last executing test programs:

5.288180437s ago: executing program 3 (id=567):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
setitimer(0x2, 0x0, 0x0)

5.237326358s ago: executing program 3 (id=569):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r1 = socket$netlink(0x10, 0x3, 0x0)
preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000140)=""/4, 0x4}], 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)

4.912803324s ago: executing program 3 (id=578):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
write$cgroup_int(r1, &(0x7f0000000000)=0xfe8e, 0x12)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff})
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000680)=ANY=[], 0xfdef)
unshare(0x2c020400)
getsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, 0xffffffffffffffff, &(0x7f0000000700)=0x12)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @window={0x3, 0x6, 0x9}, @window={0x3, 0x8, 0x6}, @window={0x3, 0x0, 0x4f}, @sack_perm], 0x5)
sendto$inet(r0, 0x0, 0x0, 0xe044, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000380)='x', 0x1, 0x480c1, 0x0, 0x0)
r6 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r6, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
sendmsg$NL80211_CMD_GET_WIPHY(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[], 0x28}}, 0x8054)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001900)=ANY=[@ANYRESDEC=r8], 0x80}, 0x1, 0x0, 0x0, 0x4804}, 0x0)

4.005866952s ago: executing program 3 (id=591):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000022c0)={[{@errors_remount}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@block_validity}, {@dioread_lock}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==")
get_mempolicy(&(0x7f0000000040), &(0x7f0000000100), 0x400, &(0x7f00000ce000/0x1000)=nil, 0x3)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x20000, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r4}, 0x18)
r5 = epoll_create1(0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
shutdown(r6, 0x1)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r6, &(0x7f00000006c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000140)=0x1, 0x4)
sendmmsg$inet(r6, &(0x7f0000002780)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000740)="b3", 0x1}], 0x1, &(0x7f0000000ec0)=ANY=[], 0xf0}}], 0x1, 0x24004c41)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000040)={0x20000000})
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000940)=0x28, 0x4)
sendmmsg$inet6(r3, &(0x7f0000006780)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="b3ab706204ee39c9dae21a1718ee351ebc92d2f0d482a863ae5c0b4d768ffe745af2c53a083d9b761b", 0xfff7}], 0x1}, 0xb00}], 0x1, 0x0)

3.286905226s ago: executing program 3 (id=601):
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
r1 = socket$inet6(0xa, 0x3, 0x5)
sendmmsg(r1, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="080100000000000029000000", @ANYRES64=r1], 0x108}}], 0x2, 0xc040)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0xe, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002200000000000000000010000007f000000ffff0600000003000000"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000040)=0x14)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

3.183761088s ago: executing program 4 (id=603):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
arch_prctl$ARCH_GET_CPUID(0x1011)

2.944674692s ago: executing program 4 (id=607):
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f00000002c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0), 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr")
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b5181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f0000000040)=<r5=>0x0)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r5], 0x1c}}, 0x0)

2.5521602s ago: executing program 3 (id=612):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000080000000000000003000000180600000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r1, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x261e]}}], 0xffc8)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

2.445620062s ago: executing program 2 (id=614):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x110e22fff6)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x4004743d, 0x110e22fff6)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[], 0x0, 0x100, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r2}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @window={0x3, 0x6, 0x7}, @window={0x3, 0x0, 0x4}, @sack_perm], 0x4)
ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f0000000000)={'vlan1\x00', @broadcast})

2.393907813s ago: executing program 2 (id=615):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYRES64=<r1=>0xffffffffffffffff], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010600f8fffff7bfa400000000000007040000f04ebc46cb1e261f0000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0x10, &(0x7f0000000200)=ANY=[@ANYRESDEC=0x0, @ANYRES16=r1, @ANYRESOCT=r1, @ANYRESHEX=r0], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x13, &(0x7f0000000080)=0x8000, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1d, 0xc, &(0x7f00000050c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100002eb01fdc074bbdae06c373cafc92f83786443d8425f09b33305f4744e82c471376a3c79a14c90ed321c083c2ef2426f405ee6080c1a22e08", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200004000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1000002, 0x42031, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000140000000000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000280)='ext4_fc_track_range\x00', r5}, 0x18)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x4, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000040)='./file7/file0\x00', 0x0, 0x0, 0x1200)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000005180)=""/4097, 0x1001}], 0x1}}, {{&(0x7f0000001280)=@generic, 0x80, &(0x7f0000001540)=[{&(0x7f0000001300)=""/83, 0x53}, {&(0x7f00000017c0)=""/4096, 0x1000}, {&(0x7f0000001440)=""/225, 0xe1}], 0x3, &(0x7f0000001580)=""/114, 0x72}, 0x1}, {{&(0x7f0000001600)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000002900)=[{&(0x7f0000001680)=""/17, 0x11}, {&(0x7f00000016c0)=""/142, 0x8e}, {&(0x7f00000027c0)=""/81, 0x51}, {&(0x7f0000002840)=""/152, 0x98}], 0x4, &(0x7f0000002940)=""/251, 0xfb}, 0x7d4}, {{&(0x7f0000002a40)=@in, 0x80, &(0x7f0000004f00)=[{&(0x7f0000002ac0)=""/4096, 0x1000}, {&(0x7f0000003ac0)=""/37, 0x25}, {&(0x7f0000003b00)=""/162, 0xa2}, {&(0x7f0000003bc0)=""/221, 0xdd}, {&(0x7f0000003d00)=""/192, 0xc0}, {&(0x7f0000003dc0)=""/60, 0x3c}, {&(0x7f0000003e40)=""/4096, 0x1000}, {&(0x7f0000004e40)=""/186, 0xba}], 0x8, &(0x7f0000004f80)}, 0x8000}], 0x4, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r6, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)

2.345948154s ago: executing program 0 (id=616):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, &(0x7f0000001700)=""/53}, 0x20) (async)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) (async)
r5 = syz_io_uring_setup(0x496, &(0x7f0000000300)={0x0, 0x4461, 0x400, 0x4, 0x1db, 0x0, r3}, &(0x7f0000000580)=<r6=>0x0, &(0x7f0000000680)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x400, 0x1}) (async)
io_uring_enter(r5, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) (async)
r8 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', 0xa00, 0x1c2) (async)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000000)={'\x00', 0x202}) (async)
ioctl$TUNSETPERSIST(r9, 0x400454c9, 0x1) (async)
ioctl$TUNSETPERSIST(r9, 0x400454cb, 0x0) (async)
write$cgroup_int(r8, &(0x7f00000000c0)=0x4, 0x12) (async)
r10 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r10, r8, 0x0, 0x3a)

2.321855634s ago: executing program 2 (id=617):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$unix(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='Q', 0x1}], 0x1, &(0x7f0000001180)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r2, @ANYRES32=r3, @ANYRESOCT, @ANYRES32=r3, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r2, @ANYBLOB="0000000018"], 0xa0}, 0x4004881)

2.297170335s ago: executing program 2 (id=618):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000a00)=ANY=[@ANYBLOB="0a000000c0000000b30000007f"], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000a10000000000000000000010851000000600000018180000", @ANYRES32=r3, @ANYBLOB="0000000000000000660000007fffffff18000000f8ffffff00000000100002019500000000000000360a00000000001018010000202078250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa}, 0x94)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0185879, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xa1c014, &(0x7f0000000240)={[{@minixdf}, {@acl}], [{@flag='posixacl'}, {@obj_role}]}, 0x1, 0x72d, &(0x7f00000014c0)="$eJzs3U1rXNUbAPDn3mb+k38bTQQVX0AqihVLJ01sKV1ZF6KbYqDgNg3JJMRMemNmpjahi3TlVkRRcKPfwY0rxbUfwK+gIFrioq5G7rykbTrTjnWSgczvB3fmOffe4TlnJpwHcoY5AYysk/lDGvF8RMwlEZPt80lEFJrRWMSl1n27t28u5kcSjcaVP5LmPXk77nlN7kRE7ETEcxHxUyHidPpg3urW9tpCpVLebLena+sb09Wt7TOr6wsr5ZXytYvnzs2eu3D+4sXBjfWN9z94tnT+nYnv55bnT838+l0Sl2Kife3ecQxS6z0p5G/hfd49iGRDlAy7AzyWsYg41n5+JibjWDMCAI6yRjGiAQCMmET9B4AR0/k/QGdt76DWwXr5/e2IGO+Wf6y9ZjbeXIc8vpvctzKRRMTUYXaUI2nnVkRcnTr54N9f8sCa7b91dhAd5ED9mM8/l7rNP+ne/BNd5p/xzncn/qPe89/d/Md6zH9zfeZ478V61jP/rYgXxrrlT/byJz3yX+0z/w93lv7uda3xbcRrXetPcl+u3t8PmV5erZTPth675zhZv/nhw8Z/vEf+nUeMf6PP8U989vLPOw/J//orD//8u+XPa+Knfeb/pPDWF72u5fmXeoz/UZ//N33mv/DSR9t93goAAAAAAAAAAAAAAAAAAAAAAAAAAABHQhoRE5Gkpb04TUul1h7eT8fxtJJVa6eXs/q1pWjulT0VhbTzU8uTrXaSt2fav8ffac8249299psR8VREfF78f7NdWswqS8MePAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0ndi3//9fxdb+/wDAETc+7A4AAIdO/QeA0aP+A8DoUf8BYPSo/wAwetR/ABg9j1H/iwfRDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGxtzly/nR2L19czFvL13fqq9l188slatrpfX6Ymkx29worWTZSqVcWszW978+2deuZNnG7GzUb0zXytXadHVre349q1+rza+uL6yU58uFQxsZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRvonkkaSki0macpqVSxBMRMRWFZHm1Uj4bEU9GxC/FQjFvzwy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwYNWt7bWFSqW8KRAIBHvBsGcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHx3N/0edk8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJjS35KIyI9Tk69O7L/6v+ROsfkcER9/feXLGwu12uZMfv7PvfO1r9rnZ4fRfwDgUTp1ulPHAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCb6tb22kKlUt5sBXcaLXfPDCAY9hgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABicfwIAAP//wLPUPg==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0xd4}, 0x18)
r6 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
r7 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x12, r7, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, r7, 0x16, 0x0, @val=@perf_event={0x10}}, 0x18)
r8 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r8, 0x29, 0xb, &(0x7f0000000100)=0xba1, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000001600)={r0, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

2.211039227s ago: executing program 0 (id=619):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe88}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000400000000000000000318110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.210344537s ago: executing program 0 (id=620):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f0000000880)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x30}], 0x1, 0x0)

2.116902808s ago: executing program 0 (id=621):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000a00)=ANY=[@ANYBLOB="0a000000c0000000b30000007f"], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000a10000000000000000000010851000000600000018180000", @ANYRES32=r3, @ANYBLOB="0000000000000000660000007fffffff18000000f8ffffff00000000100002019500000000000000360a00000000001018010000202078250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa}, 0x94)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0185879, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0xa1c014, &(0x7f0000000240)={[{@minixdf}, {@acl}], [{@flag='posixacl'}, {@obj_role}]}, 0x1, 0x72d, &(0x7f00000014c0)="$eJzs3U1rXNUbAPDn3mb+k38bTQQVX0AqihVLJ01sKV1ZF6KbYqDgNg3JJMRMemNmpjahi3TlVkRRcKPfwY0rxbUfwK+gIFrioq5G7rykbTrTjnWSgczvB3fmOffe4TlnJpwHcoY5AYysk/lDGvF8RMwlEZPt80lEFJrRWMSl1n27t28u5kcSjcaVP5LmPXk77nlN7kRE7ETEcxHxUyHidPpg3urW9tpCpVLebLena+sb09Wt7TOr6wsr5ZXytYvnzs2eu3D+4sXBjfWN9z94tnT+nYnv55bnT838+l0Sl2Kife3ecQxS6z0p5G/hfd49iGRDlAy7AzyWsYg41n5+JibjWDMCAI6yRjGiAQCMmET9B4AR0/k/QGdt76DWwXr5/e2IGO+Wf6y9ZjbeXIc8vpvctzKRRMTUYXaUI2nnVkRcnTr54N9f8sCa7b91dhAd5ED9mM8/l7rNP+ne/BNd5p/xzncn/qPe89/d/Md6zH9zfeZ478V61jP/rYgXxrrlT/byJz3yX+0z/w93lv7uda3xbcRrXetPcl+u3t8PmV5erZTPth675zhZv/nhw8Z/vEf+nUeMf6PP8U989vLPOw/J//orD//8u+XPa+Knfeb/pPDWF72u5fmXeoz/UZ//N33mv/DSR9t93goAAAAAAAAAAAAAAAAAAAAAAAAAAABHQhoRE5Gkpb04TUul1h7eT8fxtJJVa6eXs/q1pWjulT0VhbTzU8uTrXaSt2fav8ffac8249299psR8VREfF78f7NdWswqS8MePAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0ndi3//9fxdb+/wDAETc+7A4AAIdO/QeA0aP+A8DoUf8BYPSo/wAwetR/ABg9j1H/iwfRDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGxtzly/nR2L19czFvL13fqq9l188slatrpfX6Ymkx29worWTZSqVcWszW978+2deuZNnG7GzUb0zXytXadHVre349q1+rza+uL6yU58uFQxsZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRvonkkaSki0macpqVSxBMRMRWFZHm1Uj4bEU9GxC/FQjFvzwy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwYNWt7bWFSqW8KRAIBHvBsGcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHx3N/0edk8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJjS35KIyI9Tk69O7L/6v+ROsfkcER9/feXLGwu12uZMfv7PvfO1r9rnZ4fRfwDgUTp1ulPHAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCb6tb22kKlUt5sBXcaLXfPDCAY9hgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABicfwIAAP//wLPUPg==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0xd4}, 0x18)
r6 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
r7 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x12, r7, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, r7, 0x16, 0x0, @val=@perf_event={0x10}}, 0x18)
r8 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r8, 0x29, 0xb, &(0x7f0000000100)=0xba1, 0x4)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000001600)={r0, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

2.115967038s ago: executing program 4 (id=622):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
fsetxattr$security_selinux(r2, &(0x7f0000000040), &(0x7f0000000080)='system_u:object_r:ld_so_t:s0\x00', 0x1d, 0x3)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[], 0x2dc}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000700)={{{@in6=@private2, @in=@remote}}, {{@in=@dev}}}, &(0x7f00000000c0)=0xe8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = creat(0x0, 0x9c)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e22, 0x8}, 0x1c)
listen(r5, 0x3)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f00000001c0)=[{0x6, 0x4, 0x5, 0x6}]}, 0x10)
syz_emit_ethernet(0x96, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3086dd6000002000600600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="80"], 0x0)
stat(&(0x7f0000000cc0)='./file0\x00', 0x0)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, 0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000001540)=ANY=[], 0x94, 0x1)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500), 0x800)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002600010004001000f8dbdf250401f2800c0018fa07ac0f00000000001400010000000000000000000000ffffac14142d50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be820400e900"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0}, 0x3800)
chown(&(0x7f0000000040)='./file1\x00', r8, r9)
r10 = getuid()
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000400), &(0x7f0000000540)=@v3={0x3000000, [{0x9, 0x8f2e}, {0x1, 0x4}], r10}, 0x18, 0x0)

1.954282302s ago: executing program 4 (id=624):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x40000010})
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000580)={0xa, 0x1, {0xbb25, @usage=0x1, 0x0, 0x8, 0x3, 0x1, 0x2, 0x1000, 0x1, @usage=0x9, 0xffff7fff, 0x7, [0x7, 0x1, 0xa, 0xa, 0xd, 0xf]}, {0x8, @struct={0x7, 0x3a5f0831}, 0x0, 0x2, 0x3, 0x3, 0x5, 0x26, 0x40, @usage=0xc75, 0x8, 0xffff8001, [0x5, 0x9, 0x3, 0xd386, 0x3, 0x4]}, {0x5, @usage=0xb792, 0x0, 0x90, 0x6, 0x3, 0x3, 0x6, 0x0, @usage=0x552, 0x8, 0x0, [0xfffffffffffffffc, 0x3, 0x8, 0x8, 0x9, 0xffffffffffffff4f]}, {0xfffffffffffff001, 0x400, 0xe5}})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nodioread_nolock}, {@quota}, {@quota}]}, 0x3, 0x443, &(0x7f0000000dc0)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
syz_clone(0x40b04000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xff, 0x7ffc1ffd}]})
acct(0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x89901)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
write$binfmt_misc(r4, &(0x7f0000000240), 0xfffffecc)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='xen_mmu_alloc_ptpage\x00', r3}, 0x18)

1.324668394s ago: executing program 1 (id=628):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYRES64=<r1=>0xffffffffffffffff], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010600f8fffff7bfa400000000000007040000f04ebc46cb1e261f0000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0x10, &(0x7f0000000200)=ANY=[@ANYRESDEC=0x0, @ANYRES16=r1, @ANYRESOCT=r1, @ANYRESHEX=r0], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x13, &(0x7f0000000080)=0x8000, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1d, 0xc, &(0x7f00000050c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100002eb01fdc074bbdae06c373cafc92f83786443d8425f09b33305f4744e82c471376a3c79a14c90ed321c083c2ef2426f405ee6080c1a22e08", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200004000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1000002, 0x42031, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000140000000000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000280)='ext4_fc_track_range\x00', r5}, 0x18)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x4, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000040)='./file7/file0\x00', 0x0, 0x0, 0x1200)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000005180)=""/4097, 0x1001}], 0x1}}, {{&(0x7f0000001280)=@generic, 0x80, &(0x7f0000001540)=[{&(0x7f0000001300)=""/83, 0x53}, {&(0x7f00000017c0)=""/4096, 0x1000}, {&(0x7f0000001440)=""/225, 0xe1}], 0x3, &(0x7f0000001580)=""/114, 0x72}, 0x1}, {{&(0x7f0000001600)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000002900)=[{&(0x7f0000001680)=""/17, 0x11}, {&(0x7f00000016c0)=""/142, 0x8e}, {&(0x7f00000027c0)=""/81, 0x51}, {&(0x7f0000002840)=""/152, 0x98}], 0x4, &(0x7f0000002940)=""/251, 0xfb}, 0x7d4}, {{&(0x7f0000002a40)=@in, 0x80, &(0x7f0000004f00)=[{&(0x7f0000002ac0)=""/4096, 0x1000}, {&(0x7f0000003ac0)=""/37, 0x25}, {&(0x7f0000003b00)=""/162, 0xa2}, {&(0x7f0000003bc0)=""/221, 0xdd}, {&(0x7f0000003d00)=""/192, 0xc0}, {&(0x7f0000003dc0)=""/60, 0x3c}, {&(0x7f0000003e40)=""/4096, 0x1000}, {&(0x7f0000004e40)=""/186, 0xba}], 0x8, &(0x7f0000004f80)}, 0x8000}], 0x4, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r6, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)

1.271235735s ago: executing program 1 (id=629):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYRES64=<r1=>0xffffffffffffffff], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010600f8fffff7bfa400000000000007040000f04ebc46cb1e261f0000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0x10, &(0x7f0000000200)=ANY=[@ANYRESDEC=0x0, @ANYRES16=r1, @ANYRESOCT=r1, @ANYRESHEX=r0], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x13, &(0x7f0000000080)=0x8000, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1000002, 0x42031, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000140000000000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000280)='ext4_fc_track_range\x00', r5}, 0x18)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x4, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000040)='./file7/file0\x00', 0x0, 0x0, 0x1200)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000005180)=""/4097, 0x1001}], 0x1}}, {{&(0x7f0000001280)=@generic, 0x80, &(0x7f0000001540)=[{&(0x7f0000001300)=""/83, 0x53}, {&(0x7f00000017c0)=""/4096, 0x1000}, {&(0x7f0000001440)=""/225, 0xe1}], 0x3, &(0x7f0000001580)=""/114, 0x72}, 0x1}, {{&(0x7f0000001600)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000002900)=[{&(0x7f0000001680)=""/17, 0x11}, {&(0x7f00000016c0)=""/142, 0x8e}, {&(0x7f00000027c0)=""/81, 0x51}, {&(0x7f0000002840)=""/152, 0x98}], 0x4, &(0x7f0000002940)=""/251, 0xfb}, 0x7d4}, {{&(0x7f0000002a40)=@in, 0x80, &(0x7f0000004f00)=[{&(0x7f0000002ac0)=""/4096, 0x1000}, {&(0x7f0000003ac0)=""/37, 0x25}, {&(0x7f0000003b00)=""/162, 0xa2}, {&(0x7f0000003bc0)=""/221, 0xdd}, {&(0x7f0000003d00)=""/192, 0xc0}, {&(0x7f0000003dc0)=""/60, 0x3c}, {&(0x7f0000003e40)=""/4096, 0x1000}, {&(0x7f0000004e40)=""/186, 0xba}], 0x8, &(0x7f0000004f80)}, 0x8000}], 0x4, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r6, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)

1.152407167s ago: executing program 1 (id=630):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r0, 0x0, 0x4}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000980))
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000002080)={'tunl0\x00', &(0x7f0000002000)={'gre0\x00', 0x0, 0x40, 0x700, 0x865, 0x96, {{0xb, 0x4, 0x0, 0x3e, 0x2c, 0x67, 0x0, 0x0, 0x2f, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x25}, {[@lsrr={0x83, 0x3, 0xd3}, @ssrr={0x89, 0x7, 0x1b, [@rand_addr=0x64010102]}, @noop, @timestamp_prespec={0x44, 0xc, 0x7a, 0x3, 0x5, [{@rand_addr=0x64010100}]}]}}}}})
syz_emit_ethernet(0xda, &(0x7f0000000880)={@local, @random="a22ccb570461", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @remote}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x2c, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private=0x1, @local, {[@cipso={0x86, 0x2b, 0x0, [{0x2, 0xe, "b1057df37f610d5e00000000"}, {0x5, 0x5, "4eb8a6"}, {0x0, 0x12, "9606053d0006ff00800000b61af93a93"}]}, @lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @loopback, @multicast2]}, @cipso={0x86, 0x4f, 0x0, [{0x0, 0x7, "4b6cefc500"}, {0x0, 0xc, "df61168c24ac88ad078c"}, {0x0, 0xa, "2189ea43a2149b84"}, {0x0, 0xa, "0ed21667ef6b75af"}, {0x0, 0x6, "589143a1"}, {0x5, 0x12, "118c5572ec3ca14c0ee79ac3de861f9b"}, {0x0, 0xa, "ab87709c27e85763"}]}, @timestamp_prespec={0x44, 0xc, 0x86, 0x3, 0x4, [{@loopback, 0x3}]}]}}}}}}}, 0x0)

1.092036628s ago: executing program 1 (id=631):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="480000001e000100fdffffff0000000007000000000000000000000008000100e000000108000b00008000000800010000000000140011"], 0x48}, 0x1, 0x0, 0x0, 0x42812}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=<r4=>r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000f40)=ANY=[@ANYRES16=r0, @ANYRES32, @ANYRES8=0x0, @ANYRES8=r5, @ANYRES32, @ANYRESOCT=r5, @ANYRES16=r1, @ANYRES16=r5, @ANYRESHEX=r4, @ANYBLOB="f0f0e55ac76c025a2f1222e4bc7068cf2a248ae51b6362bd8084cc78ee74ce7310c05f976cfd766bfe9e46b5ee86fd51ac7ab0e77e90b801784c929422cf3ca8fadc759bb12c4a0622e5a00fc935a68bedbd215e542d1484255fe10ec3b68d438a65234dae61046640789648575ded2d27c351e557e5c99952df42c0c35437ce420c4654a77b5acf7e2a72696dc27f3b52d8f94c4aa272f8d559710395e4b3a41709c603848405fb91ed4734e82504e771b7b8ce61b03efde22f9f5ad860484ab60ea1d8b67f98e23a212cc22afc6579f88924fa37a14989d25bb053a5cc99759c39ad3532aa238080b0b8ce3da932d4ca647c51a7da2fe3766913b83c40dadcb18e2f9288fb2f7f81129a59191791d712a42e3983a966098efa7a465174d939cab6bdad4b5a554f8f08052cb5cc185e1c0246400f4e5e94d05f413479c6dc53ba18bdde2546f9e742f9335258a68d5b7e43cfcfec20abb0ba957186d22c97cb0d34bca2fdbb7e4369fbe761f0737372c479263b085681884d4e3ae85287d2a73066623eab2e2d7f4a2f0766419226e48e47f32cad321318a90a71b9260f79b7eb6131f9f40b62ccd3e5735c1f2a6225f77aadec6665bf9140ea10a456b9ef828c623c448bf0665cd31e718a83f4bd34f8df84b47785c8f6706c5b556e25b62804a37ffb44601cccfe6366acb3c00a3af573ef4c7ff423c2f99c8da7fd1af92ac3dc5a87fc1f28b1d76ff6b961373b57cae92451441304b2ebd88511fe6cfc9a1536d03aa9b43ba3525e94ddb93117b32769a120578e1678d9957f2e31c76be9fecce47fbff125eaace2da5f0c91cd2666701d386b8e9496356adf4ac31f2c7d4b639e963bee7bdac2dd792ef73bfbc2ef9819d8056078ffc83573d6d6bfe78433241192397fc27f279404286f4fd87f22e14ee1cf642fa6ccddc329357e3a21c103e2a559f73835fd49193aeecc9b67750dbf86270990882cb5f33613ad6dec8b1bc85b4e6acc000ad632680244e61646dd4893295489b93c15de35debac3ff413f332b2fd1554721e2d6c917ed600900feefca9eb658f2267066fc9066642144bc7673d185f0b5b041d075cd02026ae17baabb383a1c0ae076cacf19aa82f1656cc2dad1ddf53ed4179baf0d64e6f424393007dbf33d0efe03b23aaa53a7b3ecd59fd4ca7b0f97289164bcd7639c354d7a1d8b5aeed59c54bf9b179fe76e7fb59503a6339b0e16a8d0c4f86255f73e22799c2240a1f809d53d23caa3d074c678ad4565325bb00807cd6129a3ef1e0386796420e0981393df68c87def4ca39398dfbf7327c84b719fff2f1ccfc2d9b96490d2cfc604a7f3cb6fd0eb668697a89b31b0bd41a64cf9831417e4a987203166b156d0b2cff3194f44bf84efd4eb177da91cf3c157d4d4e8437b20c7059f5147356be05e43eafe51929cfdd890a54c6a32f8e3d500832cd799cc8626f38c5c9cf1a9dcd99116319fc0e5272ebd858ecd1dbf35ab9f97f02852014dc3d7df7bd1ea20395f9ad465ab306c0ad5c48ceb97a4357568f8c03c7265b065fab48e9c26db221ec8ed3e0833b53961d7d08d5f11a7021aaa82a0ad0b4a79fc4fdb3e3868d9e748b9384ef9ef2ee1c3655ef00c75f2b446d67b454b67691bddfcba849b2f1acd9df448d3899e86fc93f10ed81cd06bf923120682bf75bac7d50ebd720903b5172b02bc5f81dc7f4af33bfc40251d02270ebe41df6ad1459ec72762488740b509b51dbaa6152ff7eaeda4900b53557743904f744f1aae536d2fd4c8530ef8cc8aeb57f1fda0b1ac6db19e0226605429dac5d89778e8486acc8bca73f81a5a2ab920ed6588afe2cbcfdf3393df1778644df747a5912107d128e86b15d4cb6c15b1e9893558d3060787e00786d720ba0415500bb4e1f54882fa84f736cd8de9876ed32cc1eae6add96141cb5fd5d3599c4ff3a3b9a2ee49042a0664da3b6fdabb633a54c78c8124d51992a6d1cca4a52ab3b825ae7723118addef274c531446a6fa8f39148a434e19a4c531a36d7071cfee971803e0fc1a0243d3f68d432697edf65312e7a2d67f11d166bc7c3c289f075b4bc710d30752a078ac48323b639eba2467b0b64ab4a8f51041979b28c134861a3b11cdc3ade291218eddc29492cdba97242863082f8276d05c7b775bebeeb83fb2b4a3629ca0e1c83c7477bb8bf127f9a0ca808a445718563311621c944b0ae8fbc63a5f0cc3f9af796654c545c9cf35ffc73abfe066c75618bd572c5274880873405e09401782274fe5a7d81e5525e47493f5b23388e47fd2159d8238c0e26a44d4afedc27f795f873458bc72c502792984baea42af2f2b58c4e968088c9af10fd9ebb7b5d42523dd6a854c9e8ec5641252f91423537e94b3b3b437ebb87b1b6287f951fca9fe7e9e79bf40944c93eeb684570b13b153641ba483ed55ce9907a1d6b295ad21f80d2041fbb5a401864f1583160ac2353463dd0b383eb0555200fbe3f502b21ec3d30cfb1b3758db01230e84e5566134df24129cb6df64fdc6ddaa2aaa227ee9494cdf19ee815fa106e4426f13253f1cead40339b59dd88d1836b7e2a9ea5b89f5df7d955ae95d4a55c005b56c4f8f04aee6530a72a81bbc0d5f857417556d34d4f72ae01065241eff7360643dfebaed8433c5510c072c4830ebbd0b0cddfa9e547049460db7dc63790258a95d5fcf8d4f59931b137035d712f9c1ce16dcf213d817966e98b5d51d3e837b4431bfbdbc5b052b6441a607a2a4156fc734ef5da54d028ce980422172264f482372e0fed50a3f4afe4f9299319c87926f27465517db5ac9f5dff2c71131d45c696333b9833a8bb4f20ea05aceb53e74c4fb391c4c13238b2a5f4c84574fe23a106e3950cbc28804b0698ca827ca993c1264e1706477b21b9fe0dc7652f41af092cc81a28fbbb0095c55162066fd52ab52421b77df94971c3674183b93b280e66d2d5e925199377619bd1c1ee36490d1d3781a3220253cc3169e0475d5543187e87c46d7e4053073a23cfc54dc5eb22804c7da9e9cb5c1a73d0d97f85441d1b53d96503512f48781ab63a103e74b74c992096922c83dc9c0e7e15939040c11c1fc8ef743b969f0d4ee9aea295d26b1c3d94d72d63fe4abebd23c60fc2c8718a9657a677742252017296bb90204dd6b23f711346078359273a3bbc1579baac50c4d5969f58442341eb25de77f620240ae47201807dea717f53a3fac2e2033c8916ed81e8d9ae1c6d73f614a050072b26a34616ae24f4a6101c3f1fdd93b16801e931e7792c4c992579e8d35aa105a96f0a2277aa29b9ddbf20511fa18a6b512d6c25d0550ab4372a35575246e8e93ad63dc70df7d5624a532925015f820067315b729da4e114537d97af503023cb3ff5b320bfb2f2131e44a61239b9e5ac0a0223c2906f68970b9fa5ddae524118af9b35f27f2d92bf1721ddc95c0eb58a7502a36e1986dd1af90d3338ffc1646639285d851fc2b17b194d1e553bf0829d1861601d808605a73aafcf7d968a82c184424b5437406ccb26e6725e1481c7b0635148056e0c2b0d1c8ae8713f09869956b94222a4b7dce9cd9a2b7673305bee57e85df06ded563e4d27b37e1464fd336a28fc65d35c3db9d6eaf588183bd2c4fbbd6dc146040ed8f956051568b2e75c3a9f045d9738f6e1e928736915547dce4b6ff53d6e0fedd2652ce01a56cc9cde52ad6d1fb795164cfce9c02a2f97bbe71cebdd115c0aa40de28569c1ef83dc2b9428679989a3fc6c360d7b9566b55f757a39128b3ad8bebd23a40a07844029bac6cf36557a1e68b208def6e751678d7927167e0beba437262688bdaf8b3a350e97924a35013b9920e73a7723805d26b77ea7a021e29e1314724360de2a89b66dcfa8adddc76a5151b1be8098ed2bdeafecd81ba067987fb54341acac6e42f67f0d0c71eea79a9ff7992b08fe14cf4a57b5668231a6d05e7be71c73ca291902b70a958d252dc1eb90fcfa4b897dd73d6ecdf08092dd578e8fbb5981b1184879a9773b2e71175d8757f03381b12ae27d93bcff64aafcff8d2a23d44e51e11b7491d92fe1f6cdebfa5f51c8d0daed48cfc957799afef8914332ba60efd4da7faee70db021f3cf810f5a1e0ec489af7345343d7d6a4f12b5f08591bff64ef017cb08d4746b9a3564828c6c53f529a91ebb7ae822f506aa84c29fdc4e26493e3a50c84f54dd7bf3c10671895fadceff1d3aac4fe304e7e9f24fecae8ed9c753a41856ad31c85fe4e4b1215928659a981025c07fe36b4e4d3ff15cf1578c3efb3e447e3b12da9ace0a4796d7110af8ab23dd7b81a07a8b6584b59904cc53f8cf8925737012eb91f4684b67b90571bfbabbb62b186aa30dbb23791640cc67e2140098b1a10954b7e33a12a5763da79642d008ecfacf409c8d325aa3e2d8b4b0bab18bc45cff220962d9d95ac44f4ac1924d09cc8a27205fe4142a37871536e53fda7c39e253df7e5b364b1a1dafe90810ad44aa946b8177f7de59f8a013142d3c86df8fc331caf1781997d9ae15291b936de60668c9b1d9aa2336f7b94c7e5bf635fd1e285542bcabb0c1cf899c6845e0fa116da42c763986a7cef906f3119d42cb38ced4a78c9e9bd66e85fa1a14408cb319829fcfcd03389391e4c5632ff9eab1dafc9fa638d55cb5e20a3be84eed9688a76b84a92eb64f05207e2f94b09632e022650dcbe58bb70ea5acc37befe445f640a42b2044de30077ccdbb19e3ac39711975c3c6487a680c852ac4c165550de2a07599cca9cc4062ff65e722da15e9495f05e97cade8272d29e3deebd6c9700519313adf30c8d9c145c077381973ea94f40452075c5e21cfb51731c29eb4bc7d493a2a72e6bcc5d9c5f663af60f1408a46bbd5c2ec98c57f365a3c21d44f1faa2a9c7f37ecc7e10533bbadfc771a37180fbf365ac07fb5948288b08a276b94c60f4487b3543b4deef37c20697132c59fd12f1dd61045ca8601ed07cb7cc110980f663c3ee6af448c5bf035e069146847bbfe06fb69f277cb100e38ca9cd908963cb32f84bcd35a2f45ce5862317d27f750f6c0621522775576b9cdcd53bfa37d8c724812b3cf7df6fb542bad3343986e5cfdd5f37029b2e128d5e610b47bbc6f4199692f1495aa6969768250f050935250eb98645777c697f9c676f22b8539b6b4d0b653f8136cecb62eb032e4a652a5889954267125212538fec5e8f7d42fa0c01c6f050507819ae605e399a4a2b5552efa338f2ad9f6e88f4c341b45a3d14967418b165f69cb20231932e0e29f009b7e779b91415f91ba5ff80af8ce095730d489d656aaa493efdc099df76f574610fff1986721af7188f9112c197181d00a3a759a9f5e1814248eb1f02bf8a957e017d2a807306eb8dc560a155f0c0c724e5e24b7b8c50415beb2c95ab726831ef5a46518624158941beedf5ab0a8226749550513369b9bda364e8dbcef6aa68adc3c6119d4a14f95dc8ce57e3fedcff6b1f0ecbd9306a8bd54d5fe39161aaf3d975bd13f9204614b9c73a56ec14e96e93abde584c71aa67cf706196b37885e656c1bc2ac9bdfbf22128989aaa0173a9c9349a3b9a8f4a13cade2e418a9952155491683e2b77f7d1406c5bac748feb28565dab8b6ed4b7b3ce64e766f0e212efd205f50be290e8686f513f20509ba629419dca956cc6a2b10d78ac730246ca8ae5b35369122b4cc7459070dcc3cbc1bd48f4b2a648f13f789378f6cb08d0ac21c26c61048773813875a7ebae3d47b0853727c971a84df2163fc9803f68c69331481f"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r6, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r0}, 0x20)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000002040)=ANY=[@ANYBLOB="000000000000000005000000000000000000000000000000000056a100000000000000000000000000000000000000000000000000000000000000000000000006000000ff7f000000000100000000008000000000000000070000000000000002000000000000000000000000000000000000000000000000000000000000000200000005000000000100000000000004000000000000000000000000000000010000000000000000000000000000000000000000001d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000099f591ad00873b377f00"/521])
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000180)='kfree\x00', r8, 0x0, 0xf1c38fa000000000}, 0x18)
r9 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'netpci0\x00', <r10=>0x0})
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000600)=ANY=[@ANYBLOB="00040000", @ANYRES16=0x0, @ANYBLOB="00032cbd7000ffdbdf250000000008000100", @ANYRES32=0x0, @ANYBLOB="bc0002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000000600008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="400002803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="b40002803c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000000c000400fffe07025a0f00003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e74000000000000000000000000000005000300030000000800040062aa000008000100", @ANYRES32=0x0, @ANYBLOB="1c02028038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400fcffffff3c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000b00040072616e646f6d00003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000101240001006c625f706f72745f737439ebe38558b8cf460000000000000000000000000000050003000b000000080004000800000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000000000008000600", @ANYRES32=r10, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000600000038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000500000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400ff07000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400000000800800070000000000"], 0x400}, 0x1, 0x0, 0x0, 0x20004000}, 0x1)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r7, 0x89f3, &(0x7f0000000580)={'ip_vti0\x00', &(0x7f0000001f80)={'syztnl0\x00', r10, 0x7, 0x8000, 0xfffffff8, 0x7, {{0x25, 0x4, 0x3, 0xe, 0x94, 0x66, 0x0, 0x9, 0x4, 0x0, @local, @rand_addr=0x38e12914, {[@timestamp_prespec={0x44, 0x14, 0x3c, 0x3, 0x0, [{@broadcast, 0x9}, {@multicast2, 0xd}]}, @rr={0x7, 0x13, 0xcd, [@private=0xa010101, @remote, @rand_addr=0x64010100, @multicast2]}, @cipso={0x86, 0x4c, 0x0, [{0x4, 0x7, "a9b5d66ae9"}, {0x6, 0x10, "90c91886b032c3646f1c30f9080e"}, {0x7, 0xa, "541dc49ffa863ce0"}, {0x5, 0xa, "1e232f3108531c6d"}, {0x0, 0x12, "0a001800000000000000000084040000"}, {0x7, 0x9, "fac1a8ebcdb17b"}]}, @lsrr={0x83, 0xb, 0x34, [@local, @rand_addr=0x64010101]}]}}}}})
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r9, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x101d0}], 0x1}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000014400000000c0a01011d000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000940)={'syztnl0\x00', &(0x7f00000008c0)={'syztnl2\x00', <r11=>0x0, 0x29, 0xc, 0xb, 0x6, 0x18, @remote, @mcast1, 0x7f08, 0x20, 0x9, 0x1000}})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1c, 0x10, &(0x7f0000000c40)=ANY=[@ANYBLOB="18000000070000000000000000020000950000000000000018260000", @ANYRES32, @ANYBLOB="000000000200000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000016000007020000f8ffffffb703000008000000b7040000020000008500000082000000852000000500000095000000ccb10000"], &(0x7f0000000600)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x8, '\x00', r11, @fallback=0x38, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000b40)={0x2, 0x4, 0x7, 0x1c}, 0x10, 0x0, r3, 0x6, &(0x7f0000000b80)=[r1, r1, r6, r1, r1], &(0x7f0000000bc0)=[{0x2, 0x4, 0x5, 0x2}, {0x0, 0x3, 0x5, 0x4}, {0x2, 0x3, 0x5, 0x5}, {0x3, 0x3, 0x1000008, 0xb}, {0x3, 0x5, 0xc, 0xa}, {0x4, 0x4, 0x0, 0xb}], 0x10, 0x9}, 0x94)
close(r7)
sendmsg$NFT_MSG_GETSET(r7, &(0x7f0000000340)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000e00)=ANY=[@ANYBLOB="080100000a0a010100000000000000000a0000010900010073797a300000000008000f400000000a0c0010400000000000000005cb000d405370da624b6c643b6370accbcaa0fc7a5b5c24387f18535dac07dddb55f4db093985b1708079cd6744cc63f264a8d8ce1a525cf82645bbdc203ad66a0c2ebc3b18fa57cd69e1db9d5b8f5e6705a3b0044a732c47756c9832e9ad5fb72f90a4d9f79c93378d11c901a24c7297620f961bebd6343ef67af760fb16089bc51716d4df986e54e7b4558fa9a001a33ae768850a0c84b4afbc2688687e65931f5fd82fb281a3093316b1767cd3be79708a256b5dd5c490b562f1a04688dcb004719ca2ee82b32f0f3da3000800084000000001b7dcce4ea741ea24cf976d"], 0x108}, 0x1, 0x0, 0x0, 0x2400c994}, 0x240480c4)
recvfrom$inet6(r0, &(0x7f0000000240)=""/117, 0x75, 0x20040, 0x0, 0x0)

1.069714519s ago: executing program 4 (id=632):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000002c0)='sched_kthread_work_queue_work\x00', r2}, 0x10)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x24, &(0x7f0000000100)=0x1, 0x4)
recvmmsg(r3, &(0x7f0000002800)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000d80)=""/1, 0x1}, 0x436}], 0x1, 0x0, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x0, 0x9}, @queue={0xee, {0x7, 0xc9a}}}], 0x1c)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
lgetxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='user.incfs.size\x00', &(0x7f00000001c0)=""/113, 0x71)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r4, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)=ANY=[@ANYBLOB="144e364137000ec000000000080000000000040a0e00000000000000578163060000000367849900"], 0x28}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

977.908801ms ago: executing program 1 (id=633):
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f00000002c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0), 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr")
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f0000000040)=<r5=>0x0)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r5], 0x1c}}, 0x0)

370.130263ms ago: executing program 4 (id=634):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=ANY=[@ANYBLOB="07000000040000008000000001000000280000a2398e5a67a147c2ffd6db2d91cc5c373d0bbee89cba9abe316628a6b66975fc7a53cfba7d0a2e0f74f20e7a471a0df75ea0f59a1ff809a5375bdbd0ebe47f3cacca4bb4c2c9ffbab9dcae65b322b0a1e1d290543f8872687f6ee22646dfee6ef0402b4a93a21384f0f29cc871f089eb3023dfa80315b442b4b9dd989e179478e546c845d47f752b50d953e148e97827c0d27f48949289a3635e0b60ecb3c6ec6a00"/196, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1a, 0x13, &(0x7f0000000100)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x7b}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x7}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010814)
close(r3)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000300000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d3101010000383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f7274653d6d6978746e616d653d6c6f7765722c646f733178666c6f707079696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee8a465e6e1be6eeb5d588035a24458d346fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9000000"], 0xfe, 0x2b1, &(0x7f0000000640)="$eJzs3c9qK1UYAPBv0iSN3kWycCWCs7gLN5abu3VhLlJB7ErJwj+gF++9cGlCoYFA/Re68glcuPA93LkX3PgGgg/gziKFI5NMk9imiWlNK/X32/RwzvfNfGfm0FkMc/LpK/39JweDZ8df/hqNRhaVTnTiJItWVKLQiIhUCgDgTjhJKX6/0vO9WtlUTQDAZs09/2uXhGxf7Hpz02UBABv0/gcfvvtob2/3vTxvRPS/GXazmPydjD96Fs+jF0/jQTTjdPYuIKVJ++139najmhdacb8/GnaLzP4nP8+/Nijy29GM1uL8dj4xlz8admvxYkSWRTzvFIU8jGa8dCG/GN99uCA/uvV4rVFOsjj/TjTjl8/iIHrxZPxOY3b+r9t5/lb69o8vPiqCi/xsNOxuj+Nm0tZN3xsAAAAAAAAAAAAAAAAAAAAAAO6unXyqFff7RVe5/87W6Xh852/j4/11KuPxSX4WUR83zu0PNErx/dn+Og/yPE/ZJH62v081Xq5G9dYmDgAAAAAAAAAAAAAAAAAAAP8hg6PP9x/3ek8P/5VG+ZH/9LP+qx6nM9fzaiwP3l7rXLFVhhe1no9p//Rxf9pTTOIqxQ9recSymmsXel4o6ll95D9TSinLIq53m2r/5FwrGveWxxQX+Mfv7r2+/zhbdQ0bZzfuh/mhehwOjs7d08jWqTCttfzqS2Lq5YpZfZyvynV/jcv7xm+TQ5Q92RqzqJWNuGz5NdYq7Ib+AQEAAAAAAAAAAAAAAAAAAFOzj34XDB4vTa1srCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuGGz3/9fozEqkxfHpJRG0556HA5ueYoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8D/wVAAD//xwhbPs=")
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_buf(r6, 0x6, 0x23, &(0x7f0000000040)=""/32, &(0x7f0000000080)=0x20)
getpgrp(0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYRESDEC=r0], 0x7c}, 0x1, 0x0, 0x0, 0x20040014}, 0x4008050)
ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000080)='veth0_to_team\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x6c, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x1, 0xd4}, 0x0, 0x10004, 0x40000, 0x8, 0x8, 0x20005, 0xff, 0x0, 0x0, 0x0, 0x401}, 0x0, 0xc, 0xffffffffffffffff, 0x2)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'hsr0\x00'})
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000020000000a3c000000120a09000000000000000000020000000900020073797a320000000008000440040000000900010073797a30000000000800034000000007"], 0x64}, 0x1, 0x0, 0x0, 0x44800}, 0x0)

157.943217ms ago: executing program 1 (id=635):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
msgget(0x1, 0x2b0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x400, &(0x7f0000000340)=ANY=[@ANYRESHEX, @ANYRES64])
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x18, 0x30, 0x4, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='illinois\x00', 0x9)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
ioctl$sock_ifreq(r4, 0x8943, &(0x7f0000000080)={'dummy0\x00', @ifru_map={0x81, 0x4eb, 0x400, 0x8, 0xf, 0x3}})
fspick(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x1)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
socket$inet6(0xa, 0x5, 0x6)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
sync()
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x4000000, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)
close(0xffffffffffffffff)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r5, 0xc0f85403, 0x0)

123.073917ms ago: executing program 0 (id=636):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='Q', 0x1}], 0x1, &(0x7f0000001180)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r2, @ANYRESOCT, @ANYRES32=r2, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="0000000018"], 0xa0}, 0x4004881)

101.436407ms ago: executing program 2 (id=637):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe88}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000400000000000000000318110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

53.767349ms ago: executing program 0 (id=638):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
arch_prctl$ARCH_GET_CPUID(0x1011)

0s ago: executing program 2 (id=639):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYRES64=<r1=>0xffffffffffffffff], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010600f8fffff7bfa400000000000007040000f04ebc46cb1e261f0000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0x10, &(0x7f0000000200)=ANY=[@ANYRESDEC=0x0, @ANYRES16=r1, @ANYRESOCT=r1, @ANYRESHEX=r0], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x13, &(0x7f0000000080)=0x8000, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1d, 0xc, &(0x7f00000050c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100002eb01fdc074bbdae06c373cafc92f83786443d8425f09b33305f4744e82c471376a3c79a14c90ed321c083c2ef2426f405ee6080c1a22e08", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200004000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1000002, 0x42031, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000140000000000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000280)='ext4_fc_track_range\x00', r5}, 0x18)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x4, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000040)='./file7/file0\x00', 0x0, 0x0, 0x1200)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000005180)=""/4097, 0x1001}], 0x1}}, {{&(0x7f0000001280)=@generic, 0x80, &(0x7f0000001540)=[{&(0x7f0000001300)=""/83, 0x53}, {&(0x7f00000017c0)=""/4096, 0x1000}, {&(0x7f0000001440)=""/225, 0xe1}], 0x3, &(0x7f0000001580)=""/114, 0x72}, 0x1}, {{&(0x7f0000001600)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000002900)=[{&(0x7f0000001680)=""/17, 0x11}, {&(0x7f00000016c0)=""/142, 0x8e}, {&(0x7f00000027c0)=""/81, 0x51}, {&(0x7f0000002840)=""/152, 0x98}], 0x4, &(0x7f0000002940)=""/251, 0xfb}, 0x7d4}, {{&(0x7f0000002a40)=@in, 0x80, &(0x7f0000004f00)=[{&(0x7f0000002ac0)=""/4096, 0x1000}, {&(0x7f0000003ac0)=""/37, 0x25}, {&(0x7f0000003b00)=""/162, 0xa2}, {&(0x7f0000003bc0)=""/221, 0xdd}, {&(0x7f0000003d00)=""/192, 0xc0}, {&(0x7f0000003dc0)=""/60, 0x3c}, {&(0x7f0000003e40)=""/4096, 0x1000}, {&(0x7f0000004e40)=""/186, 0xba}], 0x8, &(0x7f0000004f80)}, 0x8000}], 0x4, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r6, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)

kernel console output (not intermixed with test programs):

1120][ T3528] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   39.921256][ T3528] tipc: Disabling bearer <eth:syzkaller0>
[   39.958591][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.059835][ T3528] loop0: detected capacity change from 0 to 256
[   40.072750][ T3528] vfat: Bad value for 'utf8'
[   40.217688][ T3541] netlink: 12 bytes leftover after parsing attributes in process `syz.0.19'.
[   40.227301][ T3541] 8021q: VLANs not supported on nlmon0
[   40.315760][ T3545] mmap: syz.2.21 (3545) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   40.335638][ T3534] loop3: detected capacity change from 0 to 2048
[   40.372755][ T3534] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #2: comm syz.3.17: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   40.439611][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.484314][ T3534] EXT4-fs (loop3): get root inode failed
[   40.490139][ T3534] EXT4-fs (loop3): mount failed
[   40.820972][ T3568] netlink: 12 bytes leftover after parsing attributes in process `syz.0.28'.
[   40.855350][ T3568] netlink: 32 bytes leftover after parsing attributes in process `syz.0.28'.
[   41.233418][ T3582] netlink: 12 bytes leftover after parsing attributes in process `syz.0.31'.
[   41.242333][ T3582] netlink: 12 bytes leftover after parsing attributes in process `syz.0.31'.
[   41.585612][ T3585] tipc: Started in network mode
[   41.590668][ T3585] tipc: Node identity 9a922c2433a4, cluster identity 4711
[   41.597984][ T3585] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   41.655340][ T3585] tipc: Disabling bearer <eth:syzkaller0>
[   41.672003][ T3570] loop2: detected capacity change from 0 to 2048
[   41.718411][ T3570] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #2: comm syz.2.29: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   41.769580][ T3585] loop1: detected capacity change from 0 to 256
[   41.849910][ T3570] EXT4-fs (loop2): get root inode failed
[   41.855684][ T3570] EXT4-fs (loop2): mount failed
[   41.898525][ T3585] vfat: Bad value for 'utf8'
[   41.909929][ T3593] bridge_slave_0: left allmulticast mode
[   41.915839][ T3593] bridge_slave_0: left promiscuous mode
[   41.921622][ T3593] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.970934][ T3536] syz.3.17 (3536) used greatest stack depth: 6216 bytes left
[   42.010173][ T3593] bridge_slave_1: left allmulticast mode
[   42.015925][ T3593] bridge_slave_1: left promiscuous mode
[   42.021680][ T3593] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.139236][ T3606] netlink: 'syz.0.36': attribute type 1 has an invalid length.
[   42.146907][ T3606] netlink: 224 bytes leftover after parsing attributes in process `syz.0.36'.
[   42.165871][ T3593] bond0: (slave bond_slave_0): Releasing backup interface
[   42.193793][ T3593] bond0: (slave bond_slave_1): Releasing backup interface
[   42.220864][ T3593] team0: Port device team_slave_0 removed
[   42.249483][ T3593] team0: Port device team_slave_1 removed
[   42.265596][ T3593] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.273115][ T3593] batman_adv: batadv0: Removing interface: batadv_slave_0
[   42.315294][ T3593] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.322794][ T3593] batman_adv: batadv0: Removing interface: batadv_slave_1
[   42.359495][ T3598] lo speed is unknown, defaulting to 1000
[   42.372013][ T3598] lo speed is unknown, defaulting to 1000
[   42.402389][ T3598] lo speed is unknown, defaulting to 1000
[   42.408710][ T3598] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   42.445589][ T3598] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   42.473735][ T3598] lo speed is unknown, defaulting to 1000
[   42.507194][ T3598] lo speed is unknown, defaulting to 1000
[   42.516645][ T3598] lo speed is unknown, defaulting to 1000
[   42.533411][ T3598] lo speed is unknown, defaulting to 1000
[   42.553665][ T3598] lo speed is unknown, defaulting to 1000
[   42.563046][ T3621] tipc: Started in network mode
[   42.567991][ T3621] tipc: Node identity e2898aac9e86, cluster identity 4711
[   42.575349][ T3621] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   42.599604][ T3621] tipc: Disabling bearer <eth:syzkaller0>
[   42.636509][ T3617] loop9: detected capacity change from 0 to 7
[   42.642995][ T3617]  loop9: unable to read partition table
[   42.648655][ T3617] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   42.648655][ T3617] 
) failed (rc=-5)
[   42.710943][ T3621] loop3: detected capacity change from 0 to 256
[   42.744493][ T3621] vfat: Bad value for 'utf8'
[   42.844290][ T3629] 8021q: VLANs not supported on vxcan1
[   43.243342][ T3637] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   43.250736][ T3637] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   43.318086][ T3641] loop1: detected capacity change from 0 to 164
[   43.370146][ T3641] iso9660: Corrupted directory entry in block 2 of inode 1792
[   43.399971][ T3644] loop0: detected capacity change from 0 to 1024
[   43.412624][ T3644] EXT4-fs: Ignoring removed nomblk_io_submit option
[   43.483979][ T3644] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.584068][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.640534][ T3649] bridge_slave_0: left allmulticast mode
[   43.646382][ T3649] bridge_slave_0: left promiscuous mode
[   43.652482][ T3649] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.736908][ T3649] bridge_slave_1: left allmulticast mode
[   43.742639][ T3649] bridge_slave_1: left promiscuous mode
[   43.748312][ T3649] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.804614][ T3649] bond0: (slave bond_slave_0): Releasing backup interface
[   43.835923][ T3649] bond0: (slave bond_slave_1): Releasing backup interface
[   43.871883][ T3649] team0: Port device team_slave_0 removed
[   43.901503][ T3649] team0: Port device team_slave_1 removed
[   43.925289][ T3663] loop0: detected capacity change from 0 to 256
[   43.943339][ T3649] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   43.950784][ T3649] batman_adv: batadv0: Removing interface: batadv_slave_0
[   43.961768][ T3663] vfat: Bad value for 'utf8'
[   43.979060][ T3649] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   43.986528][ T3649] batman_adv: batadv0: Removing interface: batadv_slave_1
[   44.030206][ T3659] loop9: detected capacity change from 0 to 7
[   44.050691][ T3659] buffer_io_error: 13 callbacks suppressed
[   44.050705][ T3659] Buffer I/O error on dev loop9, logical block 0, async page read
[   44.081930][ T3660] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   44.090785][ T3659] Buffer I/O error on dev loop9, logical block 0, async page read
[   44.098655][ T3659]  loop9: unable to read partition table
[   44.161909][ T3659] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   44.161909][ T3659] 
) failed (rc=-5)
[   44.176341][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   44.206076][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   44.224136][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   44.252291][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   44.270565][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   44.334324][ T3668] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   44.354239][ T3668] tipc: Disabling bearer <eth:syzkaller0>
[   44.366871][   T29] kauditd_printk_skb: 508 callbacks suppressed
[   44.366888][   T29] audit: type=1326 audit(1757954636.949:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   44.373127][ T3671] syz.1.63 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   44.449247][ T3675] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   44.456868][   T29] audit: type=1326 audit(1757954636.949:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   44.480321][   T29] audit: type=1326 audit(1757954636.949:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   44.503563][   T29] audit: type=1326 audit(1757954636.949:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   44.522077][ T3668] loop0: detected capacity change from 0 to 256
[   44.527008][   T29] audit: type=1326 audit(1757954636.949:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   44.556138][   T29] audit: type=1326 audit(1757954636.949:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   44.579293][   T29] audit: type=1326 audit(1757954636.949:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   44.595305][ T3668] vfat: Bad value for 'utf8'
[   44.602477][   T29] audit: type=1326 audit(1757954636.949:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   44.602616][   T29] audit: type=1326 audit(1757954636.959:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3670 comm="syz.1.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   44.664202][ T3675] tipc: Disabling bearer <eth:syzkaller0>
[   44.709256][ T3678] loop4: detected capacity change from 0 to 1024
[   44.716241][ T3679] loop1: detected capacity change from 0 to 256
[   44.742951][ T3679] vfat: Bad value for 'utf8'
[   44.776456][ T3678] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   44.823274][ T3685] __nla_validate_parse: 2 callbacks suppressed
[   44.823292][ T3685] netlink: 12 bytes leftover after parsing attributes in process `syz.3.67'.
[   44.857345][ T3675] netlink: 4 bytes leftover after parsing attributes in process `syz.1.64'.
[   44.877866][ T3685] vlan2: entered allmulticast mode
[   44.883252][ T3685] veth1_to_bond: entered allmulticast mode
[   44.898428][ T3678] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.65: Invalid block bitmap block 0 in block_group 0
[   44.969451][ T3695] loop0: detected capacity change from 0 to 164
[   45.014224][ T3697] loop1: detected capacity change from 0 to 1024
[   45.028155][ T3694] iso9660: Corrupted directory entry in block 2 of inode 1792
[   45.036934][   T29] audit: type=1326 audit(1757954637.619:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3698 comm="syz.3.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   45.062004][ T3678] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.65: Failed to acquire dquot type 0
[   45.073874][ T3697] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   45.177355][ T3678] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.65: Freeing blocks not in datazone - block = 0, count = 4096
[   45.229124][ T3697] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.73: Invalid block bitmap block 0 in block_group 0
[   45.309012][ T3678] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.65: Invalid inode bitmap blk 0 in block_group 0
[   45.370476][ T3697] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.73: Failed to acquire dquot type 0
[   45.460332][ T3337] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 0
[   45.472139][ T3697] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.73: Freeing blocks not in datazone - block = 0, count = 4096
[   45.512176][ T3678] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   45.515498][ T3697] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.73: Invalid inode bitmap blk 0 in block_group 0
[   45.531185][ T3678] EXT4-fs (loop4): 1 orphan inode deleted
[   45.539941][ T3337] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 0
[   45.540739][ T3678] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.583224][ T3697] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   45.601561][ T3697] EXT4-fs (loop1): 1 orphan inode deleted
[   45.619510][ T3697] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.639531][ T3713] netlink: 26 bytes leftover after parsing attributes in process `syz.3.77'.
[   45.907690][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.925019][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.098648][ T3714] loop3: detected capacity change from 0 to 2048
[   46.209687][ T3714] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #2: comm syz.3.77: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   46.297397][ T3740] netlink: 12 bytes leftover after parsing attributes in process `syz.4.83'.
[   46.306252][ T3740] netlink: 12 bytes leftover after parsing attributes in process `syz.4.83'.
[   46.319403][ T3740] bridge0: port 1(vlan2) entered blocking state
[   46.325699][ T3740] bridge0: port 1(vlan2) entered disabled state
[   46.332196][ T3740] vlan2: entered allmulticast mode
[   46.337319][ T3740] bridge0: entered allmulticast mode
[   46.369572][ T3740] vlan2: left allmulticast mode
[   46.374514][ T3740] bridge0: left allmulticast mode
[   46.511268][ T3714] EXT4-fs (loop3): get root inode failed
[   46.517046][ T3714] EXT4-fs (loop3): mount failed
[   46.543884][ T3746] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   46.570969][ T3746] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   46.609165][ T3741] netlink: 4 bytes leftover after parsing attributes in process `syz.0.84'.
[   46.860713][ T3759] loop0: detected capacity change from 0 to 512
[   46.904688][ T3759] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   46.956647][ T3759] EXT4-fs (loop0): orphan cleanup on readonly fs
[   46.980556][ T3759] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.90: Block bitmap for bg 0 marked uninitialized
[   46.996979][ T3759] EXT4-fs (loop0): Remounting filesystem read-only
[   47.003794][ T3759] EXT4-fs (loop0): 1 orphan inode deleted
[   47.010060][ T3759] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   47.029049][ T3759] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.041106][ T3767] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   47.061407][ T3767] tipc: Disabling bearer <eth:syzkaller0>
[   47.169014][ T3767] loop1: detected capacity change from 0 to 256
[   47.198633][ T3767] vfat: Bad value for 'utf8'
[   47.236011][ T3767] netlink: 4 bytes leftover after parsing attributes in process `syz.1.93'.
[   47.245144][ T3767] hsr_slave_0: left promiscuous mode
[   47.251076][ T3767] hsr_slave_1: left promiscuous mode
[   47.371112][ T3780] loop1: detected capacity change from 0 to 1024
[   47.400126][ T3780] EXT4-fs: Ignoring removed nomblk_io_submit option
[   47.428310][ T3780] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.497846][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.580534][ T3801] loop1: detected capacity change from 0 to 512
[   47.606293][ T3803] loop0: detected capacity change from 0 to 512
[   47.613332][ T3803] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   47.630482][ T3803] EXT4-fs (loop0): orphan cleanup on readonly fs
[   47.646481][ T3803] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.106: Block bitmap for bg 0 marked uninitialized
[   47.680474][ T3803] EXT4-fs (loop0): Remounting filesystem read-only
[   47.689163][ T3801] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.713005][ T3803] EXT4-fs (loop0): 1 orphan inode deleted
[   47.719199][ T3803] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   47.738436][ T3801] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.753416][ T3801] FAULT_INJECTION: forcing a failure.
[   47.753416][ T3801] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   47.763192][ T3803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.766746][ T3801] CPU: 0 UID: 0 PID: 3801 Comm: syz.1.105 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   47.766840][ T3801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   47.766857][ T3801] Call Trace:
[   47.766866][ T3801]  <TASK>
[   47.766875][ T3801]  __dump_stack+0x1d/0x30
[   47.766903][ T3801]  dump_stack_lvl+0xe8/0x140
[   47.766930][ T3801]  dump_stack+0x15/0x1b
[   47.767008][ T3801]  should_fail_ex+0x265/0x280
[   47.767051][ T3801]  should_fail+0xb/0x20
[   47.767080][ T3801]  should_fail_usercopy+0x1a/0x20
[   47.767115][ T3801]  _copy_from_user+0x1c/0xb0
[   47.767211][ T3801]  ___sys_sendmsg+0xc1/0x1d0
[   47.767268][ T3801]  __x64_sys_sendmsg+0xd4/0x160
[   47.767328][ T3801]  x64_sys_call+0x191e/0x2ff0
[   47.767357][ T3801]  do_syscall_64+0xd2/0x200
[   47.767402][ T3801]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   47.767436][ T3801]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   47.767537][ T3801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.767566][ T3801] RIP: 0033:0x7f17a23ceba9
[   47.767586][ T3801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.767611][ T3801] RSP: 002b:00007f17a0e2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   47.767637][ T3801] RAX: ffffffffffffffda RBX: 00007f17a2615fa0 RCX: 00007f17a23ceba9
[   47.767745][ T3801] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[   47.767762][ T3801] RBP: 00007f17a0e2f090 R08: 0000000000000000 R09: 0000000000000000
[   47.767779][ T3801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.767796][ T3801] R13: 00007f17a2616038 R14: 00007f17a2615fa0 R15: 00007ffcf50b8988
[   47.767821][ T3801]  </TASK>
[   47.841846][ T3807] netlink: 26 bytes leftover after parsing attributes in process `syz.4.108'.
[   47.956915][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.138925][ T3823] bridge_slave_0: left allmulticast mode
[   48.144671][ T3823] bridge_slave_0: left promiscuous mode
[   48.150326][ T3823] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.176797][ T3823] bridge_slave_1: left allmulticast mode
[   48.182689][ T3823] bridge_slave_1: left promiscuous mode
[   48.188363][ T3823] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.217937][ T3823] bond0: (slave bond_slave_0): Releasing backup interface
[   48.230893][ T3823] bond0: (slave bond_slave_1): Releasing backup interface
[   48.249221][ T3823] team0: Port device team_slave_0 removed
[   48.264929][ T3823] team0: Port device team_slave_1 removed
[   48.296671][ T3823] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   48.304265][ T3823] batman_adv: batadv0: Removing interface: batadv_slave_0
[   48.323462][ T3823] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   48.330892][ T3823] batman_adv: batadv0: Removing interface: batadv_slave_1
[   48.360430][ T3837] FAULT_INJECTION: forcing a failure.
[   48.360430][ T3837] name failslab, interval 1, probability 0, space 0, times 1
[   48.373287][ T3837] CPU: 1 UID: 0 PID: 3837 Comm: syz.2.118 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.373321][ T3837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   48.373383][ T3837] Call Trace:
[   48.373390][ T3837]  <TASK>
[   48.373397][ T3837]  __dump_stack+0x1d/0x30
[   48.373423][ T3837]  dump_stack_lvl+0xe8/0x140
[   48.373478][ T3837]  dump_stack+0x15/0x1b
[   48.373544][ T3837]  should_fail_ex+0x265/0x280
[   48.373575][ T3837]  should_failslab+0x8c/0xb0
[   48.373632][ T3837]  kmem_cache_alloc_noprof+0x50/0x310
[   48.373671][ T3837]  ? audit_log_start+0x365/0x6c0
[   48.373744][ T3837]  audit_log_start+0x365/0x6c0
[   48.373786][ T3837]  audit_seccomp+0x48/0x100
[   48.373819][ T3837]  ? __seccomp_filter+0x68c/0x10d0
[   48.373918][ T3837]  __seccomp_filter+0x69d/0x10d0
[   48.374011][ T3837]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   48.374042][ T3837]  ? vfs_write+0x7e8/0x960
[   48.374067][ T3837]  ? __rcu_read_unlock+0x4f/0x70
[   48.374095][ T3837]  ? __fget_files+0x184/0x1c0
[   48.374130][ T3837]  __secure_computing+0x82/0x150
[   48.374168][ T3837]  syscall_trace_enter+0xcf/0x1e0
[   48.374193][ T3837]  do_syscall_64+0xac/0x200
[   48.374227][ T3837]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   48.374318][ T3837]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   48.374399][ T3837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.374426][ T3837] RIP: 0033:0x7fa39a82eba9
[   48.374445][ T3837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.374468][ T3837] RSP: 002b:00007fa399297038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[   48.374491][ T3837] RAX: ffffffffffffffda RBX: 00007fa39aa75fa0 RCX: 00007fa39a82eba9
[   48.374503][ T3837] RDX: 0000000001000000 RSI: 0000000000004000 RDI: 0000200000003000
[   48.374525][ T3837] RBP: 00007fa399297090 R08: 0000000000000040 R09: 0000000000000000
[   48.374541][ T3837] R10: 00000000000003ff R11: 0000000000000246 R12: 0000000000000001
[   48.374557][ T3837] R13: 00007fa39aa76038 R14: 00007fa39aa75fa0 R15: 00007ffe8baeae58
[   48.374580][ T3837]  </TASK>
[   48.376360][ T3815] loop4: detected capacity change from 0 to 2048
[   48.604672][ T3839] netlink: 12 bytes leftover after parsing attributes in process `syz.0.119'.
[   48.780053][ T3851] FAULT_INJECTION: forcing a failure.
[   48.780053][ T3851] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.793224][ T3851] CPU: 0 UID: 0 PID: 3851 Comm: syz.0.123 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.793260][ T3851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   48.793283][ T3851] Call Trace:
[   48.793290][ T3851]  <TASK>
[   48.793298][ T3851]  __dump_stack+0x1d/0x30
[   48.793320][ T3851]  dump_stack_lvl+0xe8/0x140
[   48.793339][ T3851]  dump_stack+0x15/0x1b
[   48.793355][ T3851]  should_fail_ex+0x265/0x280
[   48.793461][ T3851]  should_fail+0xb/0x20
[   48.793489][ T3851]  should_fail_usercopy+0x1a/0x20
[   48.793523][ T3851]  _copy_from_user+0x1c/0xb0
[   48.793557][ T3851]  ___sys_sendmsg+0xc1/0x1d0
[   48.793634][ T3851]  __sys_sendmmsg+0x178/0x300
[   48.793673][ T3851]  __x64_sys_sendmmsg+0x57/0x70
[   48.793736][ T3851]  x64_sys_call+0x1c4a/0x2ff0
[   48.793764][ T3851]  do_syscall_64+0xd2/0x200
[   48.793900][ T3851]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   48.793931][ T3851]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   48.793970][ T3851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.794024][ T3851] RIP: 0033:0x7f1593c4eba9
[   48.794044][ T3851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.794066][ T3851] RSP: 002b:00007f15926af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   48.794090][ T3851] RAX: ffffffffffffffda RBX: 00007f1593e95fa0 RCX: 00007f1593c4eba9
[   48.794127][ T3851] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000006
[   48.794155][ T3851] RBP: 00007f15926af090 R08: 0000000000000000 R09: 0000000000000000
[   48.794170][ T3851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.794185][ T3851] R13: 00007f1593e96038 R14: 00007f1593e95fa0 R15: 00007fffe0a6c688
[   48.794206][ T3851]  </TASK>
[   48.794777][ T3815] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #2: comm syz.4.108: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   49.195981][ T3815] EXT4-fs (loop4): get root inode failed
[   49.201742][ T3815] EXT4-fs (loop4): mount failed
[   49.227261][ T3862] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   49.248015][ T3862] tipc: Disabling bearer <eth:syzkaller0>
[   49.394162][ T3862] loop3: detected capacity change from 0 to 256
[   49.395178][ T3865] loop0: detected capacity change from 0 to 164
[   49.409382][ T3862] vfat: Bad value for 'utf8'
[   49.415787][   T29] kauditd_printk_skb: 451 callbacks suppressed
[   49.415802][   T29] audit: type=1400 audit(1757954641.999:1080): avc:  denied  { mount } for  pid=3864 comm="syz.0.127" name="/" dev="loop0" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   49.445067][ T3865] iso9660: Corrupted directory entry in block 2 of inode 1792
[   49.470531][   T29] audit: type=1326 audit(1757954642.009:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3806 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   49.493958][   T29] audit: type=1326 audit(1757954642.009:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3806 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   49.517315][   T29] audit: type=1326 audit(1757954642.009:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3806 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   49.540651][   T29] audit: type=1326 audit(1757954642.019:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3806 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   49.563994][   T29] audit: type=1326 audit(1757954642.019:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3806 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   49.587348][   T29] audit: type=1326 audit(1757954642.019:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3806 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   49.591757][ T3868] netlink: 4 bytes leftover after parsing attributes in process `syz.3.126'.
[   49.610677][   T29] audit: type=1326 audit(1757954642.019:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3806 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   49.643408][   T29] audit: type=1326 audit(1757954642.019:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3806 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   49.666772][   T29] audit: type=1326 audit(1757954642.019:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3806 comm="syz.4.108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   49.701983][ T3868] hsr_slave_0: left promiscuous mode
[   49.709479][ T3868] hsr_slave_1: left promiscuous mode
[   49.763468][ T3872] loop9: detected capacity change from 0 to 7
[   49.769843][ T3872] Buffer I/O error on dev loop9, logical block 0, async page read
[   49.781629][ T3872] Buffer I/O error on dev loop9, logical block 0, async page read
[   49.789547][ T3872]  loop9: unable to read partition table
[   49.796268][ T3872] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   49.796268][ T3872] 
) failed (rc=-5)
[   49.797751][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   49.844237][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   49.881642][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   49.891311][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   49.901252][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   50.099059][ T3891] loop1: detected capacity change from 0 to 164
[   50.110648][ T3891] iso9660: Corrupted directory entry in block 2 of inode 1792
[   50.278180][ T3889] lo speed is unknown, defaulting to 1000
[   50.297193][ T3904] netlink: 8 bytes leftover after parsing attributes in process `syz.1.141'.
[   50.558884][ T3911] tipc: Started in network mode
[   50.563862][ T3911] tipc: Node identity 76bdf27707c2, cluster identity 4711
[   50.571279][ T3911] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   50.580832][ T3911] tipc: Disabling bearer <eth:syzkaller0>
[   50.666000][ T3918] loop4: detected capacity change from 0 to 256
[   50.679132][ T3918] vfat: Bad value for 'utf8'
[   50.735717][ T3911] netlink: 4 bytes leftover after parsing attributes in process `syz.4.144'.
[   50.761590][ T3911] hsr_slave_0: left promiscuous mode
[   50.769186][ T3911] hsr_slave_1: left promiscuous mode
[   50.790060][ T3932] netlink: 'syz.1.154': attribute type 1 has an invalid length.
[   50.859988][ T3932] 8021q: adding VLAN 0 to HW filter on device bond1
[   50.878488][ T3937] macvlan2: entered promiscuous mode
[   50.883965][ T3937] macvlan2: entered allmulticast mode
[   50.911871][ T3937] bond1: entered promiscuous mode
[   50.918597][ T3937] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   50.928830][ T3937] bond1: left promiscuous mode
[   50.977817][ T3949] Zero length message leads to an empty skb
[   51.092866][ T3959] siw: device registration error -23
[   51.099125][ T3959] netlink: 'syz.4.165': attribute type 1 has an invalid length.
[   51.106823][ T3959] netlink: 224 bytes leftover after parsing attributes in process `syz.4.165'.
[   51.247042][ T3977] netlink: 12 bytes leftover after parsing attributes in process `syz.1.173'.
[   51.256135][ T3977] netlink: 12 bytes leftover after parsing attributes in process `syz.1.173'.
[   51.306282][ T3977] bridge0: port 1(vlan2) entered blocking state
[   51.312746][ T3977] bridge0: port 1(vlan2) entered disabled state
[   51.328385][ T3977] vlan2: entered allmulticast mode
[   51.333645][ T3977] bridge0: entered allmulticast mode
[   51.340616][ T3983] FAULT_INJECTION: forcing a failure.
[   51.340616][ T3983] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.353806][ T3983] CPU: 0 UID: 0 PID: 3983 Comm: syz.4.176 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   51.353839][ T3983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   51.353856][ T3983] Call Trace:
[   51.353864][ T3983]  <TASK>
[   51.353873][ T3983]  __dump_stack+0x1d/0x30
[   51.353898][ T3983]  dump_stack_lvl+0xe8/0x140
[   51.353993][ T3983]  dump_stack+0x15/0x1b
[   51.354015][ T3983]  should_fail_ex+0x265/0x280
[   51.354047][ T3983]  should_fail+0xb/0x20
[   51.354084][ T3983]  should_fail_usercopy+0x1a/0x20
[   51.354185][ T3983]  _copy_to_user+0x20/0xa0
[   51.354216][ T3983]  simple_read_from_buffer+0xb5/0x130
[   51.354307][ T3983]  proc_fail_nth_read+0x10e/0x150
[   51.354334][ T3983]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   51.354368][ T3983]  vfs_read+0x1a8/0x770
[   51.354395][ T3983]  ? __rcu_read_unlock+0x4f/0x70
[   51.354445][ T3983]  ? __fget_files+0x184/0x1c0
[   51.354540][ T3983]  ksys_read+0xda/0x1a0
[   51.354569][ T3983]  __x64_sys_read+0x40/0x50
[   51.354597][ T3983]  x64_sys_call+0x27bc/0x2ff0
[   51.354641][ T3983]  do_syscall_64+0xd2/0x200
[   51.354674][ T3983]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   51.354823][ T3983]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   51.354925][ T3983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.354949][ T3983] RIP: 0033:0x7f31d388d5bc
[   51.355040][ T3983] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   51.355064][ T3983] RSP: 002b:00007f31d22ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   51.355087][ T3983] RAX: ffffffffffffffda RBX: 00007f31d3ad5fa0 RCX: 00007f31d388d5bc
[   51.355119][ T3983] RDX: 000000000000000f RSI: 00007f31d22ef0a0 RDI: 0000000000000004
[   51.355135][ T3983] RBP: 00007f31d22ef090 R08: 0000000000000000 R09: 0000000000000000
[   51.355149][ T3983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.355164][ T3983] R13: 00007f31d3ad6038 R14: 00007f31d3ad5fa0 R15: 00007ffd421c3bf8
[   51.355181][ T3983]  </TASK>
[   51.564211][ T3977] vlan2: left allmulticast mode
[   51.569113][ T3977] bridge0: left allmulticast mode
[   51.707116][ T3995] loop1: detected capacity change from 0 to 512
[   51.716060][ T3995] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   51.733719][ T3995] EXT4-fs (loop1): orphan cleanup on readonly fs
[   51.747867][ T3995] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.181: Block bitmap for bg 0 marked uninitialized
[   51.772660][ T3995] EXT4-fs (loop1): Remounting filesystem read-only
[   51.774430][ T4001] siw: device registration error -23
[   51.779337][ T3995] EXT4-fs (loop1): 1 orphan inode deleted
[   51.795240][ T3995] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   51.812939][ T3995] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.844914][ T3992] netlink: 'syz.4.179': attribute type 1 has an invalid length.
[   51.852767][ T3992] netlink: 224 bytes leftover after parsing attributes in process `syz.4.179'.
[   51.931268][ T4009] loop4: detected capacity change from 0 to 164
[   51.944342][ T4011] loop3: detected capacity change from 0 to 164
[   51.952936][ T4009] iso9660: Corrupted directory entry in block 2 of inode 1792
[   51.995721][ T4011] iso9660: Corrupted directory entry in block 2 of inode 1792
[   52.274461][ T4036] FAULT_INJECTION: forcing a failure.
[   52.274461][ T4036] name failslab, interval 1, probability 0, space 0, times 0
[   52.287161][ T4036] CPU: 0 UID: 0 PID: 4036 Comm: syz.1.196 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.287242][ T4036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   52.287254][ T4036] Call Trace:
[   52.287259][ T4036]  <TASK>
[   52.287265][ T4036]  __dump_stack+0x1d/0x30
[   52.287284][ T4036]  dump_stack_lvl+0xe8/0x140
[   52.287449][ T4036]  dump_stack+0x15/0x1b
[   52.287477][ T4036]  should_fail_ex+0x265/0x280
[   52.287506][ T4036]  should_failslab+0x8c/0xb0
[   52.287614][ T4036]  kmem_cache_alloc_noprof+0x50/0x310
[   52.287648][ T4036]  ? getname_flags+0x80/0x3b0
[   52.287685][ T4036]  getname_flags+0x80/0x3b0
[   52.287777][ T4036]  user_path_at+0x28/0x130
[   52.287825][ T4036]  __se_sys_mount+0x25b/0x2e0
[   52.287857][ T4036]  ? fput+0x8f/0xc0
[   52.287896][ T4036]  __x64_sys_mount+0x67/0x80
[   52.287996][ T4036]  x64_sys_call+0x2b4d/0x2ff0
[   52.288021][ T4036]  do_syscall_64+0xd2/0x200
[   52.288059][ T4036]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.288082][ T4036]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.288115][ T4036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.288166][ T4036] RIP: 0033:0x7f17a23ceba9
[   52.288182][ T4036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.288199][ T4036] RSP: 002b:00007f17a0e0e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   52.288217][ T4036] RAX: ffffffffffffffda RBX: 00007f17a2616090 RCX: 00007f17a23ceba9
[   52.288229][ T4036] RDX: 0000200000000300 RSI: 0000200000000200 RDI: 0000000000000000
[   52.288243][ T4036] RBP: 00007f17a0e0e090 R08: 0000200000000440 R09: 0000000000000000
[   52.288257][ T4036] R10: 0000000000008800 R11: 0000000000000246 R12: 0000000000000001
[   52.288318][ T4036] R13: 00007f17a2616128 R14: 00007f17a2616090 R15: 00007ffcf50b8988
[   52.288337][ T4036]  </TASK>
[   52.887213][ T4055] lo speed is unknown, defaulting to 1000
[   53.328617][ T4077] netlink: 12 bytes leftover after parsing attributes in process `syz.0.206'.
[   53.371380][ T4077] 8021q: adding VLAN 0 to HW filter on device bond1
[   53.396090][ T4077] netlink: 4 bytes leftover after parsing attributes in process `syz.0.206'.
[   53.407187][ T4080] loop1: detected capacity change from 0 to 512
[   53.424908][ T4080] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002]
[   53.450721][ T4080] System zones: 1-12
[   53.455924][ T4080] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.207: Directory hole found for htree index block 0
[   53.484633][ T4080] EXT4-fs (loop1): Remounting filesystem read-only
[   53.491266][ T4080] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117
[   53.500577][ T4080] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   53.509551][ T4080] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.524847][ T4080] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[   53.526065][ T4087] netlink: 12 bytes leftover after parsing attributes in process `syz.0.209'.
[   53.544715][ T4080] netlink: 300 bytes leftover after parsing attributes in process `syz.1.207'.
[   53.581361][ T4087] 8021q: adding VLAN 0 to HW filter on device bond2
[   53.598761][ T4090] tipc: Started in network mode
[   53.603765][ T4090] tipc: Node identity 8e814fcc84ee, cluster identity 4711
[   53.611100][ T4090] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   53.635409][ T4090] tipc: Disabling bearer <eth:syzkaller0>
[   53.712692][ T4093] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   53.732184][ T4093] tipc: Disabling bearer <eth:syzkaller0>
[   53.737294][ T4097] loop3: detected capacity change from 0 to 1024
[   53.749039][ T4090] loop2: detected capacity change from 0 to 256
[   53.765732][ T4097] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.775144][ T4090] vfat: Bad value for 'utf8'
[   53.804614][ T4090] hsr_slave_0: left promiscuous mode
[   53.813412][ T4097] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.830857][ T4090] hsr_slave_1: left promiscuous mode
[   53.839102][ T4093] loop0: detected capacity change from 0 to 256
[   53.851818][ T4080] siw: device registration error -23
[   53.862573][ T4093] vfat: Bad value for 'utf8'
[   53.870033][ T4093] hsr_slave_0: left promiscuous mode
[   53.889641][ T4093] hsr_slave_1: left promiscuous mode
[   53.936284][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.059907][ T4112] loop0: detected capacity change from 0 to 512
[   54.070751][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.080051][ T4112] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   54.117712][ T4112] EXT4-fs (loop0): orphan cleanup on readonly fs
[   54.134830][ T4112] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.217: Block bitmap for bg 0 marked uninitialized
[   54.149482][ T4114] 8021q: adding VLAN 0 to HW filter on device bond1
[   54.159449][ T4112] EXT4-fs (loop0): Remounting filesystem read-only
[   54.199918][ T4112] EXT4-fs (loop0): 1 orphan inode deleted
[   54.227652][ T4112] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   54.247746][    C1] hrtimer: interrupt took 26197 ns
[   54.258088][ T4112] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.281143][ T4125] 8021q: adding VLAN 0 to HW filter on device bond1
[   54.356065][ T4132] loop0: detected capacity change from 0 to 164
[   54.376046][ T4132] iso9660: Corrupted directory entry in block 2 of inode 1792
[   54.423713][   T29] kauditd_printk_skb: 726 callbacks suppressed
[   54.423728][   T29] audit: type=1326 audit(1757954647.009:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4137 comm="syz.3.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   54.490633][ T4142] 8021q: adding VLAN 0 to HW filter on device bond2
[   54.502560][   T29] audit: type=1326 audit(1757954647.089:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4145 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   54.527787][   T29] audit: type=1326 audit(1757954647.089:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4145 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   54.527825][   T29] audit: type=1326 audit(1757954647.089:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4145 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   54.527853][   T29] audit: type=1326 audit(1757954647.089:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4145 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   54.527877][   T29] audit: type=1326 audit(1757954647.089:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4145 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   54.621441][   T29] audit: type=1326 audit(1757954647.089:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4145 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   54.644936][   T29] audit: type=1326 audit(1757954647.089:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4145 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   54.668294][   T29] audit: type=1326 audit(1757954647.089:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4145 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   54.668331][   T29] audit: type=1326 audit(1757954647.089:1825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4145 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   54.820592][ T4158] sch_tbf: burst 2976 is lower than device lo mtu (65550) !
[   55.017146][ T4170] loop1: detected capacity change from 0 to 1024
[   55.024404][ T4170] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   55.049232][ T4170] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.239: Invalid block bitmap block 0 in block_group 0
[   55.066972][ T4170] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.239: Failed to acquire dquot type 0
[   55.081492][ T4170] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.239: Freeing blocks not in datazone - block = 0, count = 4096
[   55.098292][ T4174] loop0: detected capacity change from 0 to 164
[   55.106468][ T4174] iso9660: Corrupted directory entry in block 2 of inode 1792
[   55.111521][ T4170] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.239: Invalid inode bitmap blk 0 in block_group 0
[   55.127811][   T31] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:1: Failed to release dquot type 0
[   55.139349][ T4170] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   55.155270][ T4170] EXT4-fs (loop1): 1 orphan inode deleted
[   55.176978][ T4170] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.239940][ T4178] 8021q: adding VLAN 0 to HW filter on device bond1
[   55.315546][ T4191] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   55.324238][ T4190] loop9: detected capacity change from 0 to 7
[   55.330676][ T4190] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.338776][ T4191] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   55.346101][ T4190] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.350224][ T4183] __nla_validate_parse: 10 callbacks suppressed
[   55.350242][ T4183] netlink: 4 bytes leftover after parsing attributes in process `syz.3.243'.
[   55.354002][ T4190]  loop9: unable to read partition table
[   55.354032][ T4190] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   55.354032][ T4190] 
) failed (rc=-5)
[   55.355265][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.395946][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.403939][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.411968][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.420523][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   55.474159][ T4201] loop3: detected capacity change from 0 to 512
[   55.487638][ T4201] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   55.505026][ T4201] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   55.563266][ T4201] EXT4-fs (loop3): 1 truncate cleaned up
[   55.597791][ T4201] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.653401][ T4201] lo speed is unknown, defaulting to 1000
[   55.898058][ T4215] netlink: 12 bytes leftover after parsing attributes in process `syz.4.254'.
[   55.972391][ T4219] loop2: detected capacity change from 0 to 1764
[   55.990061][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.015747][ T4215] 8021q: adding VLAN 0 to HW filter on device bond2
[   56.017434][ T4219] netlink: 24 bytes leftover after parsing attributes in process `syz.2.250'.
[   56.191377][ T4222] netlink: 200 bytes leftover after parsing attributes in process `syz.4.256'.
[   56.410783][ T4226] netlink: 'syz.4.258': attribute type 10 has an invalid length.
[   56.410806][ T4226] netlink: 55 bytes leftover after parsing attributes in process `syz.4.258'.
[   56.486959][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.550961][ T4233] loop0: detected capacity change from 0 to 1024
[   56.557701][ T4233] EXT4-fs: Ignoring removed bh option
[   56.570826][ T4233] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   56.779482][ T4240] loop2: detected capacity change from 0 to 1024
[   57.177794][ T4245] netlink: 12 bytes leftover after parsing attributes in process `syz.4.262'.
[   57.186803][ T4245] netlink: 12 bytes leftover after parsing attributes in process `syz.4.262'.
[   57.200647][ T4245] bridge0: port 1(vlan0) entered blocking state
[   57.207010][ T4245] bridge0: port 1(vlan0) entered disabled state
[   57.213493][ T4245] vlan0: entered allmulticast mode
[   57.218618][ T4245] bridge0: entered allmulticast mode
[   57.226270][ T4245] vlan0: left allmulticast mode
[   57.231157][ T4245] bridge0: left allmulticast mode
[   57.249829][ T4240] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   57.309543][ T4233] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.385766][ T4240] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.263: Invalid block bitmap block 0 in block_group 0
[   57.424949][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.441033][ T4240] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.263: Failed to acquire dquot type 0
[   57.453101][ T4240] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.263: Freeing blocks not in datazone - block = 0, count = 4096
[   57.467733][ T4240] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.263: Invalid inode bitmap blk 0 in block_group 0
[   57.482869][   T58] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:4: Failed to release dquot type 0
[   57.498495][ T4240] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   57.512628][ T4240] EXT4-fs (loop2): 1 orphan inode deleted
[   57.518749][ T4240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.521616][ T4256] loop0: detected capacity change from 0 to 512
[   57.546958][ T4256] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   57.561714][ T4256] EXT4-fs (loop0): orphan cleanup on readonly fs
[   57.569235][ T4256] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.265: Block bitmap for bg 0 marked uninitialized
[   57.583857][ T4256] EXT4-fs (loop0): Remounting filesystem read-only
[   57.590512][ T4256] EXT4-fs (loop0): 1 orphan inode deleted
[   57.597484][ T4256] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   57.610776][ T4256] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.623113][ T4265] siw: device registration error -23
[   57.709507][ T4267] netlink: 200 bytes leftover after parsing attributes in process `syz.4.268'.
[   57.730047][ T4271] loop9: detected capacity change from 0 to 7
[   57.736498][ T4265] netlink: 'syz.3.267': attribute type 1 has an invalid length.
[   57.744292][ T4265] netlink: 224 bytes leftover after parsing attributes in process `syz.3.267'.
[   57.753507][ T4271] Buffer I/O error on dev loop9, logical block 0, async page read
[   57.761740][ T4271] Buffer I/O error on dev loop9, logical block 0, async page read
[   57.761958][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.769602][ T4271]  loop9: unable to read partition table
[   57.784640][ T4271] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   57.784640][ T4271] 
) failed (rc=-5)
[   57.790252][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   57.836474][ T4273] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   57.858534][ T4273] tipc: Disabling bearer <eth:syzkaller0>
[   57.938677][ T4282] loop0: detected capacity change from 0 to 512
[   57.956485][ T4283] loop2: detected capacity change from 0 to 256
[   57.959142][ T4282] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   57.992259][ T4283] vfat: Bad value for 'utf8'
[   57.994986][ T4282] EXT4-fs (loop0): orphan cleanup on readonly fs
[   58.008692][ T4282] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.275: Block bitmap for bg 0 marked uninitialized
[   58.028437][ T4282] EXT4-fs (loop0): Remounting filesystem read-only
[   58.039469][ T4282] EXT4-fs (loop0): 1 orphan inode deleted
[   58.054386][ T4282] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   58.066933][ T4282] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.125710][ T4273] netlink: 4 bytes leftover after parsing attributes in process `syz.2.271'.
[   58.170483][ T4280] loop3: detected capacity change from 0 to 2048
[   58.185418][ T4280] ext4: Unknown parameter 'posixacl'
[   58.255990][ T1028] lo speed is unknown, defaulting to 1000
[   58.260318][ T4293] siw: device registration error -23
[   58.270514][ T4280] loop9: detected capacity change from 0 to 7
[   58.282766][ T4293] netlink: 'syz.2.278': attribute type 1 has an invalid length.
[   58.291006][ T4280]  loop9: unable to read partition table
[   58.321094][ T4280] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   58.321094][ T4280] 
) failed (rc=-5)
[   58.363283][ T4291] loop0: detected capacity change from 0 to 512
[   58.400040][ T4291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.447871][ T4291] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.627465][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.706235][ T4304] loop2: detected capacity change from 0 to 2048
[   58.736141][ T4312] lo speed is unknown, defaulting to 1000
[   58.749663][ T4304] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #2: comm syz.2.280: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   58.825941][ T4317] lo speed is unknown, defaulting to 1000
[   58.853147][ T4304] EXT4-fs (loop2): get root inode failed
[   58.858921][ T4304] EXT4-fs (loop2): mount failed
[   59.004645][ T4332] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   59.049627][ T4330] tipc: Disabling bearer <eth:syzkaller0>
[   59.163285][ T4330] loop3: detected capacity change from 0 to 256
[   59.192808][ T4337] 8021q: adding VLAN 0 to HW filter on device bond3
[   59.202233][ T4330] vfat: Bad value for 'utf8'
[   59.645167][ T4362] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   59.652637][ T4362] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   59.726661][   T29] kauditd_printk_skb: 284 callbacks suppressed
[   59.726678][   T29] audit: type=1326 audit(1757954652.309:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4350 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   59.771936][ T4365] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   59.782260][ T4365] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   59.802531][   T29] audit: type=1326 audit(1757954652.339:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4350 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   59.826120][   T29] audit: type=1326 audit(1757954652.339:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4350 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   59.849608][   T29] audit: type=1326 audit(1757954652.339:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4350 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   59.872967][   T29] audit: type=1326 audit(1757954652.339:2108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4350 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   59.896433][   T29] audit: type=1326 audit(1757954652.349:2109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4350 comm="syz.1.297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   59.919863][   T29] audit: type=1326 audit(1757954652.379:2110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4366 comm="syz.1.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   59.943336][   T29] audit: type=1326 audit(1757954652.379:2111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4366 comm="syz.1.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   59.967071][   T29] audit: type=1326 audit(1757954652.379:2112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4366 comm="syz.1.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   59.990414][   T29] audit: type=1326 audit(1757954652.379:2113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4366 comm="syz.1.301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17a23ceba9 code=0x7ffc0000
[   60.077194][ T4377] loop1: detected capacity change from 0 to 512
[   60.130660][ T4377] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   60.162387][ T4377] EXT4-fs (loop1): orphan cleanup on readonly fs
[   60.174550][ T4377] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.302: Block bitmap for bg 0 marked uninitialized
[   60.195650][ T4377] EXT4-fs (loop1): Remounting filesystem read-only
[   60.203350][ T4377] EXT4-fs (loop1): 1 orphan inode deleted
[   60.209669][ T4377] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   60.234155][ T4377] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.277669][ T4384] 8021q: adding VLAN 0 to HW filter on device bond3
[   60.380625][ T4388] siw: device registration error -23
[   60.388366][ T4388] netlink: 'syz.1.308': attribute type 1 has an invalid length.
[   60.396128][ T4388] __nla_validate_parse: 12 callbacks suppressed
[   60.396141][ T4388] netlink: 224 bytes leftover after parsing attributes in process `syz.1.308'.
[   60.454309][ T4400] lo speed is unknown, defaulting to 1000
[   60.460976][ T4403] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   60.470690][ T4403] tipc: Disabling bearer <eth:syzkaller0>
[   60.477440][ T4399] netlink: 'syz.0.313': attribute type 1 has an invalid length.
[   60.485160][ T4399] netlink: 224 bytes leftover after parsing attributes in process `syz.0.313'.
[   60.574293][ T4409] siw: device registration error -23
[   60.584381][ T4403] loop2: detected capacity change from 0 to 256
[   60.623824][ T4403] vfat: Bad value for 'utf8'
[   60.738999][ T4403] netlink: 4 bytes leftover after parsing attributes in process `syz.2.314'.
[   60.794587][ T4424] netlink: 12 bytes leftover after parsing attributes in process `syz.0.317'.
[   60.803648][ T4424] netlink: 12 bytes leftover after parsing attributes in process `syz.0.317'.
[   60.816987][ T4424] bridge0: port 3(vlan2) entered blocking state
[   60.823337][ T4424] bridge0: port 3(vlan2) entered disabled state
[   60.829873][ T4424] vlan2: entered allmulticast mode
[   60.835016][ T4424] bridge0: entered allmulticast mode
[   60.842153][ T4424] vlan2: left allmulticast mode
[   60.847040][ T4424] bridge0: left allmulticast mode
[   60.879834][ T4422] netlink: 8 bytes leftover after parsing attributes in process `syz.1.320'.
[   61.713980][ T4432] loop2: detected capacity change from 0 to 512
[   61.721014][ T4432] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   61.743043][ T4428] netlink: 12 bytes leftover after parsing attributes in process `syz.4.321'.
[   61.751952][ T4428] netlink: 12 bytes leftover after parsing attributes in process `syz.4.321'.
[   61.763630][ T4428] bridge0: port 1(vlan0) entered blocking state
[   61.769915][ T4428] bridge0: port 1(vlan0) entered disabled state
[   61.776329][ T4428] vlan0: entered allmulticast mode
[   61.781445][ T4428] bridge0: entered allmulticast mode
[   61.793182][ T4428] vlan0: left allmulticast mode
[   61.798164][ T4428] bridge0: left allmulticast mode
[   61.811542][ T4432] EXT4-fs (loop2): orphan cleanup on readonly fs
[   61.825260][ T4432] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.323: Block bitmap for bg 0 marked uninitialized
[   61.845687][ T4432] EXT4-fs (loop2): Remounting filesystem read-only
[   61.852741][ T4432] EXT4-fs (loop2): 1 orphan inode deleted
[   61.858990][ T4432] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   61.870238][ T4435] netlink: 'syz.0.325': attribute type 1 has an invalid length.
[   61.872200][ T4432] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.878679][ T4435] netlink: 224 bytes leftover after parsing attributes in process `syz.0.325'.
[   61.943161][ T4442] loop1: detected capacity change from 0 to 1024
[   61.972984][ T4442] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.997833][ T4444] loop4: detected capacity change from 0 to 764
[   62.024702][ T4444] Symlink component flag not implemented
[   62.031494][ T4442] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.044333][ T4444] Symlink component flag not implemented (129)
[   62.056851][ T4446] siw: device registration error -23
[   62.064533][ T4444] rock: directory entry would overflow storage
[   62.070820][ T4444] rock: sig=0x4f50, size=4, remaining=3
[   62.070839][ T4444] iso9660: Corrupted directory entry in block 6 of inode 1792
[   62.199202][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.311975][ T4461] netlink: 8 bytes leftover after parsing attributes in process `syz.0.334'.
[   62.578167][ T4477] FAULT_INJECTION: forcing a failure.
[   62.578167][ T4477] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   62.591473][ T4477] CPU: 1 UID: 0 PID: 4477 Comm: syz.2.350 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.591506][ T4477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   62.591522][ T4477] Call Trace:
[   62.591530][ T4477]  <TASK>
[   62.591539][ T4477]  __dump_stack+0x1d/0x30
[   62.591624][ T4477]  dump_stack_lvl+0xe8/0x140
[   62.591644][ T4477]  dump_stack+0x15/0x1b
[   62.591710][ T4477]  should_fail_ex+0x265/0x280
[   62.591801][ T4477]  should_fail_alloc_page+0xf2/0x100
[   62.591913][ T4477]  __alloc_frozen_pages_noprof+0xff/0x360
[   62.591956][ T4477]  alloc_pages_mpol+0xb3/0x250
[   62.591988][ T4477]  vma_alloc_folio_noprof+0x1aa/0x300
[   62.592046][ T4477]  handle_mm_fault+0xec2/0x2c20
[   62.592117][ T4477]  ? __rcu_read_unlock+0x4f/0x70
[   62.592157][ T4477]  do_user_addr_fault+0x3fe/0x1090
[   62.592204][ T4477]  exc_page_fault+0x62/0xa0
[   62.592348][ T4477]  asm_exc_page_fault+0x26/0x30
[   62.592391][ T4477] RIP: 0010:rep_stos_alternative+0x40/0x80
[   62.592434][ T4477] Code: c9 75 f6 e9 92 04 02 00 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[   62.592457][ T4477] RSP: 0018:ffffc90001307bf0 EFLAGS: 00050202
[   62.592477][ T4477] RAX: 0000000000000000 RBX: 0000200000009380 RCX: 0000000000000380
[   62.592570][ T4477] RDX: 0000000000000000 RSI: 0000200000008380 RDI: 0000200000009000
[   62.592582][ T4477] RBP: 0000000000001001 R08: 0001c90001307dd7 R09: 0000000000000000
[   62.592594][ T4477] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000001000
[   62.592605][ T4477] R13: 0000200000008380 R14: 0000000000007000 R15: ffffc90001307d90
[   62.592642][ T4477]  iov_iter_zero+0x26f/0xd50
[   62.592681][ T4477]  ? _parse_integer_limit+0x170/0x190
[   62.592713][ T4477]  ? iovec_from_user+0x179/0x210
[   62.592834][ T4477]  read_iter_zero+0x5d/0x1e0
[   62.592865][ T4477]  do_iter_readv_writev+0x499/0x540
[   62.592904][ T4477]  vfs_readv+0x1ea/0x690
[   62.592978][ T4477]  __se_sys_preadv2+0xfc/0x1c0
[   62.593015][ T4477]  __x64_sys_preadv2+0x67/0x80
[   62.593049][ T4477]  x64_sys_call+0xe0d/0x2ff0
[   62.593077][ T4477]  do_syscall_64+0xd2/0x200
[   62.593187][ T4477]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   62.593244][ T4477]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   62.593347][ T4477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.593375][ T4477] RIP: 0033:0x7fa39a82eba9
[   62.593390][ T4477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.593445][ T4477] RSP: 002b:00007fa399297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147
[   62.593464][ T4477] RAX: ffffffffffffffda RBX: 00007fa39aa75fa0 RCX: 00007fa39a82eba9
[   62.593480][ T4477] RDX: 0000000000000002 RSI: 0000200000001540 RDI: 0000000000000003
[   62.593556][ T4477] RBP: 00007fa399297090 R08: 0000000000000000 R09: 0000000000000000
[   62.593568][ T4477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.593670][ T4477] R13: 00007fa39aa76038 R14: 00007fa39aa75fa0 R15: 00007ffe8baeae58
[   62.593689][ T4477]  </TASK>
[   62.942972][ T4475] loop0: detected capacity change from 0 to 512
[   62.969377][ T4480] loop1: detected capacity change from 0 to 764
[   62.981135][ T4480] Symlink component flag not implemented
[   63.009473][ T4486] bridge0: port 1(vlan0) entered blocking state
[   63.015895][ T4486] bridge0: port 1(vlan0) entered disabled state
[   63.022293][ T4486] vlan0: entered allmulticast mode
[   63.027423][ T4486] bridge0: entered allmulticast mode
[   63.033779][ T4486] vlan0: left allmulticast mode
[   63.038661][ T4486] bridge0: left allmulticast mode
[   63.078900][ T4485] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   63.120356][ T4480] Symlink component flag not implemented (129)
[   63.133419][ T4475] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   63.192139][ T4489] tipc: Disabling bearer <eth:syzkaller0>
[   63.215895][ T4480] rock: directory entry would overflow storage
[   63.222123][ T4480] rock: sig=0x4f50, size=4, remaining=3
[   63.227683][ T4480] iso9660: Corrupted directory entry in block 6 of inode 1792
[   63.244309][ T4488] loop2: detected capacity change from 0 to 764
[   63.269443][ T4475] EXT4-fs (loop0): orphan cleanup on readonly fs
[   63.295593][ T4488] Symlink component flag not implemented
[   63.308264][ T4492] loop3: detected capacity change from 0 to 256
[   63.358038][ T4475] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.340: Block bitmap for bg 0 marked uninitialized
[   63.371525][ T4488] Symlink component flag not implemented (129)
[   63.405304][ T4488] rock: directory entry would overflow storage
[   63.411498][ T4488] rock: sig=0x4f50, size=4, remaining=3
[   63.417093][ T4488] iso9660: Corrupted directory entry in block 6 of inode 1792
[   63.426766][ T4475] EXT4-fs (loop0): Remounting filesystem read-only
[   63.434271][ T4492] vfat: Bad value for 'utf8'
[   63.466820][ T4475] EXT4-fs (loop0): 1 orphan inode deleted
[   63.482368][ T4475] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   63.482846][ T4475] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.728356][ T4514] loop1: detected capacity change from 0 to 164
[   63.794351][ T4522] loop4: detected capacity change from 0 to 1024
[   63.805866][ T4522] =======================================================
[   63.805866][ T4522] WARNING: The mand mount option has been deprecated and
[   63.805866][ T4522]          and is ignored by this kernel. Remove the mand
[   63.805866][ T4522]          option from the mount to silence this warning.
[   63.805866][ T4522] =======================================================
[   63.847168][ T4522] EXT4-fs: Ignoring removed nobh option
[   63.860321][ T4536] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   63.944058][ T4536] tipc: Disabling bearer <eth:syzkaller0>
[   63.978607][ T4566] loop3: detected capacity change from 0 to 256
[   63.988977][ T4569] loop2: detected capacity change from 0 to 512
[   63.994964][ T4566] vfat: Bad value for 'utf8'
[   64.052442][ T4585] bridge0: port 3(vlan2) entered blocking state
[   64.058740][ T4585] bridge0: port 3(vlan2) entered disabled state
[   64.065176][ T4585] vlan2: entered allmulticast mode
[   64.070309][ T4585] bridge0: entered allmulticast mode
[   64.188908][ T4514] iso9660: Corrupted directory entry in block 2 of inode 1792
[   64.207881][ T4569] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   64.313427][ T4569] EXT4-fs (loop2): orphan cleanup on readonly fs
[   64.336346][ T4569] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.360: Block bitmap for bg 0 marked uninitialized
[   64.351195][ T4569] EXT4-fs (loop2): Remounting filesystem read-only
[   64.359280][ T4569] EXT4-fs (loop2): 1 orphan inode deleted
[   64.367901][ T4569] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   64.383189][ T4569] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.446245][ T4522] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.467756][ T4585] vlan2: left allmulticast mode
[   64.472766][ T4585] bridge0: left allmulticast mode
[   64.598367][ T4605] loop3: detected capacity change from 0 to 1024
[   64.620289][ T4607] loop1: detected capacity change from 0 to 1024
[   64.623731][ T4604] lo speed is unknown, defaulting to 1000
[   64.634621][ T4605] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   64.698317][ T4607] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   64.710314][ T4605] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.363: Invalid block bitmap block 0 in block_group 0
[   64.732712][ T4607] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.364: Invalid block bitmap block 0 in block_group 0
[   64.736360][ T4605] __quota_error: 379 callbacks suppressed
[   64.736446][ T4605] Quota error (device loop3): write_blk: dquota write failed
[   64.759271][ T4605] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   64.769294][ T4605] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.363: Failed to acquire dquot type 0
[   64.783289][ T4605] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.363: Freeing blocks not in datazone - block = 0, count = 4096
[   64.802334][ T4605] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.363: Invalid inode bitmap blk 0 in block_group 0
[   64.816327][ T4587] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-8
[   64.818107][ T4607] Quota error (device loop1): write_blk: dquota write failed
[   64.825468][ T4587] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:58: Failed to release dquot type 0
[   64.832903][ T4607] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   64.833346][ T4607] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.364: Failed to acquire dquot type 0
[   64.865731][ T4605] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   64.875683][ T4605] EXT4-fs (loop3): 1 orphan inode deleted
[   64.881921][ T4605] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.895895][ T4607] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.364: Freeing blocks not in datazone - block = 0, count = 4096
[   64.900747][ T4615] 8021q: adding VLAN 0 to HW filter on device bond4
[   64.919990][ T4607] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.364: Invalid inode bitmap blk 0 in block_group 0
[   64.934078][ T4607] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   64.942649][ T4587] Quota error (device loop1): do_check_range: Getting block 0 out of range 1-8
[   64.951684][ T4587] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:58: Failed to release dquot type 0
[   64.970546][ T4607] EXT4-fs (loop1): 1 orphan inode deleted
[   64.976800][ T4607] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.098035][ T4628] loop0: detected capacity change from 0 to 164
[   65.109815][ T4628] iso9660: Corrupted directory entry in block 2 of inode 1792
[   65.142580][   T29] audit: type=1326 audit(1757954657.729:2493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4632 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   65.166008][   T29] audit: type=1326 audit(1757954657.729:2494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4632 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   65.189393][   T29] audit: type=1326 audit(1757954657.729:2495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4632 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   65.212739][   T29] audit: type=1326 audit(1757954657.729:2496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4632 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   65.268578][ T4635] bridge_slave_0: left allmulticast mode
[   65.274377][ T4635] bridge_slave_0: left promiscuous mode
[   65.280141][ T4635] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.305904][ T4635] bridge_slave_1: left allmulticast mode
[   65.312044][ T4635] bridge_slave_1: left promiscuous mode
[   65.317734][ T4635] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.336051][ T4635] bond0: (slave bond_slave_0): Releasing backup interface
[   65.347365][ T4635] bond0: (slave bond_slave_1): Releasing backup interface
[   65.362987][ T4635] team0: Port device team_slave_0 removed
[   65.374355][ T4635] team0: Port device team_slave_1 removed
[   65.381317][ T4635] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   65.388815][ T4635] batman_adv: batadv0: Removing interface: batadv_slave_0
[   65.398273][ T4635] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   65.405851][ T4635] batman_adv: batadv0: Removing interface: batadv_slave_1
[   65.428324][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.458183][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.483610][ T4645] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   65.492397][ T4645] tipc: Disabling bearer <eth:syzkaller0>
[   65.692659][ T4645] loop2: detected capacity change from 0 to 256
[   65.701484][ T4654] __nla_validate_parse: 9 callbacks suppressed
[   65.701502][ T4654] netlink: 12 bytes leftover after parsing attributes in process `syz.3.375'.
[   65.716703][ T4654] netlink: 12 bytes leftover after parsing attributes in process `syz.3.375'.
[   65.729588][ T4654] bridge0: port 1(vlan2) entered blocking state
[   65.735918][ T4654] bridge0: port 1(vlan2) entered disabled state
[   65.742284][ T4654] vlan2: entered allmulticast mode
[   65.747456][ T4654] bridge0: entered allmulticast mode
[   65.766225][ T4655] loop0: detected capacity change from 0 to 1024
[   65.791490][ T4657] loop1: detected capacity change from 0 to 164
[   65.798486][ T4654] vlan2: left allmulticast mode
[   65.803388][ T4654] bridge0: left allmulticast mode
[   65.813917][ T4655] EXT4-fs: Ignoring removed nomblk_io_submit option
[   65.825509][ T4645] vfat: Bad value for 'utf8'
[   65.861142][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.908017][ T4648] netlink: 4 bytes leftover after parsing attributes in process `syz.2.377'.
[   65.923981][ T4657] iso9660: Corrupted directory entry in block 2 of inode 1792
[   65.980006][ T4655] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.171186][ T4672] loop4: detected capacity change from 0 to 164
[   66.188091][ T4672] iso9660: Corrupted directory entry in block 2 of inode 1792
[   66.218625][ T4674] loop1: detected capacity change from 0 to 1024
[   66.244567][ T4674] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   66.267737][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.296487][ T4674] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.385: Invalid block bitmap block 0 in block_group 0
[   66.316189][ T4674] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.385: Failed to acquire dquot type 0
[   66.349435][ T4674] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.385: Freeing blocks not in datazone - block = 0, count = 4096
[   66.375502][ T4682] loop4: detected capacity change from 0 to 512
[   66.415210][ T4674] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.385: Invalid inode bitmap blk 0 in block_group 0
[   66.436386][ T4682] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   66.446316][ T4674] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   66.446344][ T4579] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:52: Failed to release dquot type 0
[   66.466639][ T4690] loop2: detected capacity change from 0 to 164
[   66.482072][ T4674] EXT4-fs (loop1): 1 orphan inode deleted
[   66.488194][ T4674] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.502582][ T4690] iso9660: Corrupted directory entry in block 2 of inode 1792
[   66.502935][ T4686] netlink: 'syz.0.387': attribute type 1 has an invalid length.
[   66.514581][ T4682] EXT4-fs (loop4): orphan cleanup on readonly fs
[   66.518230][ T4686] netlink: 224 bytes leftover after parsing attributes in process `syz.0.387'.
[   66.564077][ T4682] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.389: Block bitmap for bg 0 marked uninitialized
[   66.599007][ T4682] EXT4-fs (loop4): Remounting filesystem read-only
[   66.614766][ T4682] EXT4-fs (loop4): 1 orphan inode deleted
[   66.629161][ T4682] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   66.650537][ T4699] loop2: detected capacity change from 0 to 512
[   66.666624][ T4691] siw: device registration error -23
[   66.675241][ T4699] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   66.712468][ T4707] loop0: detected capacity change from 0 to 512
[   66.714513][ T4699] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   66.733875][ T4707] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   66.734962][ T4699] EXT4-fs (loop2): 1 truncate cleaned up
[   66.751862][ T4707] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   66.777429][ T4707] EXT4-fs (loop0): 1 truncate cleaned up
[   66.799486][ T4707] lo speed is unknown, defaulting to 1000
[   66.812423][ T4699] lo speed is unknown, defaulting to 1000
[   67.031168][ T4691] netlink: 'syz.3.391': attribute type 1 has an invalid length.
[   67.031187][ T4691] netlink: 224 bytes leftover after parsing attributes in process `syz.3.391'.
[   67.050373][ T4720] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   67.075572][ T4722] netlink: 'syz.3.401': attribute type 10 has an invalid length.
[   67.078805][ T4722] team0: Port device dummy0 added
[   67.226668][ T4727] netlink: 'syz.1.400': attribute type 1 has an invalid length.
[   67.234396][ T4727] netlink: 224 bytes leftover after parsing attributes in process `syz.1.400'.
[   67.283946][ T4720] tipc: Disabling bearer <eth:syzkaller0>
[   67.313566][ T4729] loop4: detected capacity change from 0 to 256
[   67.313901][ T4729] vfat: Bad value for 'utf8'
[   67.370710][ T4720] netlink: 4 bytes leftover after parsing attributes in process `syz.4.399'.
[   67.632488][ T4741] loop3: detected capacity change from 0 to 764
[   67.644010][ T4741] Symlink component flag not implemented
[   67.676749][ T4748] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   67.679426][ T4741] Symlink component flag not implemented (129)
[   67.693758][ T4748] tipc: Disabling bearer <eth:syzkaller0>
[   67.711301][ T4741] rock: directory entry would overflow storage
[   67.717524][ T4741] rock: sig=0x4f50, size=4, remaining=3
[   67.723212][ T4741] iso9660: Corrupted directory entry in block 6 of inode 1792
[   67.768820][ T4751] loop4: detected capacity change from 0 to 1024
[   67.793173][ T4751] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   67.830941][ T4748] loop2: detected capacity change from 0 to 256
[   67.861378][ T4748] vfat: Bad value for 'utf8'
[   67.885490][ T4751] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.410: Invalid block bitmap block 0 in block_group 0
[   67.984544][ T4751] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.410: Failed to acquire dquot type 0
[   68.040732][ T4751] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.410: Freeing blocks not in datazone - block = 0, count = 4096
[   68.082815][ T4751] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.410: Invalid inode bitmap blk 0 in block_group 0
[   68.091918][ T4754] netlink: 4 bytes leftover after parsing attributes in process `syz.2.409'.
[   68.098846][ T4751] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   68.116419][ T4580] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:53: Failed to release dquot type 0
[   68.135152][ T4771] loop1: detected capacity change from 0 to 512
[   68.147113][ T4773] loop3: detected capacity change from 0 to 164
[   68.150977][ T4751] EXT4-fs (loop4): 1 orphan inode deleted
[   68.166066][ T4771] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.183373][ T4773] iso9660: Corrupted directory entry in block 2 of inode 1792
[   68.286196][ T4783] process 'syz.1.417' launched './file1' with NULL argv: empty string added
[   68.338725][ T4787] loop2: detected capacity change from 0 to 764
[   68.349973][ T4787] Symlink component flag not implemented
[   68.362995][ T4787] Symlink component flag not implemented (129)
[   68.370304][ T4787] rock: directory entry would overflow storage
[   68.376544][ T4787] rock: sig=0x4f50, size=4, remaining=3
[   68.382135][ T4787] iso9660: Corrupted directory entry in block 6 of inode 1792
[   68.418049][ T4789] loop3: detected capacity change from 0 to 256
[   68.440334][ T4789] vfat: Unknown parameter '@���G����;���������5
�����ki(����U�'
[   68.457262][ T4755] loop0: detected capacity change from 0 to 2048
[   68.492423][ T4755] ext4: Unknown parameter 'posixacl'
[   68.637777][ T4755] loop9: detected capacity change from 0 to 7
[   68.663295][ T4755] buffer_io_error: 11 callbacks suppressed
[   68.663372][ T4755] Buffer I/O error on dev loop9, logical block 0, async page read
[   68.683850][ T4805] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   68.691270][ T4805] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   68.698985][ T4799] netlink: 4 bytes leftover after parsing attributes in process `syz.2.425'.
[   68.708864][ T4755] Buffer I/O error on dev loop9, logical block 0, async page read
[   68.716980][ T4755]  loop9: unable to read partition table
[   68.735086][ T4809] netlink: 'syz.3.428': attribute type 10 has an invalid length.
[   68.744622][ T4755] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   68.744622][ T4755] 
) failed (rc=-5)
[   68.754345][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   68.771258][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   68.780448][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   68.788632][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   68.796845][ T3289] Buffer I/O error on dev loop9, logical block 0, async page read
[   68.994837][ T4822] netlink: 'syz.1.434': attribute type 1 has an invalid length.
[   69.002832][ T4822] netlink: 224 bytes leftover after parsing attributes in process `syz.1.434'.
[   69.026165][ T4821] netlink: 'syz.0.433': attribute type 1 has an invalid length.
[   69.067825][ T4832] loop1: detected capacity change from 0 to 512
[   69.088512][ T4832] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   69.100160][ T4832] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   69.122283][ T4832] EXT4-fs (loop1): 1 truncate cleaned up
[   69.128301][ T4832] EXT4-fs mount: 10 callbacks suppressed
[   69.128390][ T4832] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.160944][ T4832] lo speed is unknown, defaulting to 1000
[   69.319134][ T4847] loop0: detected capacity change from 0 to 164
[   69.337906][ T4847] iso9660: Corrupted directory entry in block 2 of inode 1792
[   69.535917][ T4824] loop2: detected capacity change from 0 to 512
[   69.545622][ T4858] netlink: 'syz.4.447': attribute type 1 has an invalid length.
[   69.553997][ T4824] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.554093][ T4824] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.564087][ T4863] netlink: 'syz.3.448': attribute type 39 has an invalid length.
[   69.756505][ T4868] siw: device registration error -23
[   69.757349][ T4868] netlink: 'syz.4.450': attribute type 1 has an invalid length.
[   69.799891][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.917329][ T4874] loop3: detected capacity change from 0 to 164
[   69.927225][ T4874] iso9660: Corrupted directory entry in block 2 of inode 1792
[   70.019086][   T29] kauditd_printk_skb: 466 callbacks suppressed
[   70.019100][   T29] audit: type=1326 audit(1757954662.599:2957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4880 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   70.062616][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.074694][   T29] audit: type=1326 audit(1757954662.599:2958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4880 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   70.098153][   T29] audit: type=1326 audit(1757954662.639:2959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4880 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   70.121520][   T29] audit: type=1326 audit(1757954662.639:2960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4880 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   70.145294][   T29] audit: type=1326 audit(1757954662.639:2961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4880 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   70.168917][   T29] audit: type=1326 audit(1757954662.639:2962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4880 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   70.192440][   T29] audit: type=1326 audit(1757954662.639:2963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4880 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   70.216073][   T29] audit: type=1326 audit(1757954662.639:2964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4880 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   70.239436][   T29] audit: type=1326 audit(1757954662.639:2965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4880 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   70.262856][   T29] audit: type=1326 audit(1757954662.639:2966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4880 comm="syz.3.456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3481aeba9 code=0x7ffc0000
[   71.188097][ T4911] loop3: detected capacity change from 0 to 512
[   71.203067][ T4911] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   71.223367][ T4911] EXT4-fs (loop3): orphan cleanup on readonly fs
[   71.230242][ T4911] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.464: Block bitmap for bg 0 marked uninitialized
[   71.247107][ T4909] siw: device registration error -23
[   71.255795][ T4911] EXT4-fs (loop3): Remounting filesystem read-only
[   71.269051][ T4855] loop0: detected capacity change from 0 to 2048
[   71.282286][ T4911] EXT4-fs (loop3): 1 orphan inode deleted
[   71.283837][ T4909] netlink: 'syz.2.463': attribute type 1 has an invalid length.
[   71.288462][ T4911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   71.295758][ T4909] __nla_validate_parse: 3 callbacks suppressed
[   71.295772][ T4909] netlink: 224 bytes leftover after parsing attributes in process `syz.2.463'.
[   71.332257][ T4855] ext4: Unknown parameter 'posixacl'
[   71.349407][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.431313][ T4855] loop9: detected capacity change from 0 to 7
[   71.443423][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   71.453224][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   71.461075][ T3296]  loop9: unable to read partition table
[   71.470588][ T4855] Buffer I/O error on dev loop9, logical block 0, async page read
[   71.486996][ T4855]  loop9: unable to read partition table
[   71.494709][ T4855] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   71.494709][ T4855] 
) failed (rc=-5)
[   71.679891][ T4925] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   71.690988][ T4925] tipc: Disabling bearer <eth:syzkaller0>
[   71.736348][ T4918] loop2: detected capacity change from 0 to 512
[   71.767372][ T4931] netlink: 12 bytes leftover after parsing attributes in process `syz.3.468'.
[   71.776306][ T4931] netlink: 12 bytes leftover after parsing attributes in process `syz.3.468'.
[   71.789282][ T4931] bridge0: port 1(vlan2) entered blocking state
[   71.795672][ T4931] bridge0: port 1(vlan2) entered disabled state
[   71.802193][ T4931] vlan2: entered allmulticast mode
[   71.807369][ T4931] bridge0: entered allmulticast mode
[   71.872618][ T4931] vlan2: left allmulticast mode
[   71.877610][ T4931] bridge0: left allmulticast mode
[   71.897172][ T4936] loop4: detected capacity change from 0 to 256
[   71.910205][ T4936] vfat: Bad value for 'utf8'
[   71.948453][ T4918] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.985580][ T4939] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   72.069342][ T4936] netlink: 4 bytes leftover after parsing attributes in process `syz.4.469'.
[   72.080497][ T4939] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   72.138580][ T4930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.471'.
[   72.149066][ T4928] FAULT_INJECTION: forcing a failure.
[   72.149066][ T4928] name failslab, interval 1, probability 0, space 0, times 0
[   72.161839][ T4928] CPU: 1 UID: 0 PID: 4928 Comm: syz.2.466 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.161872][ T4928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   72.161888][ T4928] Call Trace:
[   72.161953][ T4928]  <TASK>
[   72.161962][ T4928]  __dump_stack+0x1d/0x30
[   72.161984][ T4928]  dump_stack_lvl+0xe8/0x140
[   72.162005][ T4928]  dump_stack+0x15/0x1b
[   72.162026][ T4928]  should_fail_ex+0x265/0x280
[   72.162096][ T4928]  ? alloc_pipe_info+0xae/0x350
[   72.162127][ T4928]  should_failslab+0x8c/0xb0
[   72.162159][ T4928]  __kmalloc_cache_noprof+0x4c/0x320
[   72.162199][ T4928]  alloc_pipe_info+0xae/0x350
[   72.162264][ T4928]  splice_direct_to_actor+0x592/0x680
[   72.162290][ T4928]  ? kstrtouint_from_user+0x9f/0xf0
[   72.162320][ T4928]  ? __pfx_direct_splice_actor+0x10/0x10
[   72.162346][ T4928]  ? __rcu_read_unlock+0x4f/0x70
[   72.162407][ T4928]  ? get_pid_task+0x96/0xd0
[   72.162434][ T4928]  ? avc_policy_seqno+0x15/0x30
[   72.162464][ T4928]  ? selinux_file_permission+0x1e4/0x320
[   72.162491][ T4928]  do_splice_direct+0xda/0x150
[   72.162567][ T4928]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   72.162601][ T4928]  do_sendfile+0x380/0x650
[   72.162647][ T4928]  __x64_sys_sendfile64+0x105/0x150
[   72.162676][ T4928]  x64_sys_call+0x2bb0/0x2ff0
[   72.162777][ T4928]  do_syscall_64+0xd2/0x200
[   72.162820][ T4928]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   72.162845][ T4928]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   72.162961][ T4928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.162989][ T4928] RIP: 0033:0x7fa39a82eba9
[   72.163081][ T4928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.163099][ T4928] RSP: 002b:00007fa399276038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   72.163121][ T4928] RAX: ffffffffffffffda RBX: 00007fa39aa76090 RCX: 00007fa39a82eba9
[   72.163137][ T4928] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000008
[   72.163151][ T4928] RBP: 00007fa399276090 R08: 0000000000000000 R09: 0000000000000000
[   72.163166][ T4928] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000001
[   72.163180][ T4928] R13: 00007fa39aa76128 R14: 00007fa39aa76090 R15: 00007ffe8baeae58
[   72.163277][ T4928]  </TASK>
[   72.475870][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.516564][ T4948] netlink: 'syz.0.473': attribute type 10 has an invalid length.
[   72.538481][ T4948] team0: Port device dummy0 added
[   72.582127][ T4956] siw: device registration error -23
[   72.582893][ T4954] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   72.599115][ T4959] loop0: detected capacity change from 0 to 512
[   72.605730][ T4954] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   72.616678][ T4956] netlink: 'syz.4.476': attribute type 1 has an invalid length.
[   72.617839][ T4959] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   72.624565][ T4956] netlink: 224 bytes leftover after parsing attributes in process `syz.4.476'.
[   72.640609][ T4945] netlink: 4 bytes leftover after parsing attributes in process `syz.3.472'.
[   72.657143][ T4959] EXT4-fs (loop0): 1 truncate cleaned up
[   72.663419][ T4959] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.720194][ T4959] lo speed is unknown, defaulting to 1000
[   72.743290][ T4963] loop4: detected capacity change from 0 to 164
[   72.769108][ T4963] iso9660: Corrupted directory entry in block 2 of inode 1792
[   72.810794][ T4968] netlink: 36 bytes leftover after parsing attributes in process `syz.0.477'.
[   72.819904][ T4968] netlink: 16 bytes leftover after parsing attributes in process `syz.0.477'.
[   72.828970][ T4968] netlink: 36 bytes leftover after parsing attributes in process `syz.0.477'.
[   72.842252][ T4971] loop3: detected capacity change from 0 to 512
[   72.845514][ T4972] loop2: detected capacity change from 0 to 764
[   72.861680][ T4971] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   72.877434][ T4971] EXT4-fs (loop3): orphan cleanup on readonly fs
[   72.919653][ T4971] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.480: Block bitmap for bg 0 marked uninitialized
[   72.938437][ T4972] Symlink component flag not implemented
[   72.968466][ T4972] Symlink component flag not implemented (129)
[   72.987016][ T4971] EXT4-fs (loop3): Remounting filesystem read-only
[   72.997663][ T4972] rock: directory entry would overflow storage
[   73.003878][ T4972] rock: sig=0x4f50, size=4, remaining=3
[   73.009537][ T4972] iso9660: Corrupted directory entry in block 6 of inode 1792
[   73.023201][ T4971] EXT4-fs (loop3): 1 orphan inode deleted
[   73.029593][ T4971] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   73.088775][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.137341][ T4983] bridge0: port 1(vlan0) entered blocking state
[   73.143693][ T4983] bridge0: port 1(vlan0) entered disabled state
[   73.150095][ T4983] vlan0: entered allmulticast mode
[   73.155292][ T4983] bridge0: entered allmulticast mode
[   73.161846][ T4983] vlan0: left allmulticast mode
[   73.166718][ T4983] bridge0: left allmulticast mode
[   73.247701][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.601356][ T5005] loop3: detected capacity change from 0 to 512
[   73.611056][ T5005] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   73.628429][ T5005] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   73.660717][ T5005] EXT4-fs (loop3): 1 truncate cleaned up
[   73.660956][ T5008] loop1: detected capacity change from 0 to 164
[   73.667017][ T5005] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.690709][ T5008] iso9660: Corrupted directory entry in block 2 of inode 1792
[   73.720218][ T5005] lo speed is unknown, defaulting to 1000
[   73.793932][ T5014] loop4: detected capacity change from 0 to 512
[   73.802753][ T5014] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   73.804653][ T5014] EXT4-fs (loop4): 1 truncate cleaned up
[   73.805006][ T5014] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.822079][ T5014] lo speed is unknown, defaulting to 1000
[   73.828654][ T5016] loop1: detected capacity change from 0 to 512
[   73.842083][ T5016] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   73.905011][ T5016] EXT4-fs (loop1): orphan cleanup on readonly fs
[   73.927305][ T5016] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.497: Block bitmap for bg 0 marked uninitialized
[   73.959573][ T5016] EXT4-fs (loop1): Remounting filesystem read-only
[   73.959675][ T5016] EXT4-fs (loop1): 1 orphan inode deleted
[   73.960096][ T5016] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   73.965095][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.019860][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.279287][ T5045] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   74.279312][ T5045] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   74.348335][ T5052] loop2: detected capacity change from 0 to 512
[   74.378846][ T5052] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   74.391133][ T5052] EXT4-fs (loop2): 1 truncate cleaned up
[   74.393537][ T5052] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.409021][ T5052] lo speed is unknown, defaulting to 1000
[   74.695409][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.706915][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.892267][ T5066] team0: Port device dummy0 removed
[   75.017909][ T5074] loop2: detected capacity change from 0 to 512
[   75.066724][ T5074] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   75.093330][ T5074] EXT4-fs (loop2): 1 truncate cleaned up
[   75.125077][ T5074] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.257012][ T5074] lo speed is unknown, defaulting to 1000
[   75.440250][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.449185][ T5090] loop3: detected capacity change from 0 to 164
[   75.521199][   T29] kauditd_printk_skb: 611 callbacks suppressed
[   75.521219][   T29] audit: type=1326 audit(1757954668.099:3578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   75.597262][   T29] audit: type=1326 audit(1757954668.139:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   75.620707][   T29] audit: type=1326 audit(1757954668.139:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   75.644321][   T29] audit: type=1326 audit(1757954668.149:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   75.667875][   T29] audit: type=1326 audit(1757954668.149:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   75.691382][   T29] audit: type=1326 audit(1757954668.149:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   75.697303][ T5095] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   75.714766][   T29] audit: type=1326 audit(1757954668.149:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   75.745314][   T29] audit: type=1326 audit(1757954668.149:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   75.760218][ T5095] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   75.768713][   T29] audit: type=1326 audit(1757954668.149:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   75.799105][   T29] audit: type=1326 audit(1757954668.149:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39a82eba9 code=0x7ffc0000
[   75.977631][ T5107] bridge0: port 1(vlan2) entered blocking state
[   75.984103][ T5107] bridge0: port 1(vlan2) entered disabled state
[   75.990459][ T5107] vlan2: entered allmulticast mode
[   75.995640][ T5107] bridge0: entered allmulticast mode
[   76.001379][ T5107] vlan2: left allmulticast mode
[   76.006398][ T5107] bridge0: left allmulticast mode
[   76.141892][ T5116] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   76.150958][ T5116] tipc: Disabling bearer <eth:syzkaller0>
[   76.248647][ T5118] loop0: detected capacity change from 0 to 256
[   76.255275][ T5043] loop1: detected capacity change from 0 to 2048
[   76.272692][ T5094] loop2: detected capacity change from 0 to 2048
[   76.282532][ T5118] vfat: Bad value for 'utf8'
[   76.304171][ T5043] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #2: comm syz.1.509: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   76.325775][ T5094] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #2: comm syz.2.525: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   76.326042][ T5043] EXT4-fs (loop1): get root inode failed
[   76.348857][ T5043] EXT4-fs (loop1): mount failed
[   76.357974][ T5094] EXT4-fs (loop2): get root inode failed
[   76.363689][ T5094] EXT4-fs (loop2): mount failed
[   76.374081][ T5118] __nla_validate_parse: 11 callbacks suppressed
[   76.374096][ T5118] netlink: 4 bytes leftover after parsing attributes in process `syz.0.532'.
[   76.581963][ T5131] lo speed is unknown, defaulting to 1000
[   76.609322][ T5133] loop0: detected capacity change from 0 to 164
[   76.992646][ T5148] netlink: 12 bytes leftover after parsing attributes in process `syz.0.540'.
[   77.001645][ T5148] netlink: 12 bytes leftover after parsing attributes in process `syz.0.540'.
[   77.014164][ T5148] bridge0: port 1(vlan2) entered blocking state
[   77.020455][ T5148] bridge0: port 1(vlan2) entered disabled state
[   77.026870][ T5148] vlan2: entered allmulticast mode
[   77.032070][ T5148] bridge0: entered allmulticast mode
[   77.053848][ T5149] netlink: 14 bytes leftover after parsing attributes in process `syz.4.541'.
[   77.071140][ T5148] vlan2: left allmulticast mode
[   77.076054][ T5148] bridge0: left allmulticast mode
[   77.098166][ T5151] loop3: detected capacity change from 0 to 512
[   77.121887][ T5151] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   77.198702][ T5151] EXT4-fs (loop3): orphan cleanup on readonly fs
[   77.238273][ T5151] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.542: Block bitmap for bg 0 marked uninitialized
[   77.299218][ T5151] EXT4-fs (loop3): Remounting filesystem read-only
[   77.311715][ T5151] EXT4-fs (loop3): 1 orphan inode deleted
[   77.329094][ T5151] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   77.403239][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.403339][ T5145] loop4: detected capacity change from 0 to 2048
[   77.451732][ T5145] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #2: comm syz.4.541: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   77.470555][ T5155] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   77.482329][ T5145] EXT4-fs (loop4): get root inode failed
[   77.488095][ T5145] EXT4-fs (loop4): mount failed
[   77.494002][ T5155] tipc: Disabling bearer <eth:syzkaller0>
[   77.602006][ T5155] loop3: detected capacity change from 0 to 256
[   77.610596][ T5155] vfat: Bad value for 'utf8'
[   77.673978][ T5158] netlink: 4 bytes leftover after parsing attributes in process `syz.3.543'.
[   77.683978][ T5160] netlink: 'syz.0.544': attribute type 10 has an invalid length.
[   77.760144][ T5163] loop0: detected capacity change from 0 to 764
[   77.825116][ T5167] lo speed is unknown, defaulting to 1000
[   77.858815][ T5163] Symlink component flag not implemented
[   77.872376][ T5163] Symlink component flag not implemented (129)
[   77.907069][ T5163] rock: directory entry would overflow storage
[   77.913321][ T5163] rock: sig=0x4f50, size=4, remaining=3
[   77.918922][ T5163] iso9660: Corrupted directory entry in block 6 of inode 1792
[   78.073139][ T5183] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   78.080483][ T5183] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   78.088099][ T5175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.549'.
[   78.115464][ T5186] loop0: detected capacity change from 0 to 512
[   78.173096][ T5186] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   78.203199][ T5195] netlink: 12 bytes leftover after parsing attributes in process `syz.1.557'.
[   78.213332][ T5186] EXT4-fs (loop0): orphan cleanup on readonly fs
[   78.238743][ T5186] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.553: Block bitmap for bg 0 marked uninitialized
[   78.342136][ T5186] EXT4-fs (loop0): Remounting filesystem read-only
[   78.371254][ T5203] lo speed is unknown, defaulting to 1000
[   78.377639][ T5186] EXT4-fs (loop0): 1 orphan inode deleted
[   78.387946][ T5186] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   78.420201][ T5206] netlink: 12 bytes leftover after parsing attributes in process `syz.3.560'.
[   78.477910][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.626962][ T5229] netlink: 12 bytes leftover after parsing attributes in process `syz.4.570'.
[   78.654324][ T5232] loop2: detected capacity change from 0 to 764
[   78.662633][ T5232] Symlink component flag not implemented
[   78.668339][ T5232] Symlink component flag not implemented (129)
[   78.674956][ T5233] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   78.682423][ T5233] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   78.692934][ T5232] rock: directory entry would overflow storage
[   78.699124][ T5232] rock: sig=0x4f50, size=4, remaining=3
[   78.704725][ T5232] iso9660: Corrupted directory entry in block 6 of inode 1792
[   78.722154][ T5219] netlink: 4 bytes leftover after parsing attributes in process `syz.0.566'.
[   78.729559][ T5236] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   78.777035][ T5236] tipc: Disabling bearer <eth:syzkaller0>
[   78.785588][ T5242] loop0: detected capacity change from 0 to 512
[   78.793497][ T5242] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   78.807646][ T5242] EXT4-fs (loop0): orphan cleanup on readonly fs
[   78.816787][ T5242] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.575: Block bitmap for bg 0 marked uninitialized
[   78.845134][ T5242] EXT4-fs (loop0): Remounting filesystem read-only
[   78.865567][ T5236] loop4: detected capacity change from 0 to 256
[   78.873143][ T5242] EXT4-fs (loop0): 1 orphan inode deleted
[   78.883131][ T5242] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   78.921944][ T3302] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.926347][ T5236] vfat: Bad value for 'utf8'
[   78.943106][ T5251] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   78.990266][ T5256] loop0: detected capacity change from 0 to 164
[   79.079229][ T5256] iso9660: Corrupted directory entry in block 2 of inode 1792
[   79.207736][ T5239] loop1: detected capacity change from 0 to 2048
[   79.207839][ T5270] FAULT_INJECTION: forcing a failure.
[   79.207839][ T5270] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.227221][ T5270] CPU: 1 UID: 0 PID: 5270 Comm: syz.0.585 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.227352][ T5270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   79.227368][ T5270] Call Trace:
[   79.227375][ T5270]  <TASK>
[   79.227383][ T5270]  __dump_stack+0x1d/0x30
[   79.227406][ T5270]  dump_stack_lvl+0xe8/0x140
[   79.227430][ T5270]  dump_stack+0x15/0x1b
[   79.227450][ T5270]  should_fail_ex+0x265/0x280
[   79.227574][ T5270]  should_fail+0xb/0x20
[   79.227601][ T5270]  should_fail_usercopy+0x1a/0x20
[   79.227665][ T5270]  strncpy_from_user+0x25/0x230
[   79.227706][ T5270]  ? __kmalloc_cache_noprof+0x189/0x320
[   79.227741][ T5270]  __se_sys_memfd_create+0x1ff/0x590
[   79.227804][ T5270]  __x64_sys_memfd_create+0x31/0x40
[   79.227827][ T5270]  x64_sys_call+0x2abe/0x2ff0
[   79.227850][ T5270]  do_syscall_64+0xd2/0x200
[   79.227884][ T5270]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   79.227971][ T5270]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   79.228003][ T5270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.228027][ T5270] RIP: 0033:0x7f1593c4eba9
[   79.228077][ T5270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.228095][ T5270] RSP: 002b:00007f15926aee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   79.228154][ T5270] RAX: ffffffffffffffda RBX: 0000000000000563 RCX: 00007f1593c4eba9
[   79.228166][ T5270] RDX: 00007f15926aeef0 RSI: 0000000000000000 RDI: 00007f1593cd27e8
[   79.228178][ T5270] RBP: 0000200000000640 R08: 00007f15926aebb7 R09: 00007f15926aee40
[   79.228191][ T5270] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000005c0
[   79.228203][ T5270] R13: 00007f15926aeef0 R14: 00007f15926aeeb0 R15: 0000200000000600
[   79.228222][ T5270]  </TASK>
[   79.414572][ T5273] loop4: detected capacity change from 0 to 1024
[   79.422724][ T5239] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #2: comm syz.1.573: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   79.458019][ T5273] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.475825][ T5239] EXT4-fs (loop1): get root inode failed
[   79.481493][ T5239] EXT4-fs (loop1): mount failed
[   79.491485][ T5273] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.641004][ T5284] loop4: detected capacity change from 0 to 512
[   79.645009][ T5286] loop2: detected capacity change from 0 to 164
[   79.660443][ T5286] iso9660: Corrupted directory entry in block 2 of inode 1792
[   79.676730][ T5284] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   79.691018][ T5284] EXT4-fs (loop4): orphan cleanup on readonly fs
[   79.712511][ T5284] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.588: Block bitmap for bg 0 marked uninitialized
[   79.751667][ T5284] EXT4-fs (loop4): Remounting filesystem read-only
[   79.849206][ T5294] loop3: detected capacity change from 0 to 512
[   79.854496][ T5284] EXT4-fs (loop4): 1 orphan inode deleted
[   79.861873][ T5284] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   79.889944][ T5298] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   79.899513][ T5298] tipc: Disabling bearer <eth:syzkaller0>
[   79.909702][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.927965][ T5294] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   79.981962][ T5294] EXT4-fs (loop3): 1 truncate cleaned up
[   79.987926][ T5294] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.007730][ T5298] loop2: detected capacity change from 0 to 256
[   80.029207][ T5298] vfat: Bad value for 'utf8'
[   80.069134][ T5294] lo speed is unknown, defaulting to 1000
[   80.261005][ T5316] FAULT_INJECTION: forcing a failure.
[   80.261005][ T5316] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   80.274396][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz.2.599 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.274428][ T5316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   80.274444][ T5316] Call Trace:
[   80.274450][ T5316]  <TASK>
[   80.274457][ T5316]  __dump_stack+0x1d/0x30
[   80.274483][ T5316]  dump_stack_lvl+0xe8/0x140
[   80.274591][ T5316]  dump_stack+0x15/0x1b
[   80.274608][ T5316]  should_fail_ex+0x265/0x280
[   80.274631][ T5316]  should_fail_alloc_page+0xf2/0x100
[   80.274657][ T5316]  alloc_pages_bulk_noprof+0xef/0x540
[   80.274700][ T5316]  copy_splice_read+0xf3/0x660
[   80.274725][ T5316]  ? __pfx_shmem_file_splice_read+0x10/0x10
[   80.274751][ T5316]  splice_direct_to_actor+0x290/0x680
[   80.274770][ T5316]  ? __pfx_direct_splice_actor+0x10/0x10
[   80.274845][ T5316]  do_splice_direct+0xda/0x150
[   80.274866][ T5316]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   80.274971][ T5316]  do_sendfile+0x380/0x650
[   80.275004][ T5316]  __x64_sys_sendfile64+0x105/0x150
[   80.275031][ T5316]  x64_sys_call+0x2bb0/0x2ff0
[   80.275053][ T5316]  do_syscall_64+0xd2/0x200
[   80.275119][ T5316]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   80.275142][ T5316]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   80.275242][ T5316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.275267][ T5316] RIP: 0033:0x7fa39a82eba9
[   80.275304][ T5316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.275325][ T5316] RSP: 002b:00007fa399297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   80.275346][ T5316] RAX: ffffffffffffffda RBX: 00007fa39aa75fa0 RCX: 00007fa39a82eba9
[   80.275357][ T5316] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006
[   80.275439][ T5316] RBP: 00007fa399297090 R08: 0000000000000000 R09: 0000000000000000
[   80.275453][ T5316] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000001
[   80.275467][ T5316] R13: 00007fa39aa76038 R14: 00007fa39aa75fa0 R15: 00007ffe8baeae58
[   80.275487][ T5316]  </TASK>
[   80.539353][ T5318] loop2: detected capacity change from 0 to 164
[   80.551763][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.619466][ T5318] iso9660: Corrupted directory entry in block 2 of inode 1792
[   80.662917][   T29] kauditd_printk_skb: 674 callbacks suppressed
[   80.662932][   T29] audit: type=1326 audit(1757954673.249:4262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5323 comm="syz.4.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   80.745915][   T29] audit: type=1326 audit(1757954673.279:4263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5323 comm="syz.4.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   80.769429][   T29] audit: type=1326 audit(1757954673.279:4264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5323 comm="syz.4.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   80.792556][ T5334] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   80.793021][   T29] audit: type=1326 audit(1757954673.279:4265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5323 comm="syz.4.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   80.822884][   T29] audit: type=1326 audit(1757954673.279:4266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5323 comm="syz.4.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   80.846319][   T29] audit: type=1326 audit(1757954673.279:4267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5323 comm="syz.4.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   80.869727][   T29] audit: type=1326 audit(1757954673.279:4268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5323 comm="syz.4.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   80.893369][   T29] audit: type=1326 audit(1757954673.279:4269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5323 comm="syz.4.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   80.916890][   T29] audit: type=1326 audit(1757954673.279:4270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5323 comm="syz.4.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   80.940492][   T29] audit: type=1326 audit(1757954673.279:4271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5323 comm="syz.4.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d388eba9 code=0x7ffc0000
[   80.953506][ T5336] loop4: detected capacity change from 0 to 1024
[   80.983460][ T5338] loop2: detected capacity change from 0 to 256
[   81.018903][ T5336] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   81.034427][ T5338] vfat: Bad value for 'utf8'
[   81.054951][ T5247] syz.1.573 (5247) used greatest stack depth: 6184 bytes left
[   81.087770][ T5334] tipc: Disabling bearer <eth:syzkaller0>
[   81.094146][ T5336] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.607: Invalid block bitmap block 0 in block_group 0
[   81.130675][ T5336] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.607: Failed to acquire dquot type 0
[   81.143398][ T5336] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.607: Freeing blocks not in datazone - block = 0, count = 4096
[   81.159145][ T5336] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.607: Invalid inode bitmap blk 0 in block_group 0
[   81.172684][ T4587] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:58: Failed to release dquot type 0
[   81.208421][ T5336] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   81.218858][ T5336] EXT4-fs (loop4): 1 orphan inode deleted
[   81.271460][ T5336] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.344135][ T5360] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   81.351709][ T5360] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   81.422614][ T5363] ������: renamed from vlan1 (while UP)
[   81.709280][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.824943][ T5386] netlink: 'syz.4.622': attribute type 1 has an invalid length.
[   81.832678][ T5386] __nla_validate_parse: 5 callbacks suppressed
[   81.832690][ T5386] netlink: 224 bytes leftover after parsing attributes in process `syz.4.622'.
[   81.915887][ T5390] loop4: detected capacity change from 0 to 512
[   81.935818][ T5390] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   81.963247][ T5388] loop0: detected capacity change from 0 to 2048
[   81.972602][ T5390] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   81.980354][ T5388] ext4: Unknown parameter 'posixacl'
[   82.060983][ T5390] EXT4-fs (loop4): 1 truncate cleaned up
[   82.089653][ T5390] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.192207][ T5390] lo speed is unknown, defaulting to 1000
[   82.343838][ T5401] lo speed is unknown, defaulting to 1000
[   82.359688][ T5403] netlink: 12 bytes leftover after parsing attributes in process `syz.1.627'.
[   82.770577][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.834873][ T5418] loop1: detected capacity change from 0 to 1024
[   82.898093][ T5418] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   82.934504][ T5418] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.633: Invalid block bitmap block 0 in block_group 0
[   82.968458][ T5418] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.633: Failed to acquire dquot type 0
[   83.020117][ T5418] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.633: Freeing blocks not in datazone - block = 0, count = 4096
[   83.053009][ T5378] loop2: detected capacity change from 0 to 2048
[   83.072253][ T5418] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.633: Invalid inode bitmap blk 0 in block_group 0
[   83.095150][ T4577] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:50: Failed to release dquot type 0
[   83.108052][ T5378] ext4: Unknown parameter 'posixacl'
[   83.132192][ T5418] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   83.161172][ T5418] EXT4-fs (loop1): 1 orphan inode deleted
[   83.181396][ T5418] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.211918][ T5378] loop9: detected capacity change from 0 to 7
[   83.223551][ T5378] buffer_io_error: 6 callbacks suppressed
[   83.223566][ T5378] Buffer I/O error on dev loop9, logical block 0, async page read
[   83.294088][ T5378] Buffer I/O error on dev loop9, logical block 0, async page read
[   83.302028][ T5378]  loop9: unable to read partition table
[   83.350905][ T5378] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   83.350905][ T5378] 
) failed (rc=-5)
[   83.366619][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   83.399962][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   83.411973][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   83.430473][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   83.448907][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[   83.656432][ T5428] loop4: detected capacity change from 0 to 256
[   83.668964][ T5428] vfat: Bad value for 'utf8'
[   83.680952][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.880159][ T3296] ==================================================================
[   83.888314][ T3296] BUG: KCSAN: data-race in fill_mg_cmtime / shmem_unlink
[   83.895393][ T3296] 
[   83.897747][ T3296] write to 0xffff8881040aef74 of 4 bytes by task 3289 on cpu 1:
[   83.905389][ T3296]  shmem_unlink+0x13c/0x170
[   83.909912][ T3296]  shmem_rename2+0x1a1/0x290
[   83.914516][ T3296]  vfs_rename+0x7f3/0xa40
[   83.918854][ T3296]  do_renameat2+0x557/0xa10
[   83.923366][ T3296]  __x64_sys_rename+0x58/0x70
[   83.928078][ T3296]  x64_sys_call+0x1f9/0x2ff0
[   83.932679][ T3296]  do_syscall_64+0xd2/0x200
[   83.937201][ T3296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.943113][ T3296] 
[   83.945442][ T3296] read to 0xffff8881040aef74 of 4 bytes by task 3296 on cpu 0:
[   83.952981][ T3296]  fill_mg_cmtime+0x5b/0x260
[   83.957584][ T3296]  generic_fillattr+0x24a/0x340
[   83.962452][ T3296]  shmem_getattr+0x181/0x200
[   83.967042][ T3296]  vfs_getattr_nosec+0x143/0x1e0
[   83.971995][ T3296]  vfs_statx+0x113/0x390
[   83.976255][ T3296]  vfs_fstatat+0x115/0x170
[   83.980687][ T3296]  __se_sys_newfstatat+0x55/0x260
[   83.985731][ T3296]  __x64_sys_newfstatat+0x55/0x70
[   83.990769][ T3296]  x64_sys_call+0x135a/0x2ff0
[   83.995452][ T3296]  do_syscall_64+0xd2/0x200
[   83.999987][ T3296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.005889][ T3296] 
[   84.008212][ T3296] value changed: 0x1b6ad528 -> 0x1c245ebd
[   84.013934][ T3296] 
[   84.016254][ T3296] Reported by Kernel Concurrency Sanitizer on:
[   84.022410][ T3296] CPU: 0 UID: 0 PID: 3296 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[   84.031781][ T3296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   84.041852][ T3296] ==================================================================
[   84.309308][ T5447] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   84.437627][ T5450] loop4: detected capacity change from 0 to 256
[   84.477240][ T5450] vfat: Bad value for 'utf8'
[   84.506019][ T5447] netlink: 4 bytes leftover after parsing attributes in process `syz.4.640'.
[   84.516487][ T5446] tipc: Disabling bearer <eth:syzkaller0>