] Failed to initialize the IGMP autojoin socket (err -2)
[  254.067796][ T9539] Failed to initialize the IGMP autojoin socket (err -2)
[  254.656271][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.971029][ T9556] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1555'.
[  255.009186][ T9543] 8021q: adding VLAN 0 to HW filter on device bond0
[  255.072205][ T9543] 8021q: adding VLAN 0 to HW filter on device bond1
[  255.131512][  T172] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  255.150497][   T28] audit: type=1400 audit(571.264:1966): avc:  denied  { write } for  pid=9537 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  255.244263][   T28] audit: type=1400 audit(571.314:1967): avc:  denied  { write } for  pid=9564 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  256.611753][ T9584] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1557'.
[  256.655674][   T28] audit: type=1400 audit(572.774:1968): avc:  denied  { write } for  pid=9567 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  256.689427][ T9584] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1557'.
[  256.703595][ T9587] loop4: detected capacity change from 0 to 2048
[  256.745710][ T9587] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.776835][   T28] audit: type=1400 audit(572.894:1969): avc:  denied  { write } for  pid=9592 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  256.814338][ T9587] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #12: comm syz.4.1558: corrupted in-inode xattr: e_name out of bounds
[  256.863634][ T9587] EXT4-fs (loop4): Remounting filesystem read-only
[  256.920066][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.089627][   T28] audit: type=1400 audit(573.214:1970): avc:  denied  { write } for  pid=9597 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  257.125681][ T9577] loop6: detected capacity change from 0 to 1024
[  257.207951][ T9577] EXT4-fs: Ignoring removed bh option
[  257.436781][ T9630] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1561'.
[  257.611832][ T9577] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.636534][ T9633] FAULT_INJECTION: forcing a failure.
[  257.636534][ T9633] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.692630][ T9633] CPU: 0 UID: 0 PID: 9633 Comm: syz.4.1564 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  257.692680][ T9633] Tainted: [W]=WARN
[  257.692686][ T9633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  257.692697][ T9633] Call Trace:
[  257.692703][ T9633]  <TASK>
[  257.692712][ T9633]  __dump_stack+0x1d/0x30
[  257.692777][ T9633]  dump_stack_lvl+0x95/0xd0
[  257.692802][ T9633]  dump_stack+0x15/0x1b
[  257.692831][ T9633]  should_fail_ex+0x263/0x280
[  257.692864][ T9633]  should_fail+0xb/0x20
[  257.692887][ T9633]  should_fail_usercopy+0x1a/0x20
[  257.692914][ T9633]  _copy_from_user+0x1c/0xb0
[  257.692998][ T9633]  __sys_bpf+0x183/0x7e0
[  257.693031][ T9633]  __x64_sys_bpf+0x41/0x50
[  257.693052][ T9633]  x64_sys_call+0x10cb/0x3020
[  257.693079][ T9633]  do_syscall_64+0x12c/0x3b0
[  257.693170][ T9633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.693197][ T9633] RIP: 0033:0x7f7ba7e6ce59
[  257.693214][ T9633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  257.693234][ T9633] RSP: 002b:00007f7ba68c7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  257.693319][ T9633] RAX: ffffffffffffffda RBX: 00007f7ba80e5fa0 RCX: 00007f7ba7e6ce59
[  257.693333][ T9633] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  257.693346][ T9633] RBP: 00007f7ba68c7090 R08: 0000000000000000 R09: 0000000000000000
[  257.693357][ T9633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.693368][ T9633] R13: 00007f7ba80e6038 R14: 00007f7ba80e5fa0 R15: 00007ffe5072e6c8
[  257.693385][ T9633]  </TASK>
[  258.314016][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  258.314033][   T28] audit: type=1400 audit(574.434:1972): avc:  denied  { write } for  pid=9618 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  258.372943][ T9647] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1565'.
[  258.441048][   T28] audit: type=1400 audit(574.564:1973): avc:  denied  { write } for  pid=9650 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  258.757494][ T9665] loop4: detected capacity change from 0 to 512
[  258.784152][   T28] audit: type=1400 audit(574.894:1974): avc:  denied  { write } for  pid=9656 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  258.869085][   T28] audit: type=1400 audit(574.904:1975): avc:  denied  { write } for  pid=9668 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  258.966127][ T9665] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.051479][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.078184][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  259.134242][ T9683] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1568'.
[  259.143162][ T9683] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1568'.
[  259.168224][ T9679] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1567'.
[  259.208050][   T28] audit: type=1400 audit(575.324:1976): avc:  denied  { write } for  pid=9672 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  259.272995][ T9694] loop4: detected capacity change from 0 to 2048
[  259.295449][   T28] audit: type=1400 audit(575.414:1977): avc:  denied  { write } for  pid=9692 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  259.376109][ T9694] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.398371][ T9704] ipvlan2: entered promiscuous mode
[  259.421634][ T9704] bridge0: port 3(ipvlan2) entered blocking state
[  259.428573][ T9704] bridge0: port 3(ipvlan2) entered disabled state
[  259.435163][ T9704] ipvlan2: entered allmulticast mode
[  259.440518][ T9704] bridge0: entered allmulticast mode
[  259.446365][ T9704] ipvlan2: left allmulticast mode
[  259.469467][ T9704] bridge0: left allmulticast mode
[  259.489881][ T9708] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #12: comm syz.4.1570: corrupted in-inode xattr: e_name out of bounds
[  259.552878][ T9708] EXT4-fs (loop4): Remounting filesystem read-only
[  259.589701][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.610425][   T28] audit: type=1400 audit(575.724:1978): avc:  denied  { write } for  pid=9702 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  259.652853][ T9718] loop4: detected capacity change from 0 to 1024
[  259.671539][   T28] audit: type=1400 audit(575.794:1979): avc:  denied  { write } for  pid=9719 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  259.703459][ T9718] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  259.747706][ T9718] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  259.788509][ T9718] EXT4-fs error (device loop4): ext4_get_journal_inode:5896: inode #32: comm syz.4.1573: iget: special inode unallocated
[  259.818131][ T9718] loop4: lost file I/O error report for ino 32 type 5 pos 0x0 len 0x0 error -117
[  259.818292][ T9718] EXT4-fs (loop4): Remounting filesystem read-only
[  259.834941][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  259.834964][    C1] EXT4-fs (loop4): initial error at time 575: ext4_get_journal_inode:5896: inode 32
[  259.835008][    C1] EXT4-fs (loop4): last error at time 575: ext4_get_journal_inode:5896: inode 32
[  259.868516][ T9718] EXT4-fs (loop4): no journal found
[  259.873863][ T9718] EXT4-fs (loop4): can't get journal size
[  259.887402][ T9718] EXT4-fs (loop4): filesystem is read-only
[  259.906618][ T9718] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  259.961211][   T28] audit: type=1326 audit(576.084:1980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9717 comm="syz.4.1573" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7ba7e6ce59 code=0x0
[  260.087228][ T9744] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1573'.
[  260.127976][ T9749] loop2: detected capacity change from 0 to 256
[  260.139121][   T28] audit: type=1400 audit(576.264:1981): avc:  denied  { write } for  pid=9724 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  260.147287][ T9749] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  260.419212][ T9761] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1580'.
[  260.622186][ T9778] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1582'.
[  261.227132][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.526074][ T9826] netlink: 'syz.2.1588': attribute type 9 has an invalid length.
[  263.323205][ T8992] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.866675][ T9859] loop6: detected capacity change from 0 to 2048
[  265.090574][ T9861] random: crng reseeded on system resumption
[  265.103512][ T9859] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.138800][ T9859] EXT4-fs error (device loop6): ext4_iget_extra_inode:5128: inode #12: comm syz.6.1595: corrupted in-inode xattr: e_name out of bounds
[  265.216055][ T9859] EXT4-fs (loop6): Remounting filesystem read-only
[  265.380627][   T28] kauditd_printk_skb: 8 callbacks suppressed
[  265.380700][   T28] audit: type=1400 audit(581.504:1990): avc:  denied  { unlink } for  pid=3304 comm="syz-executor" name="file0" dev="tmpfs" ino=1896 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  265.415635][ T8992] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.456499][ T9874] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1599'.
[  265.499997][   T28] audit: type=1400 audit(581.624:1991): avc:  denied  { write } for  pid=9841 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  265.533417][ T9881] netlink: 'syz.5.1596': attribute type 1 has an invalid length.
[  265.541167][ T9881] netlink: 'syz.5.1596': attribute type 2 has an invalid length.
[  265.600645][   T28] audit: type=1400 audit(581.724:1992): avc:  denied  { write } for  pid=9882 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  265.670252][ T9889] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.685436][ T9889] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.706638][ T9884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.718637][ T9884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.741506][ T9884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.749951][ T9884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.931676][   T28] audit: type=1400 audit(582.054:1993): avc:  denied  { write } for  pid=9893 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  266.002406][   T28] audit: type=1400 audit(582.124:1994): avc:  denied  { write } for  pid=9922 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  266.199510][   T28] audit: type=1400 audit(582.324:1995): avc:  denied  { create } for  pid=9938 comm="syz.5.1614" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  266.257584][   T28] audit: type=1400 audit(582.344:1996): avc:  denied  { write } for  pid=9938 comm="syz.5.1614" name="file0" dev="tmpfs" ino=1206 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  266.293711][   T28] audit: type=1400 audit(582.344:1997): avc:  denied  { open } for  pid=9938 comm="syz.5.1614" path="/224/file0" dev="tmpfs" ino=1206 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  266.315956][   T28] audit: type=1400 audit(582.364:1998): avc:  denied  { write } for  pid=9928 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  266.338314][   T28] audit: type=1400 audit(582.404:1999): avc:  denied  { write } for  pid=9945 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  266.495340][ T9961] netem: change failed
[  266.713530][ T9991] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1627'.
[  266.953994][T10023] vlan0: entered promiscuous mode
[  267.158194][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  267.404209][T10087] bond3: entered allmulticast mode
[  267.434128][T10087] macvlan2: entered promiscuous mode
[  267.453885][T10087] macvlan2: entered allmulticast mode
[  267.483065][T10087] bond3: (slave macvlan2): Opening slave failed
[  267.494245][T10105] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1658'.
[  267.911676][T10167] loop2: detected capacity change from 0 to 8192
[  267.927113][T10167] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  267.998814][T10167] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  268.015340][T10167] FAT-fs (loop2): Filesystem has been set read-only
[  268.030699][T10167] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  268.039544][T10167] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  268.138141][T10167] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  268.152870][T10167] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  268.161944][T10167] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  268.171145][T10167] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  268.180250][T10167] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  268.189367][T10167] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  268.198430][T10167] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  268.580131][T10247] loop4: detected capacity change from 0 to 128
[  268.604908][T10250] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.612745][T10250] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.635144][T10250] bridge0: entered allmulticast mode
[  268.686167][T10255] bio_check_eod: 40 callbacks suppressed
[  268.686180][T10255] syz.4.1697: attempt to access beyond end of device
[  268.686180][T10255] loop4: rw=2049, sector=145, nr_sectors = 616 limit=128
[  268.701203][T10258] loop2: detected capacity change from 0 to 128
[  268.727139][T10258] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1)
[  268.791021][T10268] 9p: Bad value for 'wfdno'
[  268.818083][ T5341] kworker/u8:9: attempt to access beyond end of device
[  268.818083][ T5341] loop4: rw=1, sector=761, nr_sectors = 280 limit=128
[  268.856078][   T30] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  268.891298][T10278] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1706'.
[  268.925080][T10283] loop4: detected capacity change from 0 to 128
[  268.939400][T10283] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  269.097131][T10301] netlink: 'syz.6.1714': attribute type 4 has an invalid length.
[  269.484539][T10333] netlink: 27 bytes leftover after parsing attributes in process `syz.6.1722'.
[  269.774203][T10369] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1731'.
[  269.990391][T10389] loop4: detected capacity change from 0 to 512
[  270.021862][T10389] EXT4-fs: Ignoring removed nobh option
[  270.048988][T10389] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  270.065552][T10393] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1735'.
[  270.093792][T10389] EXT4-fs (loop4): 1 truncate cleaned up
[  270.112668][T10389] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.153975][T10393] netlink: 'syz.6.1735': attribute type 15 has an invalid length.
[  270.189059][T10403] netlink: 200 bytes leftover after parsing attributes in process `syz.5.1739'.
[  270.312502][T10419] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1741'.
[  270.325824][T10404] ==================================================================
[  270.333934][T10404] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[  270.341074][T10404] 
[  270.343423][T10404] write to 0xffff8881081fd2d4 of 4 bytes by task 10389 on cpu 0:
[  270.351161][T10404]  xas_set_mark+0x12b/0x140
[  270.355698][T10404]  __folio_start_writeback+0x17b/0x370
[  270.361189][T10404]  ext4_bio_write_folio+0x5a6/0xa20
[  270.366426][T10404]  mpage_process_page_bufs+0x4a1/0x620
[  270.371914][T10404]  mpage_prepare_extent_to_map+0x7d4/0xc50
[  270.377734][T10404]  ext4_do_writepages+0x9f6/0x2770
[  270.382877][T10404]  ext4_writepages+0x18f/0x320
[  270.387657][T10404]  do_writepages+0x1c6/0x310
[  270.392271][T10404]  file_write_and_wait_range+0x178/0x2f0
[  270.397929][T10404]  mmb_fsync_noflush+0x48/0x140
[  270.402803][T10404]  ext4_sync_file+0x1f1/0x6b0
[  270.407503][T10404]  vfs_fsync_range+0xc5/0xe0
[  270.412151][T10404]  ext4_buffered_write_iter+0x447/0x4c0
[  270.417742][T10404]  ext4_file_write_iter+0x380/0xfa0
[  270.422981][T10404]  iter_file_splice_write+0x6c4/0xa80
[  270.428382][T10404]  direct_splice_actor+0x156/0x2a0
[  270.433526][T10404]  splice_direct_to_actor+0x311/0x670
[  270.438921][T10404]  do_splice_direct+0x119/0x1a0
[  270.443805][T10404]  do_sendfile+0x382/0x650
[  270.448239][T10404]  __x64_sys_sendfile64+0x105/0x150
[  270.453451][T10404]  x64_sys_call+0x2dc4/0x3020
[  270.458148][T10404]  do_syscall_64+0x12c/0x3b0
[  270.462761][T10404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.468664][T10404] 
[  270.471000][T10404] read to 0xffff8881081fd2d4 of 4 bytes by task 10404 on cpu 1:
[  270.478633][T10404]  xas_find_marked+0x5d7/0x620
[  270.483434][T10404]  filemap_get_folios_tag+0xfa/0x430
[  270.488751][T10404]  mpage_prepare_extent_to_map+0x328/0xc50
[  270.494590][T10404]  ext4_do_writepages+0x6fe/0x2770
[  270.499721][T10404]  ext4_writepages+0x18f/0x320
[  270.504497][T10404]  do_writepages+0x1c6/0x310
[  270.509102][T10404]  file_write_and_wait_range+0x178/0x2f0
[  270.514752][T10404]  mmb_fsync_noflush+0x48/0x140
[  270.519621][T10404]  ext4_sync_file+0x1f1/0x6b0
[  270.524312][T10404]  vfs_fsync_range+0xc5/0xe0
[  270.528917][T10404]  ext4_buffered_write_iter+0x447/0x4c0
[  270.534483][T10404]  ext4_file_write_iter+0x380/0xfa0
[  270.539706][T10404]  iter_file_splice_write+0x6c4/0xa80
[  270.545099][T10404]  direct_splice_actor+0x156/0x2a0
[  270.550237][T10404]  splice_direct_to_actor+0x311/0x670
[  270.555633][T10404]  do_splice_direct+0x119/0x1a0
[  270.560504][T10404]  do_sendfile+0x382/0x650
[  270.564931][T10404]  __x64_sys_sendfile64+0x105/0x150
[  270.570145][T10404]  x64_sys_call+0x2dc4/0x3020
[  270.574844][T10404]  do_syscall_64+0x12c/0x3b0
[  270.579453][T10404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.585366][T10404] 
[  270.587696][T10404] value changed: 0x0a000021 -> 0x04000021
[  270.593428][T10404] 
[  270.595752][T10404] Reported by Kernel Concurrency Sanitizer on:
[  270.601906][T10404] CPU: 1 UID: 0 PID: 10404 Comm: syz.4.1736 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  270.612851][T10404] Tainted: [W]=WARN
[  270.616655][T10404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  270.626718][T10404] ==================================================================
[  270.840906][   T28] kauditd_printk_skb: 84 callbacks suppressed
[  270.840921][   T28] audit: type=1400 audit(586.964:2084): avc:  denied  { write } for  pid=10421 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  270.897877][   T28] audit: type=1400 audit(587.014:2085): avc:  denied  { compute_member } for  pid=10416 comm="syz.6.1741" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  271.012870][T10404] syz.4.1736 (10404) used greatest stack depth: 8704 bytes left
[  271.027676][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.211022][   T28] audit: type=1400 audit(587.334:2086): avc:  denied  { write } for  pid=10425 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  271.259794][   T28] audit: type=1400 audit(587.384:2087): avc:  denied  { write } for  pid=10436 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  271.423325][   T28] audit: type=1400 audit(587.544:2088): avc:  denied  { write } for  pid=10439 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  271.478174][   T28] audit: type=1400 audit(587.594:2089): avc:  denied  { write } for  pid=10450 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  271.650477][   T28] audit: type=1400 audit(587.774:2090): avc:  denied  { write } for  pid=10453 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  271.691830][   T28] audit: type=1400 audit(587.814:2091): avc:  denied  { write } for  pid=10464 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  271.857198][   T28] audit: type=1400 audit(587.974:2092): avc:  denied  { write } for  pid=10467 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  271.892318][   T28] audit: type=1400 audit(588.014:2093): avc:  denied  { write } for  pid=10478 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  272.758187][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  275.929034][   T28] kauditd_printk_skb: 44 callbacks suppressed
[  275.929062][   T28] audit: type=1400 audit(592.054:2138): avc:  denied  { write } for  pid=10849 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  275.965505][   T28] audit: type=1400 audit(592.084:2139): avc:  denied  { write } for  pid=10860 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  276.054577][   T28] audit: type=1400 audit(592.174:2140): avc:  denied  { write } for  pid=10863 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  276.084034][   T28] audit: type=1400 audit(592.204:2141): avc:  denied  { write } for  pid=10874 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  276.182593][   T28] audit: type=1400 audit(592.304:2142): avc:  denied  { write } for  pid=10877 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  276.216879][   T28] audit: type=1400 audit(592.334:2143): avc:  denied  { write } for  pid=10888 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  276.342234][   T28] audit: type=1400 audit(592.464:2144): avc:  denied  { write } for  pid=10891 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  276.382984][   T28] audit: type=1400 audit(592.504:2145): avc:  denied  { write } for  pid=10902 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  276.482532][   T28] audit: type=1400 audit(592.604:2146): avc:  denied  { write } for  pid=10905 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  276.516920][   T28] audit: type=1400 audit(592.634:2147): avc:  denied  { write } for  pid=10916 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1